I just committed that fix. Thanks!

Exactly - I'm just a fussy f$&ker and I just want pfsense to be perfect  ;)

AhhhHaaaa!!!!

Right . . . My ISP uses 10.6.6.6 as the gateway and assigns me a 10.x.x.x address. Therefore, I have to uncheck the little box that says "Bock private networks" on the WAN configuration page.

Okay, now I'm successfully routing from LAN to WAN where WAN is a PPP over a GPRS/EDGE USB modem (actually, a Nokia Xpress Music 5310 phone.

Now, if I can just get BSD to stop deleting my default route . . . maybe that fixed itself too. We'll see . . .

GNB

Hi
fixed with 11-Apr

Wanted to close the loop on this one …
Did a fresh install on both ends and used my hand-coded confs (above) and it worked!

presumably there was something sticking around from the 1.2.x upgrade to 2.0 ...

These confs work but the ones produced from the GUI do not.

It's been observed since 20090405-2210.tgz, so stay away from the daily build for a while and back to 20090403-2246.tgz at least to get your pppoe back to normal.

cheers,

@ermal:

1. can be accomplished with the chat script and since it is service provider dependent will always be left as a configuration.

What do you mean exactly by "will always be left as a configuration?" Does that mean that you agree that it would be great to have a web interface for sending these digits to the modem/service provider? You don't have to mess with helping the user figure out what digits to send, just a nice gui to enter them and confirm the response received (which is sometimes "Try again later" in my experience.)

Otherwise, its lower on the usability scale to muck around in the command line and manually run a script every time you have to recharge the SIM, especially if your running in embedded mode. I'm an occasional *NIX user and it takes me a not trivial amount of time to look up man pages to remind me of the command line switches to change the file system to -rw on the embedded platform so that I can use vi to enter the digit string. It means I can never delegate this to a non-technical person (or slightly technical person) or talk someone through it on the phone.

I know you can't give a time line and that's okay, I just wanted to make sure that those items were on the radar.

Oh, I forgot one feature.

6. Buttons to manually connect and disconnect. :)

Also, I think 5. should allow multiple time windows in one day.

Thanks,

GNB

I can confirm this bug

from what I understand the OpenVPN screens are brand new - kudos for the awesome menu-driven system. Its got a lot of promise!

I understand that the OpenVPN screens underwent an entire re-write … like you I am also missing the place to add extra options, such as dev tap

The good news is that I also hear that those gui options will be forthcoming. You could try and edit the options in /var/etc/openvpn/  manually in the mean time

I just finished doing this for one of my buddies..  Like most of the posts say.. this is alpha software!

But here is how I did it.

Things you will need:
Nokia IP330
CD-ROM drive
Y Molex power adaptor
IDE cable with 2 channels

1. Download pfSense-1.2.2-LiveCD-Installer.iso, burn it to a disk.  Also grab the lastest 2.0 Alpha Full-Upgrade snapshot.

2. Connect the set the hard drive as master and CD-ROM drive as slave.  These must be done via jumpers on the device.  Dont use Cable Select.  Connect the drives to the 2 channel IDE cable.

3. Connect a serial cable to the serial port, console if you have both, and boot the host.  Standard Cisco settings.

4.  Press TAB to enter the BIOS.  Select BIOS Feature SETUP, Change the Boot Sequence to "CD-ROM, C, A".  ESC to exit, then F10 to save and exit.

5. Allow the host to boot.  You will boot to the setup page.  It should look like this: http://blog.migrate.ro/wp-content/uploads/2008/01/1.JPG .  But looks like this:

When you get to the screen that looks like the press 6.  This will put you into the bootload command prompt.  Type the following: set console=comconsole.  Then press enter a few times once you can see the OK command prompt.  Then type boot. You should see the following picture.

6. When asked to create VLANs, say NO.

7. I used the following settings:
fxp0 -> LAN (Closest to the serial connection)
fxp2 -> WAN (far right) 
fxp1 -> OPT1 (middle)

8. Once the host is up.. log into the web console http://192.168.1.1 username:admin password:pfsense

9. Cancel the initial configuration by clicking the pfsense logo.  Then click System -> Advanced.  Enable the serial console. Click Save.  Enable SSH, click save.  Make sure that you do both!! otherwise the 2.0 upgrade will be a waste of time!

10. Once SSH has been enabled, SSH into the host, username:root password:pfsense, and run option 99.

11. Follow the on screen guide.  There are plenty of guides out there for this part.  Make sure you not install the boot block!! Otherwise if you loose power you will have hit F1.  Also after the reboot follow step #5 again, then proceed to #12.

12. Once the installation is completed, log back into the web console.  Click System-> Firmware, Enable firmware Upload, Browse to the 2.0 image you downloaded.  For me the most recent was pfSense-Full-Update-2.0-ALPHA-ALPHA-20090407-0825.tgz.  This should be done via IE..   It doesn't always work via Firefox.. it did for me.. but in the past it has not.  Once the upgrade is complete the host will reboot.

13.  The reboot is completed, you will loose all network connectivity!  Don't panic!    Notice the WAN interface does not get an IP address.

*** Welcome to pfSense 2.0-ALPHA-ALPHA-pfSense on pfSense ***

WAN(wan)                  -> fxp2       -> NONE(DHCP)
  LAN(lan)                  -> fxp0       -> 10.10.0.1
  OPT1(opt1)                -> fxp1       -> NONE

13a. If you are configuring this behind another firewall, assign a new IP range to the LAN interface!  Using the console select option 2, LAN, IP address of interface, subnet mask (most likely 24), y.

14. Because 2.0 doesn't fix the FF:FF:FF:FF:FF:FF problem out of the box, yet.  You need to do this manually.  From the serial console, select option 8 (Shell), type the command ifconfig.  You will get a print out like the one below.  Notice the MAC Addresses.

fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether ff:ff:ff:ff:ff:ff
        inet6 fe80::7831:833c:16db:3d3%fxp0 prefixlen 64 scopeid 0x1
        inet 10.10.0.1 netmask 0xffffff00 broadcast 10.10.0.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fxp1: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether ff:ff:ff:ff:ff:ff
        media: Ethernet autoselect (none)
        status: no carrier
fxp2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether ff:ff:ff:ff:ff:ff
        inet6 fe80::7831:833c:16db:3d3%fxp2 prefixlen 64 scopeid 0x3
        media: Ethernet autoselect (none)
        status: no carrier
plip0: flags=108810 <pointopoint,simplex,multicast,needsgiant>metric 0 mtu 1500
enc0: flags=0<> metric 0 mtu 1536
pflog0: flags=100 <promisc>metric 0 mtu 33204
pfsync0: flags=41 <up,running>metric 0 mtu 1460
        pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8

Notice I currently have fpx0 connected.  Now issue the following commands:

ifconfig fxp0 link 00:00:00:8c:43:23
ifconfig fxp1 link 00:00:00:8c:33:23
ifconfig fxp2 link 00:00:00:8c:53:23

I then connected my WAN interface.

fxp0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 00:00:00:8c:43:23
        inet6 fe80::7831:833c:16db:3d3%fxp0 prefixlen 64 scopeid 0x1
        inet 10.10.0.1 netmask 0xffffff00 broadcast 10.10.0.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
fxp1: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 00:00:00:8c:33:23
        media: Ethernet autoselect (none)
        status: no carrier
fxp2: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8 <vlan_mtu>ether 00:00:00:8c:53:23
        inet6 fe80::7831:833c:16db:3d3%fxp2 prefixlen 64 scopeid 0x3
        inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active

Notice the MAC addresses!

Exit, type exit, back to the console.

15. On your hosts renew the DHCP addresses.  The WAN interface should now have an IP address:

*** Welcome to pfSense 2.0-ALPHA-ALPHA-pfSense on pfSense ***

WAN(wan)                  -> fxp2       -> 192.168.1.144(DHCP)
  LAN(lan)                  -> fxp0       -> 10.10.0.1
  OPT1(opt1)                -> fxp1       -> NONE

16. Log back into the web console, username:admin password:pfsense, and begin configuration.  You are done!

Yes.. I am the same person who has the guides on testmy.net for smoothwall. ;)

A few notes.. If you reboot the MAC address will be lost.  I am working on a script that will set them again.</full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast></vlan_mtu></broadcast,simplex,multicast></full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast></up,loopback,running,multicast></up,running></promisc></pointopoint,simplex,multicast,needsgiant></vlan_mtu></up,broadcast,running,simplex,multicast></vlan_mtu></broadcast,simplex,multicast></full-duplex></vlan_mtu></up,broadcast,running,simplex,multicast>

I just had an RDP session and outlook connected to an exchange server data stop.  The tunnel was still showing open.  Is there any logs I can send in?

thanks,
Jim

http://pfsense/firewall_shaper_wizards.php

Just an update. Got the PPTP tunnel working, however some settings cannot be changed (still). For example the Remote Address Range always goes back to 10.11.13.0 so I have been setting client specific addresses in the users tab.

@databeestje:

It would help if you provided a piece of the broken racoon.conf configuration file so we can see what causes the parse error.

Thanks for posting, as requested:
Apr 6 01:17:33 racoon: INFO: @(#)ipsec-tools 0.7.1 (http://ipsec-tools.sourceforge.net)
Apr 6 01:17:33 racoon: INFO: @(#)This product linked OpenSSL 0.9.8e 23 Feb 2007 (http://www.openssl.org/)
Apr 6 01:17:33 racoon: INFO: Reading configuration from "/var/etc/racoon.conf"
Apr 6 01:17:33 racoon: INFO: Resize address pool from 0 to 255
Apr 6 01:17:33 racoon: ERROR: /var/etc/racoon.conf:19: "d" syntax error
Apr 6 01:17:33 racoon: ERROR: fatal parse failure (1 errors)

Today's snapshot also seems to give errors on edits of Gateway Monitor IP's in multi-WAN.  If I edit GW for WAN, status shows yellow, and WAN goes dead.  Opt1 then handles all traffic.  If I edit Opt1, the same IP entered as alternate monitor IP is reflected in WAN GW as well, and both go yellow.

If I manually edit config.xml (either from console or gui) with alternate monitor IP's and reboot, it boots with BLANK config.xml, and of course, this is no good…

1 is DSL, other is Cable.  Each is NAT'd (for the moment), and DHCP'd private IP's.

2.0-ALPHA-ALPHA
built on Mon Apr 6 05:58:27 EDT 2009
FreeBSD 7.1-RELEASE-p4

Just to clarify: I can, temporarily for testing purposes, add these adapters to the host OS, and then assign them through hardware emulation to pfSense's VM.
However, this reduces performance, and also since I want to use the VM approach to test a future dedicated hardware setup, which will use these USB devices directly attached to a cheap nettop or netbook with pfSense running in native mode on that computer, this temporary workaround will not be possible, then.