Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ibanez89

Pages: [1]
1
Virtualization installations and techniques / Proxmox through pfsense
« on: March 22, 2013, 09:12:38 am »
Hello everybody,

i have a big problem to setup proxmox server behind pfsense, all work quite good, but i can access to Host ssh, only from pfsense console, from other client i have this problem:

Quote from: client side
[ibanez89@archnote ~]$ ssh -v root@10.0.2.2
OpenSSH_6.1p1, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 10.0.2.2 [10.0.2.2] port 22.
debug1: Connection established.
debug1: identity file /home/ibanez89/.ssh/id_rsa type -1
debug1: identity file /home/ibanez89/.ssh/id_rsa-cert type -1
debug1: identity file /home/ibanez89/.ssh/id_dsa type -1
debug1: identity file /home/ibanez89/.ssh/id_dsa-cert type -1
debug1: identity file /home/ibanez89/.ssh/id_ecdsa type -1
debug1: identity file /home/ibanez89/.ssh/id_ecdsa-cert type -1

Quote from: serverside, ip 10.0.2.1 is pfsense interface
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Mar 22 12:53:09 2013 from 10.0.2.1
root@pve:~# netstat -a |grep ssh
tcp        0      0 *:ssh                   *:*                     LISTEN     
tcp        0     42 10.0.2.2:ssh            192.168.1.100:51653     FIN_WAIT1 
tcp        0      0 10.0.2.2:ssh            10.0.2.1:29506          ESTABLISHED
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN     
root@pve:~#

in this situation, i cant access to 8002 port from other client for manage proxmox from webgui, and the problem don't is finished, on proxmox host (10.0.2.2) i can ping every client of my network and WAN websites, but i cant download nothing... aptitude wont work...

This is my network infrastructure:



My server have only one NIC, eth0, and wlan0 accesspoint, all other interface are virtualized

Code: (interfaces on proxmox host) [Select]
# network interface settings
auto wlan0
iface wlan0 inet manual

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

####################
#pfsense wan interface#
####################
auto vmbr0
iface vmbr0 inet manual
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

####################
#hostapd Accesspoint #
#LAN->pfsense           #
####################
auto vmbr1
iface vmbr1 inet manual
        bridge_ports wlan0
        bridge_stp off
        bridge_fd 0

#####################
#VM->pfsense interface#
#####################
auto vmbr2
iface vmbr2 inet manual
        bridge_ports none
        bridge_stp off
        bridge_fd 0

######################
#Host->pfsense interface#
######################
auto vmbr3
iface vmbr3 inet static
        address 10.0.2.2
        netmask 255.255.255.0
        network 10.0.2.0
        broadcast 10.0.2.255
        gateway 10.0.2.1
        bridge_ports none
        bridge_stp off
        bridge_fd 0

this is my firewall configuration "sorry for dropbox folder":

https://www.dropbox.com/sh/g7uhpgqkdmeh2gz/V33akEcqtm/pfsense%20problem#/


Any help is appreciated  :)

2
General Questions / error setting host MAC filter table
« on: March 19, 2013, 05:38:52 pm »
Hello world,

I'm a newbie of pfsense.

I have set one tunnel ipv6 with hurricane electiconic, but my dhcpv6 server not assign ipv6 to my client pc...

Seeing the host logs i have seed some errors, anyone can help me?

Pfsense work in one kvm of proxmox server.

I have 3 interface (+1 tunnel)

vnet0 ->Wan (wan->host->modem->internet)           10.0.0.1ipv4
vnet1->lan    (wifi lan)                                            192.168.1.XXXipv4
vnet2->opt1 (kvm machine)                                    10.0.1.XXXipv4
ipv6tunne

i can surf on internet using ipv6 from Lan Arch Linux with auto configuration (my ipv6 subnet+MAC address)


Code: [Select]
ar 19 23:12:46 check_reload_status: Restarting ipsec tunnels
Mar 19 23:12:46 php: : DynDns: updatedns() starting
Mar 19 23:12:47 php: : DynDns debug information (ibanez89.linkpc.net): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:12:47 php: : DynDNS (ibanez89.linkpc.net): running get_failover_interface for wan. found vtnet0
Mar 19 23:12:47 php: : DynDns debug information (ibanez89.linkpc.net): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:12:47 php: : DynDns (ibanez89.linkpc.net): Current WAN IP: 151.45.73.XXX Cached IP: 151.45.73.XXX
Mar 19 23:12:47 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Mar 19 23:12:48 php: : DynDns: updatedns() starting
Mar 19 23:12:49 php: : Creating rrd update script
Mar 19 23:12:49 php: : miniupnpd: Starting service on interface: opt1
Mar 19 23:12:49 miniupnpd[41324]: HTTP listening on port 2189
Mar 19 23:12:49 miniupnpd[41324]: Listening for NAT-PMP traffic on port 5351
Mar 19 23:12:49 kernel: vtnet2: error setting host MAC filter table
Mar 19 23:12:49 php: : DynDns debug information (199718): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:12:49 syslogd: exiting on signal 15
Mar 19 23:12:49 syslogd: kernel boot file is /boot/kernel/kernel
Mar 19 23:12:50 php: : DynDns debug information (199718): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:12:50 php: : DynDns (199718): Current WAN IP: 151.45.73.XXX Cached IP: 151.45.73.XXX
Mar 19 23:12:50 php: : Restarting/Starting all packages.
Mar 19 23:12:50 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Mar 19 23:13:29 check_reload_status: Reloading filter
Mar 19 23:13:29 php: : [tinydns] tinydns_xmlrpc_sync.php is starting.
Mar 19 23:13:29 php: : XML error: Invalid document end at line 59 in /usr/local/pkg/pf/tinydns_xmlrpc_sync.php
Mar 19 23:13:29 php: : Begin tinydns resync
Mar 19 23:13:29 php: : Zone file done.
Mar 19 23:13:29 php: : Ping items done.
Mar 19 23:13:29 php: : [tinydns] tinydns_xmlrpc_sync.php is starting.
Mar 19 23:13:29 php: : Sync items done.
Mar 19 23:13:29 php: : [tinydns] tinydns_xmlrpc_sync.php is starting.
Mar 19 23:13:29 php: : XML error: no packagegui object found!
Mar 19 23:13:33 login: login on ttyv0 as root
Mar 19 23:13:33 sshlockout[82842]: sshlockout/webConfigurator v3.0 starting up
Mar 19 23:13:39 check_reload_status: Updating all dyndns
Mar 19 23:13:39 check_reload_status: Restarting ipsec tunnels
Mar 19 23:13:39 check_reload_status: Restarting OpenVPN tunnels/interfaces
Mar 19 23:13:39 check_reload_status: Reloading filter
Mar 19 23:13:43 php: : DynDns: updatedns() starting
Mar 19 23:13:48 php: : DynDns debug information (ibanez89.linkpc.net): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:13:48 php: : DynDNS (ibanez89.linkpc.net): running get_failover_interface for wan. found vtnet0
Mar 19 23:13:51 php: : DynDns debug information (ibanez89.linkpc.net): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:13:51 php: : DynDns (ibanez89.linkpc.net): Current WAN IP: 151.45.73.XXX Cached IP: 151.45.73.XXX
Mar 19 23:13:51 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Mar 19 23:13:52 php: : DynDns: updatedns() starting
Mar 19 23:13:54 php: : DynDns debug information (199718): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:13:54 php: : DynDNS (199718): running get_failover_interface for wan. found vtnet0
Mar 19 23:13:56 php: : DynDns debug information (199718): 151.45.73.XXX extracted from checkip.dyndns.org
Mar 19 23:13:56 php: : DynDns (199718): Current WAN IP: 151.45.73.XXX Cached IP: 151.45.73.XXX
Mar 19 23:13:56 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Mar 19 23:15:27 php: /index.php: Successful login for user 'admin' from: 192.168.1.100
Mar 19 23:15:27 php: /index.php: Successful login for user 'admin' from: 192.168.1.100

I'm sorry for my ridiculous english  :(

Ps my upnp not work...

Pages: [1]