Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    1. Home
    2. Tags
    3. ipv4
    Log in to post
    • All categories
    • G

      global IPV6 addresses are not routed into the LAN and to the client

      IPv6
      • multiwan failover ipv6 ipv4 dual stack • • Globaltrader312
      4
      0
      Votes
      4
      Posts
      397
      Views

      G

      @Globaltrader312 I have now also removed the firewall rules under NAT

    • C

      Strange issue with IPv4 packet fragmentation

      General pfSense Questions
      • ipv4 fragmentation • • ChrisJenk
      13
      0
      Votes
      13
      Posts
      1.5k
      Views

      JonathanLeeJ

      It will fragment if the MTU is to large

    • JonathanLeeJ

      13 security vendors flagged this IP address / Active Treat Showing During Windows 11 Updates

      Firewalling
      • snort ipv4 security firewall • • JonathanLee
      1
      0
      Votes
      1
      Posts
      350
      Views

      No one has replied

    • 5

      isp change ip

      Firewalling
      • isp issues change ipv4 routing routing opt1 • • 583245d
      7
      0
      Votes
      7
      Posts
      1.2k
      Views

      5

      @johnpoz excatly , so i can change the gateway in routing of this isp , and under interface assimgnets, change the ip ,and add the new gateway that was given by isp.

    • C

      Ipsec established but no data passing

      IPsec
      • ipsec firewall rules firewall ipv4 vpn tunnel • • craigerr1
      2
      0
      Votes
      2
      Posts
      865
      Views

      perikoP

      @craigerr1 is P2P? Mobile?
      Have u open the rules in both sides to allow traffic on your firewalls->rules->ipsec?
      Regards!!!

    • J

      DS-Lite State in 2020

      IPv6
      • dslite ipv6 ipv4 • • jan_berg
      7
      1
      Votes
      7
      Posts
      1.3k
      Views

      J

      @jan_berg This approach seemed to be working for me: https://wiki.cable-wiki.xyz/OPNsense

      Caveats:

      Can't be done through UI, needs to be executed in a shell. The tunnel will not be visible in the UI. Doesn't persist. Would need to re-execute every time the WAN comes up and has a global IPv6 assigned. Need to extract the AFTR name and its IPv6 address. In my case, the name comes through via DHCPv6 from the ISP as option 64. Could extract it via tcpdump. Then resolved it to an IP address and used that when setting up the tunnel. Breaks again if AFTR name/IP changes.

      So, no real DS-Lite support in pfSense currently, but possible to set up manually.

    • D

      Portweiterleitung durch OpenVPN

      Deutsch
      • openvpn problem routing opt1 ipv4 openvpn routing firewall rules • • denndsd
      18
      0
      Votes
      18
      Posts
      1.8k
      Views

      D

      Hallo Zusammen,

      vielen Dank für die vielen Antworten.
      Ich werde das ganze am Wochenende mal trennen.
      Das macht Sinn ja. :)
      Aktuell komme ich nur nicht dazu, weshalb das ganze hier etwas eingeschlafen ist.
      Bei einem anderen Peer klappts scheinbar.
      Sehe merkwürdig.
      Aber ja, trennen macht sinn.

      Danke erstmal.

    • H

      Cant create Ipv4 custom list

      pfBlockerNG
      • ipv4 pfblockerng alias custom • • helderingor
      1
      0
      Votes
      1
      Posts
      508
      Views

      No one has replied

    • C

      Kein Internet im LAN - WAN-Gateway in anderem Subnet

      Deutsch
      • ipv4 subnet nat • • Comprex1975
      5
      0
      Votes
      5
      Posts
      1.2k
      Views

      RicoR

      Diese Option ist gesetzt?
      System > Routing > Gateways > Edit Gateway > Display Advanced > Use non-local gateway

      -Rico

    • A

      [URGENTE] Problema de perda de comunicação com o Gateway (WAN)

      Portuguese
      • gateway offline gateway help wan ipv4 • • araujovitorpaulo
      6
      0
      Votes
      6
      Posts
      1.8k
      Views

      M

      Olha, olhando o problema superficialmente, com as informações que você passou, já levando em consideração que você verificou cabos e etc, digo que sim o problema pode ser na placa de rede.

      Não é normal ter problema de conectividade entre o pfsense e o modem, é um cabo, não é pra perder ping nem muito menos perder o MAC da tabela.

    • B

      DDNS pfSense to Windows AD DNS DHCPv6

      DHCP and DNS
      • dns ddns ipv6 ipv4 windows server • • bigtfromaz
      6
      0
      Votes
      6
      Posts
      1.5k
      Views

      bmeeksB

      @bigtfromaz said in DDNS pfSense to Windows AD DNS DHCPv6:

      I am in the software and services business and we have begun running into situations where some client host machines only have IPv6 because their ISPs have run out of IPv4 addresses. That means the only way they can reach my servers is via IPv6. There aren't many and they are non-US but they are important.

      It's probably time for the industry to switch to an IPv6-first stance (Apple and Google seem to be there already). Given the absence of vigorous competition in my area, the ISPs are putting themselves before their customers. I am betting it's a common theme.

      Thanks for the heads-up regarding the lack of fair play by Netflix. It's probably due to the fact that they have restricted distribution rights for content and can't be sure of your location. You could probably work around that with a guest VLAN having no IPv6. Kids are really good at getting and spreading computer viruses. A guest VLAN would help you minimize your risk.

      I am going to see if I can get the addresses registered in a DNS server on the pfSense and replicate to my Windows AD Server. If I write some code that turns out to be useful I'll put it on GitHub and share a link here.

      Yeah, there are several avenues to deal with the IPv6 and Netflix thing, but the kids are only here rarely and I have plenty of IDS/IPS protections for critical stuff. Also, it's only a home network. There are no national defense secrets, Democratic National Committee emails, or documents relating to secret payoffs to porn stars stored here ... LOL.

      And yes, Netflix blocks HE IPv6 blocks for precisely the reason you stated: users without strict morals use those to get around geoip blocks that Netflix has in place to enforce their distribution contracts with content owners.

      I wish all the ISPs of the world would just start supporting IPv6. Unfortunately that appears to be a very slow process. Even some of those that are supporting it are doing so in strange ways. They seem to be doing their darndest to avoid giving out static IPv6 addresses, for instance.

    • S

      Intermittent Changes of IP Address and WAN not pulling IP from Modem

      DHCP and DNS
      • dhcp ipv4 • • skullabyss
      9
      0
      Votes
      9
      Posts
      1.3k
      Views

      senseivitaS

      If you're on a UNIX-like system you can use this to capture remotely from a UniFi AP and from pfSense -- I found this somewhere and noted it down.

      Change X.X.X.X for the correct address.

      UniFi AP
      ssh ubnt@X.X.X.X 'tcpdump -f -i br0 -w - not port 22' | wireshark -k -i -
      You need Wireshark installed, obviously--works on Macs too and it won't get super hot like when you capture directly on it.

      pfSense
      ssh root@X.X.X.X 'tcpdump -f -i em0_vlan100 -w - not port 22' | wireshark -k -i -
      Here you'll need to change em0_vlan100 for the correct interface, but you can SSH in and get them with ifconfig. :) Good luck!