Temporary allowed connections
-
@HansSolo said in Temporary allowed connections:
If not, that's very disappointing.
I believe it started when you scolded the product like a young child..
-
If they do allow it - it sure not in their create policy documentation that is for sure ;) Why should we have to wait for his rep? You are sure they do it - so you don't have access to a watchguard that you can take a screenshot showing it?
-
@chpalmer said in Temporary allowed connections:
@HansSolo said in Temporary allowed connections:
If not, that's very disappointing.
I believe it started when you scolded the product like a young child..
Seriously?
"Scolded the product" ? LMAO.
That's what consumers do mate !!
Imagine if every company folded because they got "scolded" HAHAHAHAHA !!!!You guys need a tougher hide.
-
@HansSolo said in Temporary allowed connections:
Suture yourself
/r/boneappletea
I must admit that I am impressed with how quickly you can manage to piss off senior members here. Frankly, nobody really cares if Watchguard has that feature or not since it's moot. pfSense doesn't have it, so if that feature is critical to you then I guess you will be using a Watchguard and have no more need of pfSense.
-
@johnpoz said in Temporary allowed connections:
If they do allow it - it sure not in their create policy documentation that is for sure ;) Why should we have to wait for his rep? You are sure they do it - so you don't have access to a watchguard that you can take a screenshot showing it?
I do and I can....I'm lazy....waiting for KOM's rep to say I was right
-
I just got sent this. Rep said "Its done under schedules" Looks familiar. You guys can run through these pages if you want. Im not.
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/policies/operating_sched_set_c.html
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/policies/policy_properties_about_c.html
-
I don't think any one is opposed to adding such a feature - if there was actual call for it.. Never seen such a request before that I recall... So its not like the users of pfsense are beating the drums demanding this pretty much useless feature..
If you want it - then code it... Or your more than welcome to switch over to something that does it.. Like this watchguard.. Yeah last time I checked their pricing was right in line with pfsense being FREE ;)
edit: Well clearly your not from what he posted, you do it via schedules - just like you do on pfsense, just like you can do on juniper SRX, etc. etc.
-
@HansSolo Why do you keep saying that? It's not my rep and I have no knowledge of Watchguards.
-
@johnpoz said in Temporary allowed connections:
I don't think any one is opposed to adding such a feature - if there was actual call for it.. Never seen such a request before that I recall... So its not like the users of pfsense are beating the drums demanding this pretty much useless feature..
If you want it - then code it... Or your more than welcome to switch over to something that does it.. Like this watchguard.. Yeah last time I checked their pricing was right in line with pfsense being FREE ;)
Honestly????
YOU GUYS SHOULD THANK ME FOR THE SUGGESTIONS AND CRITICISM.You're right...most sheeple won't say a word.
Is technical support free?
pfsense is pretty darn good. I've said that a NUMBER of times. For the price, HELL YEAH!!!! But products THRIVE (or die) on consumer criticism and feedback and the response they make to it.
A wise development board NEVER tells a consumer with a suggestion or complaint to F - off.
-
This post is deleted! -
@chpalmer said in Temporary allowed connections:
Just called my Watchguard rep and he thinks that your incorrect. He is going to check though.
Dude! LOL!!
-
The converse, of course, is that a wise user doesn't come into the forums and immediately start negging the product. If you would have just asked your question without implying that pfSense sucks because it doesn't do this thing that every other firewall in the world does (but not really), and it's soooooo disappointing, you would have avoided all this heat.
BTW part 2, no "story" changed. It was chpalmer that said he talked to his rep so I'm not sure what you're going on about. Look at the damned thread.
Actually, I'm done. Done here and done with you.
-
@chpalmer said in Temporary allowed connections:
I just got sent this. Rep said "Its done under schedules" Looks familiar. You guys can run through these pages if you want. Im not.
Oh yea- and his response.
-
The only reason we have a Watchguard "rep" is because of small number of sites where we inherited the customer from an over zealous salesman. They are almost all replaced now. Just one more site. :)
https://redmine.pfsense.org/
-
@HansSolo Well the lack of interest when you posted this the first time already speaks for itself: https://forum.netgate.com/topic/143176/feature-request-ability-to-allow-for-limited-time
And for the future:
As @kiokoman already pointed out feature requests need to go on redmine, there you will see whether the developers see it as valid or not. Adding a pull request with an example implementation might speed it up.If you post something on a discussion forum expect it to be discussed, and ridiculed if it is ridiculous, as most people have (surprise) different opinions and many will not agree with you. Acting childish when people disagree and trying to play the "But <insert random competing product name> has it and is better than you" card will just disqualify you further in that case.
-
@Grimson said in Temporary allowed connections:
@HansSolo Well the lack of interest when you posted this the first time already speaks for itself: https://forum.netgate.com/topic/143176/feature-request-ability-to-allow-for-limited-time
And for the future:
As @kiokoman already pointed out feature requests need to go on redmine, there you will see whether the developers see it as valid or not. Adding a pull request with an example implementation might speed it up.If you post something on a discussion forum expect it to be discussed, and ridiculed if it is ridiculous, as most people have (surprise) different opinions and many will not agree with you. Acting childish when people disagree and trying to play the "But <insert random competing product name> has it and is better than you" card will just disqualify you further in that case.
Yes, Good to see you recognized that a few of the regulars here were acting "childish". Good for you.
As far as the "no one interested" comment.....
There are two replies to that thread. So right off the bat you are mistaken.
I had forgotten about that post. My bad for not remembering everything.As far as the "has it better than you" thingy......
If you want to twist it into that go right ahead. I asked if it was possible then took the time to post an illustration.
Others then said "No other firewall I've ever seen has that"......So I kindly pointed out which did.
So I'm not sure what you're talking about. I would suggest you carefully read the thread again, just to get things straight.
Kind Regards
-
@chpalmer said in Temporary allowed connections:
I just got sent this. Rep said "Its done under schedules" Looks familiar. You guys can run through these pages if you want. Im not.
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/policies/operating_sched_set_c.html
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/policies/policy_properties_about_c.html
I don't think it's under schedules in the Management System I have which is an older one. But still, it's there.
A VERY convenient feature.I think most here view pfsense as a Huge Operation only firewall, but I'm fairly certain that's not the case.
I would venture a guess that more NON-Enterprise environments are using pfSense than Enterprise.That said, I also realize it's the Enterprise environs that pay the bils
-
@KOM said in Temporary allowed connections:
The converse, of course, is that a wise user doesn't come into the forums and immediately start negging the product. If you would have just asked your question without implying that pfSense sucks because it doesn't do this thing that every other firewall in the world does (but not really), and it's soooooo disappointing, you would have avoided all this heat.
BTW part 2, no "story" changed. It was chpalmer that said he talked to his rep so I'm not sure what you're going on about. Look at the damned thread.
Actually, I'm done. Done here and done with you.
Yup. I did make that mistake. My bad.
But again, you really shouldn't get that ballistic over an honest mistake.You were (in my opinion) wrong to say what you said....
(About the "bitching" and I could stop using pfsense)Am I the first to ever ask about a feature that you felt was unnecessary? Will I be the last?
Am I the first make a complaint? will I be the last?You are obviously a very sensitive person. if you go back and read the thread again carefully, you'll see all I did was ask about how something might work. I kinda got punched and ridiculed over it somewhat (but that's fine, no worries)
Anyway, it's a shame you threw in the towel. I'm sure you have some good information that could be helpful.
Lucky for me, I'm pretty much past the point of needing help. Truth be told, it's not the first time I sensed your uber sensitivity. So, all told, it may be best as you did (throw in the towel with me)Good luck to you. I personally harbor no hard feelings even though you did basically told me to F-off right off the bat.
-
Something is missing in this thread.
pfSense has this option called 'Captive portal'. Create some "15 minute" vouchers and your done.
The 'scheduling' behind it will take care of all the 'rules'. When show-time is over, connections are stopped. States are destroyed. Nothing passes anymore.
They will get blocked after 15 minutes sharp, or even 19 m. max, but it delivers. Rock-solid.Some user interaction is needed, true.
For the admin this is an easy task, that's for sure.Btw : I'm using pfSense for an 'entreprise'.
edit : @HansSolo : I guess that you know that the Captive portal exists.
Just so I understand the issue, why would you want to 'permit' a device to connect for 15 minutes ? -
@HansSolo said in Temporary allowed connections:
So I kindly pointed out which did.
Actually guy.. You insinuated that Watchguard does but offered no proof that it actually does. In fact our rep claims it doesn't other than with schedules which is pretty much identical to what pfsense does. Besides unless a schedule kills the states its worthless for existing connections.
IMHO it would be a really bad thing to implement for at least one reason I stated above. You and others are welcome to disagree with me.
Yes, Good to see you recognized that a few of the regulars here were acting "childish". Good for you.
There you go again assuming and making disparaging comments. Stop it!
Desperately need a way to TEMPORARILY approve connections.
This is your first sentence in this thread. It is crafted in such a way (kinda the way the news media does) to make it seem like others besides you need this option. Maybe you didn't mean it this way but others coming along could take it that way. It should read-
"I would like to have a way to.." Because I cannot believe you are "desperate" to have such an option and at this point in my over ten years here I have never seen a post from anyone else asking for such an option.. Questions about scheduling come up all the time.
You do have a history here. Many people in this thread have talked to you before and thus may bring over a little frustration from the past. At this point you have 103 posts on this forum but only one reputation point. That is telling.
Kom on the other hand has over 7100 posts and a whole lot more reputation points.
Real simple. Go to firewall rules. Click the on off button on your rule and then click the apply button. When your done reverse the process and your done. Easy peasy.
Good luck!