Installation Issue
-
Check out the brand new 'thanks' feature! No pressure. ;)
Steve
-
Wanted to follow up on the static mapping, worked for about a week then all the devices that had a static setup quit getting access to the internet unless i removed them from the static table, is this an issue where the lease is expiring and not renewing? is there a work around to getting this issue fixed. This is esp important for my wireless printer and wireless home thermostat.
-
Hmm, no it's not expected behaviour. I have a few static devices configured here and they've been fine for months/years one of which happens to be a wireless thermostat. That is running 2.0.3 though. I've not read any reports of broken static leases in 2.1 but it would be worth a look in the subforum.
What is stopping them getting internet access? Anything in the firewall logs? Are they still receiving the reserved IP via DHCP if you renew the lease?Steve
-
i reset the static setup to see if the problem comes back, as for the firewall log i dont see anything in there that stands out. when i lost internet the devices still had their assigned ip and appeared to be connected to the network but would not communicate. my main desktop was connected to the network but said had no internet access, removed the static mapping and everything that wasnt working started working again.
another problem i have seen still i started using pfs is my vpn on a wired connection wont stay connected very long, on the netgear router i used before trying pfs i could connect my vpn for days at a time basically until i discod it, but now i am finding it will run for 16 mins then drop or another time it was at 33 mins.
-
The firewall may be closing the connection if no traffic is seen for a while over the VPN, this can be a problem for some VoIP setups. You may have a 'keep alive' option in your vpn client or you can try setting 'firewall optimization' to conservative in System: Advanced: Firewall/NAT: That's a 2.0.3 setting I'm not sure about 2.1.
Are you using pfSense as the client?
Steve
-
"The firewall may be closing the connection if no traffic is seen for a while over the VPN, this can be a problem for some VoIP setups."
This happens alot with or without VPNs that a connection times out.
I have gotten into the habbit of having my SIP devices re-register as often as the provider will tolerate without bouncing me.
Currently, thats about every 15 or 30 seconds vs the 300 or 3600 second timeouts that are often default.
Simply changing (low as possible) the timeout has cured most of my disco problems most of the time.
It has a "keep alive" effect on the connection.
-
The firewall may be closing the connection if no traffic is seen for a while over the VPN, this can be a problem for some VoIP setups. You may have a 'keep alive' option in your vpn client or you can try setting 'firewall optimization' to conservative in System: Advanced: Firewall/NAT: That's a 2.0.3 setting I'm not sure about 2.1.
Are you using pfSense as the client?
Steve
i replaced a few year old netgear wireless router with a built system loaded with pfsense after watching a video on youtube about building a bullet proof router replacement i currently have comcast as an isp with a moto surfboard 6141 d3 modem supplying service to the pfsense rig which outputs to a 16 port gigabit switch and I have a dlink air premier access point plugged into the switch for wireless, so basically the pfsense rig is handling all the traffic and has a lot more advanced features then I am used too with a basic store bought router. i would like to replace the access point with a built in wireless adapter so any recommendations on a good one to use with this setup would be great as well.
-
Yeah - Don't do that… Use an AP.
-
^ Agree, no reason to install a wireless card in pfsense to provide wireless. An AP is the way to go.. You can add multiple if needed - strategically placed around the location for best coverage if you need more than 1, or just centrally locate the 1 which allows for router to be anywhere.
Very simple to put the AP on its own segment or vlan to isolate from your wired network and leverage pfsense firewall for control, etc.
-
I too would recommend an extrenal AP if only to get 802.11N support. Siting the AP for best coverage is also an advantage.
Many people will have older wifi cards already in which case why not do both? I have an old mini-pci card in my home box. If nothing else it provides out of band access to the pfSense box after I've locked myself out via whatever I've been playing with.Steve
-
I have been playing with different settings trying to get the vpn to work better as there is no keep alive setting I can find with the vpn software. I tried to turn the firewall complete off and after I did that all devices wouldnt connect to the internet and soon as i turned the firewall back on they could access the net again? I also increased the default lease time way up and that seems to have helped a lot
-
How did you disable the firewall? It probably stopped NAT working at the same time.
Interesting the lease time helped. Do your clients generally keep the same address across a lease renewal?Steve
