• Do I need to bridge LAN and WAN, or does NAT do that?

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    P

    What exactly does bridging do?

    if you set it to "bridge" it basically creates a Layer 2(data link) type connection. however, i know you can create filtered bridges also… (someone please correct me if i am wrong here...)  i've always thought of bridges as switches with fewer ports or in your case, one port.

    Does it just allow two interfaces to see each other?

    it allows them to act as if they are connected to the same switch.

    For example, without bridging my laptop (wireless) and desktop (LAN) couldn't ping each other.  However, with it enabled then they could?

    makes sense… you either needed firewall rules or you had a routing issue. prolly firewall...

    Also, I had to enable a bridge between Wireless and LAN so that my wireless could use the LAN DHCP server.  I guess that makes sense but is that a common way to set it up?

    if i understand you correctly, it sounds like you have a wireless access point or router connected to an interface on your pfsense firewall. personally i would not set it up that way. (assuming this SOHO WAP)for security reasons, disable bridge, keep the wireless access point on a seperate interface (i think this is how you have it now), disable the dhcp server on your WAP, set a static IP for the LAN on your WAP, then move your ethernet cord so that it's on a switch port and not the WAN port.  this way your WAP should act like a switch with wireless enabled. then set dhcp server on your firewall accordingly and your wireless hosts should pick up the dhcp from pfsense.  be careful the order at which you do this or you'll lock yourself out of your WAP.  set the LAN static IP first. then disable the dhcp server on the wap.

    once you have that all working and have enabled dhcp on pfsense for your WAP then configure firewall rules accordingly to permit access into your LAN. if your only using the subnets which reside on the pfsense interfaces then you shouldn't have to mess with NAT either..

    hope this helps…

  • Possible to disable the PC speaker?

    Locked
    3
    0 Votes
    3 Posts
    5k Views
    R

    Great! Thanks, brah.  :)

  • Please help a noob

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    Cry HavokC

    Captive Portal

    You'll find a forum on the subject further down.

  • PFTPX client reset connection

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    I

    Weird! seems to be symantec endpoint protection talking to a bunch of FTP sites… 69.22.137.48 is what i gather to be a symantec ip. Very strange as we are all locally managed for symantec updates.

  • Logging all data on an interface to a syslog server

    Locked
    6
    0 Votes
    6 Posts
    4k Views
    C

    Thanks for the help.  I appreciate it.

  • Uploads causes ADSL PPPOE problems - Wrap board

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    jimpJ

    You might try to enable the traffic shaper, and set your upload bandwidth to something slightly less than your DSL sync speed (You can lost up to 13% due to various overheads). You can also try adjusting your ACK queues and such until it works better.

    I'm using PPPoE on an ALIX and uploaded a bunch of files to one of my websites last night and it went at full speed without any issues. I have a WRAP for testing but I haven't tried it as my actual home router yet. I've got them both running 1.2.3-RC3 images though, not 1.2.2.

  • Disk logs

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    jimpJ

    The logs are stored in a binary circular log format, and are found in /var/log

    You can view them (and search some of them) via the GUI under Status > System Logs

    The logs are reset at boot time, or when you manually clear them.

    You can set how many lines are displayed in the GUI, but there is no easy way to control exactly how large each log file can be (it's hardcoded in the source, this should be fixed in 2.0 eventually)

  • Remote Desktop / VPN - Drops Connection Reconnect

    Locked
    3
    0 Votes
    3 Posts
    4k Views
    Cry HavokC

    Rather than posting to a months old thread, how about starting a fresh one in the correct sub-forum for the VPN you're trying to use (IPsec, PPTP or OpenVPN).

  • Hotspot users

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    Cry HavokC

    Take a look at posts in the Captive Portal forum.  The answer will depend significantly on the version of pfSense, the nature of the traffic and what you mean by "very good server" (since your definition won't be anything like mine, which probably won't be anything like other's).

  • MOVED: How to setup: Pfsense + Squid Proxy + SquidGuard + Failover

    Locked
    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Acpi tz0 ; TMP value is absurd

    Locked
    6
    0 Votes
    6 Posts
    13k Views
    C

    @noi:

    how to fix this problem…
    "acpi_tz0: _TMP value is absurd, ignored (-247.7C)"

    This is caused by a BIOS bug, best fix is to get the BIOS fixed. If you have a board from Hacom, some of those exhibited this problem, but there is a BIOS update available that fixes it.

  • Pfsense blocks simultaneous access to VPN (PPTP)

    Locked
    6
    0 Votes
    6 Posts
    5k Views
    E

    @luiscloss:

    It will work.

    I wish I had the same level of confidence… ;D

  • Rebooting pfsense remotely Dial In

    Locked
    18
    0 Votes
    18 Posts
    10k Views
    H

    wow working like a charm now

    really apreciated your help

    thanks a alot

    hadi57

  • How do I get back the default dns server

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    ?

    @wallabybob:

    If by "default DNS" you mean the DNS your ISP assigns then the most effective way (assuming your WAN link gets an IP address by DHCP) is to check the box.

    If your WAN link doesn't get its IP address by DHCP and you want your ISP's DNS server then contact the ISP to get the DNS servers address(es) (may be in ISP configuration help page) and then specify the DNS server(s) by System -> General Setup DNS Servers.

    If you are asking how to set this when you only have WAN access to pfSense and can't ssh in, then sorry, I don't know.

    You haven't specified if you want LAN systems to use the pfSense DNS forwarder (I presume you do) or you want the "default" DNS to be propagated to the LAN clients.

    Yeah default dns I mean the one my ISP assigns. And yes I use the DNS forwarder. And yeah I only have lan access to the web gui.

  • Default gateway for on Lan interface?

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    J

    @Cry:

    You can only have a single default gateway, and that's always going to be on your external interface.  What you want to do is to configure static routes to your internal networks.

    k - what i ended up doing was giving the wan interface an ip and set the gateway on that to the one i wanted to set lan interface to.

  • Getting onto Pfsense from WAN side

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    dotdashD

    If you mean access to the web interface, it's been covered (lots) before, but…
    Add a firewall rule destination WAN address port 443 (you have switched to https, right?)
    Better still is to limit the source to an alias containing all the ips/networks you connect from.

  • Short connection lost - randomly for ~15 sec

    Locked
    9
    0 Votes
    9 Posts
    3k Views
    jimpJ

    @kamil.maciejewski:

    Yes, I know this all, but the problem is, that this is a production area, it needs to work all the time and, what's even worse - I'm only part time working in this company, so i need to be able to change the settings remote. I'll separate the networks when it will work without any problems. For now I can only create new subnet and start moving IP's there. If it only fix the network lost problem

    I'm not quite sure you get it: What you are doing is wrong and will not work properly. Nothing anyone can tell you will make it work properly other than correctly wiring the network to separate switches.

    Edit: Locked thread.

  • Rikas

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    P

    wrong forum.

  • Strange behaviour with smtp

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    G

    Hello,
    Yes, the system is pfsense 1.2.2
    the rule for smtp was added to the wan interface (em1).
    pfctl -vvs rules reports this

    @62 block drop in log quick on em1 from bogons:50to any label "block bogon networks from wan"                    
     [ Evaluations: 369980    Packets: 557       Bytes: 27864       States: 0     ]                                    
     [ Inserted: uid 0 pid 48699 ]

    running /etc/rc.update_bogons.sh seems to solve the issue (outdated bogons definitions)

    thanks

    giuliano</bogons:50>

  • Pfsense on Talktalk, anyone else done it?

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    S

    Sorted my problem, had to set MTU to 1400!

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.