2.0-RC Snapshot Feedback and Problems - RETIRED

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

W

System Crash when Enable OPT1

• Dec 30, 2009, 1:10 AM • wick0704 Jan 11, 2010, 1:13 AM

10

0
Votes

10
Posts

3.5k
Views

? Jan 11, 2010, 1:13 AM

I'm sorry but I think I'm a little far from you, I'm in Chile, so could be to expensive for me to send a card to you.

I tried now with a Linksys PCI WiFi card, and it works, I set up it in AP mode, but it doesnt work as AP, its visible, I can conect to it, it provides IP via DHCP, but no routing and is not possible to connect to PFsense BOX by this interface, this is the configuration:
<opt1><descr>WiFi</descr>
<if>ral0</if> <wireless><standard>11g</standard>
<mode>hostap</mode>
<protmode>off</protmode>
<ssid>PF</ssid>
<channel>1</channel>
<authmode><txpower>99</txpower>
<distance>- <wpa><macaddr_acl><auth_algs>1</auth_algs>
<wpa_mode>2</wpa_mode>
<wpa_key_mgmt>WPA-PSK</wpa_key_mgmt>
<wpa_pairwise>CCMP TKIP</wpa_pairwise>
<wpa_group_rekey>60</wpa_group_rekey>
<wpa_gmk_rekey>3600</wpa_gmk_rekey>
<passphrase>12345678</passphrase>
<ext_wpa_sw><enable></enable></ext_wpa_sw></macaddr_acl></wpa></distance></authmode></wireless>
<enable><spoofmac><ipaddr>172.27.101.1</ipaddr>
<subnet>24</subnet></spoofmac></enable></opt1>
Regards
Alfredo
J

Igmp proxy delete entries bug?

• Jan 6, 2010, 7:30 PM • jlepthien Jan 11, 2010, 1:02 AM

6

0
Votes

6
Posts

2.0k
Views

C Jan 11, 2010, 1:02 AM

@jlepthien:

Can I also open up tickets when I find a bug? Or is it better if I post in the forum first to confirm it and wait for someone to open a ticket?

For something this blatant, it's fine to open a ticket yourself. For issues that are not well defined (i.e. not "Do X, Y, Z and you get ABC error"), post here first.
S

DynDNS and CURL troubles

• Jan 10, 2010, 5:01 PM • shmuu Jan 10, 2010, 9:04 PM

5

0
Votes

5
Posts

2.3k
Views

E Jan 10, 2010, 9:04 PM

Should be fixed in newer snaps.
W

Time schedule down

• Jun 26, 2009, 4:10 AM • whitediode Jan 10, 2010, 8:15 AM

5

0
Votes

5
Posts

1.9k
Views

W Jan 10, 2010, 8:15 AM

Sorry for being sooooooooo late …
it's workink since july..
many thanks
_

Ssh lockout please help!!!!

• Oct 27, 2009, 4:14 PM • _igor_ Jan 10, 2010, 7:00 AM

5

0
Votes

5
Posts

9.1k
Views

W Jan 10, 2010, 7:00 AM

you can unlock the ssh lockout by typing
#pfctl -t sshlockout -T flush
from the webgui command page
E

AMD-64 Build 0718 Won't ReBoot on ESXi

• Jan 7, 2010, 4:32 PM • EddieA Jan 10, 2010, 6:49 AM

7

0
Votes

7
Posts

3.4k
Views

E Jan 10, 2010, 6:49 AM

@EddieA:

With option 2, Disable acpi, I get EXACTLY the same results as trying to boot pfSense.

So, booting with acpi disabled, it looks like even a "vanilla" FreeBSD can't cope.

Agreed, that one should be pursued with FreeBSD.

@EddieA:

But, with the Default, option 1, it boots into the OS cleanly.

But, for a normal boot, it looks like something in the tailoring, for pfSense, is the issue.

I think this one belongs to pfSense.

Cheers.
J

Trouble after installing packages

• Jan 8, 2010, 9:06 PM • jlepthien Jan 10, 2010, 6:43 AM

3

0
Votes

3
Posts

1.5k
Views

C Jan 10, 2010, 6:43 AM

All but one of the packages need to be updated, I wouldn't expect any of them to work at this point other than OpenVPN Client Export.
S

OpenVPN issue(s)

• Jan 10, 2010, 2:59 AM • saruman Jan 10, 2010, 2:59 AM

1

0
Votes

1
Posts

1.2k
Views

No one has replied
T

CARP on 2.0

• Jan 8, 2010, 2:49 PM • thermionic Jan 9, 2010, 2:23 AM

3

0
Votes

3
Posts

1.5k
Views

J Jan 9, 2010, 2:23 AM

What specifically are you trying to do?

CARP IPs are added under Firewall > Virtual IPs as always

And on that same page there is a CARP Settings tab, just like on 1.2.x

There is also Status > CARP as before
_

IPSEC on pfsense 2.0 error

• Jan 5, 2010, 12:21 AM • _igor_ Jan 8, 2010, 10:08 PM

6

0
Votes

6
Posts

5.8k
Views

R Jan 8, 2010, 10:08 PM

I was absolutely sure the keys were identical, but I had to pull one of the 2.0 boxes due to flakiness at our office and go back to an SG there for the time being.
R

Make setting up IPSec site to site VPN's easier

• Jan 8, 2010, 11:52 AM • rugby Jan 8, 2010, 8:26 PM

11

0
Votes

11
Posts

5.2k
Views

R Jan 8, 2010, 8:26 PM

@jlepthien:

If you have a good understanding of IPSec then you will get the tunnels up and running. We have connected our WatchGuards to almost every kind of other firewall system with success. Sometimes it needs some "tuning" but most of the time all "enterprise" products have the same settings so it is not a big deal…

Sometimes it's just the terminology between endpoint identifier types.
T

When changing interface IP from local CLI

• Jan 8, 2010, 5:46 PM • thermionic Jan 8, 2010, 5:46 PM

1

0
Votes

1
Posts

964
Views

No one has replied
F

Interface with DHCP - purpose of "Alias IP Address" field?

• Jan 6, 2010, 9:25 PM • Fr3d Jan 7, 2010, 6:31 PM

11

0
Votes

11
Posts

12.0k
Views

F Jan 7, 2010, 6:31 PM

Yes, thanks for the info Fr3d! Learn something new every day. Who knows, maybe that will come in useful for me someday!
K

Is the OpenVPN: Client Export Utility supposed to work?

• Jan 3, 2010, 6:48 PM • kronos0815 Jan 7, 2010, 2:58 PM

10

0
Votes

10
Posts

6.5k
Views

F Jan 7, 2010, 2:58 PM

I think so. I created a new internal CA and then created a certificate using that CA. Then in the OpenVPN configuration, I have that CA and certificate selected. I also generated a cert for my user using that CA.
R

4 IP phones behind PFSense, only 1 can connect to PBX

• Jan 4, 2010, 3:36 PM • rugby Jan 7, 2010, 2:21 PM

6

0
Votes

6
Posts

3.5k
Views

R Jan 7, 2010, 2:21 PM

Simply installing and enabling siproxd did not fix the issue. I had to turn off the static port map for port 5060 and everything works now.

Firewall->NAT->Manual Outbound NAT rule generation and then click on the rule for port 5060 and uncheck Static Port.
F

Move the ~300KB of in-line JavaScript to static .js files?

• Jan 7, 2010, 1:17 AM • Fr3d Jan 7, 2010, 1:17 AM

1

0
Votes

1
Posts

1.5k
Views

No one has replied
P

Newbe trying to install beta 2 to wrap - but failing…

• Jan 5, 2010, 4:52 PM • pulsar Jan 6, 2010, 9:35 PM

3

0
Votes

3
Posts

1.4k
Views

P Jan 6, 2010, 9:35 PM

I'll try to edit it with PC-BSD.
;)
C

L7 not functional

• Dec 9, 2009, 2:56 PM • carpa Jan 6, 2010, 8:50 PM

7

0
Votes

7
Posts

4.7k
Views

T Jan 6, 2010, 8:50 PM

@carpa:

update :

running version pfSense-2.0-ALPHA-2g-20091213-1725-nanobsd-upgrade now

just tested again, and can now give more specific details about the L7-block issue :

-blocking a L7 protocol works, until the firewall blocks a not by the L7 matched traffic (which it shouldn't , like established http traffic as shown in the first post)
-when this happens, one can establish a connection with the blocked L7 protocol.

I've stumbled with this same issue also for a long time. Is this problem already fixed?

BR,

Tommi
R

Where is fwall->rules->edit->ADVANCED?

• Dec 15, 2009, 8:29 AM • RagnaBaby Jan 6, 2010, 7:27 PM

5

0
Votes

5
Posts

2.1k
Views

T Jan 6, 2010, 7:27 PM

@RagnaBaby:

Simultaneous client connection limit Maximum state entries per host Maximum new connections / per second State Timeout in seconds

Hello,

Got interested in using these. What kind on values would you recommend for 15/2 Mbps connection with ~ 50 users?

BR,

Tommi
_

Missing Restore/Backup-functions

• Jan 5, 2010, 12:26 PM • _igor_ Jan 6, 2010, 6:16 PM

4

0
Votes

4
Posts

1.5k
Views

C Jan 6, 2010, 6:16 PM

Because it hasn't been added. It won't be for 2.0.

171 / 206