• PFSense as firewall for Cloud hosting provider (500 VMs)

    Locked
    2
    0 Votes
    2 Posts
    1k Views
    C

    That type of deployment is amongst the most common we do. We've done in excess of 100 datacenter setups similar to that for customers, and there are probably thousands of others out there that we've had no involvement in.

  • Bing.com

    Locked
    2
    0 Votes
    2 Posts
    986 Views
    C

    It's a feature, we're not fans of Microsoft.  ;D

    No seriously, sounds like it's not a firewall-related issue. You're getting to some web server since you're getting a 404, and unless you put in an override in the DNS forwarder, it's sending you to whatever IP your configured DNS servers are responding with. What IP does bing.com resolve to?

  • Some clients getting IP from strange source..

    Locked
    17
    0 Votes
    17 Posts
    5k Views
    pttP

    i'll give that a shot.. what exactly does that do?

    "If" i'm not wrong (i'm not a networking expert)

    DHCP server "BOOTPS" have as src port 67, then if you block ANY (0.0.0.0/0) traffic coming from your Clients to the WLAN interface of your AP,  from port 67, then you are Blocking ANY external DHCP server.

    About MikroTik, i can't help you. We are only using it as "Access Concentrator" (fancy name for a PPPoE server) and giving our customers "Static IPs", so i have no experience with MT and DHCP server / DHCP Relay  :-[

    Also we are planning to take out the MikroTik PPPoE Server from our network (due the fact that Ubiquiti cant do QoS on encrypted traffic) and use Static IPs on the CPEs (in Router mode), and connect our APs (in Bridge mode) directly to the  pfSense server.

  • HELPPPP

    Locked
    15
    0 Votes
    15 Posts
    3k Views
    L

    @marcelloc:

    @luke240778:

    Can you possibly tell me first how i can using vi edit the config.xml so i cna change the WAN and LAN ips on the box before i do the upgrade via shell?

    use viconfig to edit config.xml on console/ssh.

    Just in case, create a backup file before edit: cp /conf/config.xml /root/backup_before_upgrade.xml

    Thanks for your reply, but that part i have already done, but it still has no network connectivity at all, can't ping anything.. so i am still stuck at how to get hte upgrade image onto it to try the upgrade

  • Tftp-proxy between two subnets - reply blocked

    Locked
    4
    0 Votes
    4 Posts
    5k Views
    T

    Each interface filter set ends with an explicit Block & Log rule, in my case. Apparently the tftp-proxy anchor is inserted after the user rules in the interface filter set. Thus, the block & log rule is hit prior to the pass rule for the tftp-proxy traffic. Eliminating the block and & log rule allows the traffic to pass the tftp-proxy rules but at the expense of not being able to log the blocked traffic on the interface.

    I'm not real comfortable with this and will look for some clarification from the developers to understand if this is by design or if its appropriate to issue a bug report.

  • Curiosity in pftop output

    Locked
    8
    0 Votes
    8 Posts
    8k Views
    stephenw10S

    Filtering appears to have been added in V0.7, the most recent version.

    Steve

  • Network interface mismatch – Running interface assignment option

    Locked
    3
    0 Votes
    3 Posts
    5k Views
    S

    @databeestje:

    Can you submit patches?

    No. Collaborative software development always seemed like rocket-science to me. If someone else figures out how to integrate this into mainline, it would be nice.

  • Do I need to worry about sudden power loss with embedded installs?

    Locked
    2
    0 Votes
    2 Posts
    974 Views
    C

    No. /var is a RAM disk.

  • 2.0-RELEASE serial console problem

    Locked
    6
    0 Votes
    6 Posts
    2k Views
    Y

    Feedback.

    I use vmware serial + named pipe proxy to test pfsense serial support.

    The problem I met is that telnet client in windows automatically send newline character resulting `read' command feeds nothing, so is the Putty client.

    Finally by turning off 'return key send telnet new line instead of ^M' option in putty, it solved my problem. Hope this will help others meet the same problem.

  • PfSense HDD as file server

    Locked
    7
    0 Votes
    7 Posts
    12k Views
    T

    Thx for the suggestions, but I will not do something that will compromise even a little bit of security.  We're here to make rock-solid firewalls, and that's all that matters  ;)

    I swapped the 250GB for an 80GB I had lying around.  So I don't care about the extra space anymore.  I can always hook up the 250GB in my server comp and access it from there…much safer ;)

  • VLAN question (routing and NetBoot)

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    C

    Thank you all. I will post a diagram soon.

    I have only VLANs in this NIC (tagged traffic)

    Best

    Kostas

  • Command line Interface

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    ?

    Thank you stephenw10
    PHP shell is very powerfull!

  • PfSense source code

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    B

    thanks

  • Pfsense documentation wiki license

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    S

    Thanks for the quick reply. :) it helps me.

  • Multiple Subnet problems

    Locked
    4
    0 Votes
    4 Posts
    1k Views
    P

    You need 3 things to make this work.

    Route to each different subnet.
    Rule in LAN to allow such traffic.
    Outbound NAT rule to allow the traffic to return.

    I think if you get those setup, you won't have any problems. I think I wouls also turn on the advanced option to bypass firewall rule if the traffic is on the same interface.

  • FreeBSD/i386 message after bootup completed

    Locked
    3
    0 Votes
    3 Posts
    1k Views
    ?

    Thank you very much jimp  :)

  • Inconsistent WAN Speeds with pfSense

    Locked
    7
    0 Votes
    7 Posts
    3k Views
    stephenw10S

    I have personally found BT Infinity to be wildly varying in throughput.
    I have the old 40/2 service but get anywhere from the expected 36-37Mbps at 2 AM to 15-16Mbps at 6 PM.
    Try it late at night.
    Try using the Windows PPPoE client directly (or whatever OS you are running).

    Steve

  • LDAP (Windows AD) Auth

    Locked
    4
    0 Votes
    4 Posts
    2k Views
    J

    If I can get this working with a password I will post how to do this, as username only is not good security.

  • 0 Votes
    1 Posts
    1k Views
    No one has replied
  • Local interface lo0 managed in gui????

    Locked
    1
    0 Votes
    1 Posts
    784 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.