Try to include on squid custom options

http_access allow all

jimp,

Thanks for the explanation!

In that form I will include the link you provided. As far as background music I created that using GarageBand. We'll see how it goes.

@jimp:

Not sure it would matter for pfSense since it's an Open Source project and you're just showing screenshots of it. The code is BSD licensed and it's not like it's a secret or there's an NDA or anything. There are no provisions in the license to prevent the commercial use of the software.

If they insist, just point them at our license:
http://www.pfsense.org/index.php?option=com_content&task=view&id=42&Itemid=62

The only time you might have an issue is if you're claiming to "be" pfSense but that doesn't appear to be the case here.

I'd say they're more worried about your background music than the software you're showing.

oops. make a booboo. will return shortly

@luke240778:

Thanks again. I have found the CLient Isolation on the Ubiquiti AP's but not on the Ruckus AP's yet. Will take a look at their Manuals when i arrive in the office tomorrow.  Hopefully it will work.  I am hopefully getting a managed switch soon so maybe in the end i can do it all on there.. ?

If the customers connect directly to your WLAN AP then you must configure that on the AP. The switch behind the AP does not really help because all clients connected to the same WLAN AP will continue to talk to each other.

Example:
customer–----
customer ------ AP -----
customer------/
Isolation on AP needed do block connection between clients.

customer------
customer ------ AP1--------
customer------/               
                                        Switch
customer------\                  /
customer ------ AP2 --------/
customer------/

If isolation can only be done on the switch than there is no communication possible between customers on AP1 and customers on AP2 but the customers on the same AP can still communicate.

Luke,

Configure you access point in route mode without nat, this way you will have all clients ip on your dhcp /radius/firewall.

But on any setup(bridge/route/route+nat), your clients can setup an access point with cloned mac address from configured machine and share their connections.

Have anybody will do network exchenge?  :)

None If your WAN have a public IP

This is only usefull if your WAN have a "Private" IP (RFC1918)

He's just replying without reading that you have solved the problem.

Maybe you can Edit the Thread Title and add [SOLVED] to it.

No requests were denied nor are any of the pools close to the maximum value so it looks as if the problem wasn't one of running out of a kernel network resource.

Yes, That sounds correct. Just don't forget the firewall rules. The destination is not the external IP, but the internal IP (10.0.0.22).

@Metu69salemi:

Two tasks to comply  ;)
1. Goto Firewall:Schedules
1.1 Create ones as you need
2. Goto Firewall:Rules
2.1 Apply schedule on rules what you want(search below 'normal' view)

Hint: I'd use block all on top of the list and schedule it to go online during that night time, then you don't have to modify every single rule on the list

Thank you Metu69salemi. I used your suggestion and achieved.

Regards,
SGTR

thank you very much !

Update- was able to get everything working after several more hours of trial an error.  Initially I thought it was perhaps something tied to DHCP options but that does't appear to be the case.

Regardless, all is well now and the Uverse STBs are working fine behind PFSense =)

this is literally becoming a nightmare.

i've searched up and down and cant figure this out …

all i want to do is:

give my captive portal users items from the cache at full speed. get squid to cache as much as possible.

can anyone help? please? (my config for squid is above)

Yeh it's a simple WAN/LAN config. But my problem got solved this morning. MediaMonkey updated itself when i opened it to check what it said in the firewall logs. Oddly enough the new version uses the same configs for auto-tagging as the previous version, but it works. Oh well. Thanks anyway.

i do have squid installed but the traffic was towards outside (upload) not inside, i want to spend sometimes checking wireless devices, disconnect them one by one, maybe its noise or data collision

Dude, this gotta get you trouble  ;D

Basicaly, I guess the way to do so is setting up one "Times" rule that the Admin can set up the period of time for that especificaly IP. And that time must be bind with the target category (so you can grant access only to some websites that the IP is allowed).

Hope it helps  :D

I have several blocks of IP's from several providers (3 separate up-links) and was wondering what most people do. My routers use 3 with CARP, and I use PPPOE for one client and have used 1:1 NAT.

It just seemed that If I bridge to a DMZ interface, I could Traffic Shape and use firewall rules per IP.  Since PPPOE and DMZ both require the client to be on the same "LAN" (VLAN) then I see bridged as "easier", no PPPOE to configure.

If so inclined, I would contact Netgate for a problematic unit. They have had more than a few returns concerning this issue of the Celeron unit. The atom unit has now been up for 4 months with the exact same configuration without crashing. I stressed the old unit, ran memtest for a day, maxed out traffic on all the ports, I couldn't get it to choke. It was random after 2-4 weeks. The replacement unit actually crashed 5 times in the same day.

O think it just means that you have no files on /tmp to be removed.