2.0 uses gateway groups for multi-wan, not the load balancer. The load balancer is for servers, not WANs. Use gateway groups instead under System > Routing.

The widget was removed and will be added back in 2.1. There was problems with the widget and SMP setups.

I believe it is not some ad blocker as I connected to another pf box which is beta4 and it is work.

I tried to do this.
But it gives an error (I can not see now, I'll post tomorrow).
I was only able to import part separately DHCP
but users do not

We don't use rc.conf on pfSense. We also don't include the screen saver kernel modules in the builds.

You should be able to copy the kernel module off another box and load it from loader.conf though.

No, serial console is always active and can't be flipped on or off like that. It's set at bootup.

@jimp:

Guess my commit fixed it then. :-)

Yes it did! Thanks again jimp!

Back then I think the only method that worked was a manual firmware upgrade from the GUI or a manual update from the console.

Both auto update and console update by URL were broken.

Though if you have easy access to reinstall the machine that wouldn't hurt. It would be nice to start clean from an up-to-date base.

Unless you can reproduce the same issue on a current snapshot, it may be something that was temporary and already fixed.

well…. it could be the problem ... hmmm...

if suppossed to be that way then it will my miss understanding... because i always use the WAN as the hotspot interfaces... and the LAN as the internet interfaces...

hope anybody can confirm me that configuration, because it can be connected to internet and from client but give me problem that always been disconnected...

regards...

cmb,

Thought so someone would reply as such :-) … but I was wondering if the coders could do something about interface/ip aliasing or if there was to be any gateway aliasing or even sort of trunking of pppoe interfaces in order to share the same gateway? I dunno .. I'm just exploring .. :D

OK, many thanks, it works now ;-)

Hope my screenshots would help someone later  8)

@TooMeeK:

First, I see that "passtos" option is invalid for Windows client. Shouldn't be even available on server config page "Set the TOS IP header value of tunnel packets to match the encapsulated packet value."

There are tons of scenarios that don't use any Windows clients. It's there for good reason.

@TooMeeK:

Now I'm thinking about.. how to configure 2 OpenVPN instances for both WANs and use shared certificates?
Yes, I can run Wizard twice and it will create 2 servers, but both will use 2 server certificates, one per one. Second thing is that probably have to use different IP pools, becuse of possible IP conflicts for clients.

You can choose existing CA and certs in the wizard, or create the server manually.

@torontob:

That is cool. However, why do I have to setup 10000-20000 for NAT PORT FORWARD to my Asterisk server which sets behind pfSense v1.2.3 for the both way audio to work?

Because the phones initiate the RTP, if you have remote phones and want the RTP to get in from outside you have to open that. If you're just communicating outbound through a normal SIP trunk to an outside provider, you don't, as everything comes in over the connections initiated outbound.

@wagonza:

@johnpoz:

OK so I updated my snap, and now its showing my domain overrides.

Domain overrides

stub-zone:
name: "test.ip"
stub-addr: 192.168.1.4
stub-prime: no

But I agree its not working like it should.. So there is a server at 192.168.1.4 running bind with a zone for test.ip

see – if I query it directly authoritative for the host3 record I created.

; <<>> DiG 9.7.2-P3 <<>> @192.168.1.4 host3.test.ip
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15037
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;host3.test.ip.                 IN      A

;; ANSWER SECTION:
host3.test.ip.          21600   IN      A       192.168.1.101

;; AUTHORITY SECTION:
test.ip.                21600   IN      NS      p4-28g.local.lan.

;; ADDITIONAL SECTION:
p4-28g.local.lan.       21600   IN      A       192.168.1.4

;; Query time: 5 msec
;; SERVER: 192.168.1.4#53(192.168.1.4)
;; WHEN: Mon Jan 10 23:32:39 2011
;; MSG SIZE  rcvd: 93

Now if I ask the pfsense box that has an override set to ask 192.168.1.4 for the domain test.ip it also gives me back servfail

; <<>> DiG 9.7.2-P3 <<>> @192.168.1.253 host3.test.ip
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49426
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;host3.test.ip.                 IN      A

;; Query time: 11 msec
;; SERVER: 192.168.1.253#53(192.168.1.253)
;; WHEN: Mon Jan 10 23:40:03 2011
;; MSG SIZE  rcvd: 31

So seems domain override is not working??

Currently running
2.0-BETA5 (i386)
built on Mon Jan 10 13:14:45 EST 2011

Ok I managed to get time to simulate this. I see the answer is returned however Unbound is still returning a SERVFAIL. Will investigate further as to why… :-\

Ok sorted - fix committed. Reinstall package and let me know how it goes.

thx

ahh alright, thank you

Yep, worked after my latest firmware update. Thanks!

Hello Folks,
the vHost is a pretty good alternative, especially when we have to stop the main servers for whatever reasons.
Please reply if you intend to support it and when or another alternative to be considered?
Regards,
Rossen

I've had the opportunity to test this again a couple of times. DHCP on the WAN address always receives IP address, DNS Server, but never a default gateway value. In every case manually pointing the default gateway to the WAN IP (along with setting the WAN MTU to 1492) gets traffic flowing every time. The logs I've seen (similar to captured previously) all show the effects of the issue, but not the cause. What logs should I be looking at to see the DHCP/PPPoE process not working properly vs it working correctly in 1.2.3?

Is this really a pfSense issue or an underlying BSD issue (hardware [in]compatibility)? I suppose I could script the addition of the default gateway at boot (disappears at boot every time) but that seems backwards in light of it working flawlessly in 1.2.3.

Are there resources someone could point me to to research this further? The PPPoE process seems straightforward (bridge/half-bridge) but there's some of this beyond me at the moment. Thanks for the help.