Double check my work?



  • Hello all and thank you.
    I am not an Anglophone, so please bear with me.

    I am brand new to pfSense and love this product.
    Today I completed setting up my 2.1 box with dual WAN/mono LAN via PPPoE (load balancing, failover, etc) to support the infrastructure of a farm out in the sticks.

    As I type, I am using this new machine, and am confident in both my settings and abilities.
    However, being in a very rural area, I have no one to converse with about my project nor anyone to verify my work.

    I wonder about two things, hang on.

    Is there some function of this system to provide a diagnostic log or list of settings?
    If so…
    Is there someone who could look through said log and help me with a few items I'm not sure about?

    Obviously, I wonder about my unusual dual WAN setup. As a lifelong residential consumer this is a very new concept to me.
    Namely, I also wonder about my HTTPS persistence (one person here has a bank account with very persnickity security). The sticky connection setting does not seem to solve this issue.
    There are also a few kids on the property that have some video game systems, and one such XBox has been griping about not being able to receive ICMP requests from the WAN; I use mine personally for video streaming and everything works fine, so I'm unsure of what the issue may be.

    Thank you, and if nothing else, thank you for providing/assisting an awesome product.



  • The closest thing to a "log" of all the settings is to use the Diagnostics -> Backup option and download the xml file to your PC - however this has all your passwords in plain text so you would need to edit it before you posted it publicly.

    I'd guess that most of the issues can be fixed with rules - add a rule at the end of the rules that logs everything that it drops and you'll see what's happening, and can then fine tune the configuration.  Purchasing a copy of the pfSense manual was something that really helped me - it's worth every penny.

    Adding a rule to the wans pass IMCP should fix the ICMP problems - floating rules can be handy where you have to apply rules across several interfaces.

    Mostly I would say - make backups, and play with the rules, you will learn by doing.  Good Luck!



  • This should be what was requested.
    Furthermore, I detected something odd over the secondary WAN (ruthnicolle) where it seems to authenticate via IPv6, whereas I both do not have it configured nor do I have any such functionality from my ISP.

    If anyone could look through these and see if there are any glaring errors, I would be very appreciative.

    PPPoE.txt
    config-pfsense.localdomain-20130820133002.txt



  • Ah.
    Also, disregard the ICMP issue.
    It seems either pfSense or the Xbox (perhaps both?) dislike UPnP configured simultaneously with static IP.
    Removing one solved the other.


Log in to reply