Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - stephenw10

Pages: [1] 2 3 4 5 ... 850
1
Hardware / Re: Watchguard XTM 5 Series
« on: April 18, 2018, 07:55:56 pm »
Yes, it should be possible to boot without flashing the BIOS. I may have already unlocked mine before I put an SSD in there. It certainly boots a CF card without any change.

Either the image I tweaked ages ago or t-rexky's image linked above should unlock the options and allow you to choose what to boot from.

There are details on flashing it earlier in this thread.

Be aware that flashing your BIOS is always inherently risky and that doing so with an image you downloaded from a forum even more so.  ;) Your box may end up a brick etc etc

Steve


2
Hardware / Re: CARP on NanoBSD
« on: April 18, 2018, 07:51:46 am »
No problem.  :)

You should really try to move away from NanoBSD if you can though. Support for it will be going away entirely at some point.

Steve

3
Hardware / Re: HD interface on Watchguard X2500
« on: April 18, 2018, 07:47:58 am »
The caddy connector is not the same as the Xe/X-Peak box. It's the opposite gender to start with. I never tried to fit a HD in the X-Core so I didn't research it.

That part you purchased looks like it has a fighting chance at least.  ;)

Steve

4
Hardware / Re: CARP on NanoBSD
« on: April 18, 2018, 07:40:42 am »
Sorry missed your screenshot. Edited while you replied.  ;)

5
Hardware / Re: CARP on NanoBSD
« on: April 18, 2018, 07:34:25 am »
Yes. NanoBSD should make no difference to CARP/HA.

That first error shows it can't connect to the Secondary for some reason. admin login is wrong maybe or no firewall rule on the sync interface to allow it.

That second error can be corrected by setting 'Firewall Maximum Table Entries' to 400000 in System > Advanced > Firewall & NAT.

Steve

6
Hardware / Re: Watchguard XTM 5 Series
« on: April 18, 2018, 07:33:20 am »
Nice! Guess I'll leave it enabled then.  ;)

I'll do it anyway just to see how it affects stability, if at all.

Steve

7
Hardware / Re: Optiplex 790 SFF 2011
« on: April 17, 2018, 08:13:18 pm »
Yes, you can configure the wifi card after installation. At any time really.

You can configure any number of interfaces during the initial install. Only one interface will allow you to connect by default though. If you assign only one interface that will be WAN. If you assign more than one then you will only be able to connect via LAN. Once you add firewall rules of course you can connect via any interface they allow.

Yes you can use a modem/router/AP/switch combo device as an AP only.
https://doc.pfsense.org/index.php/Use_an_existing_wireless_router_with_pfSense

Steve

8
Are you running 2.4.3?

The was an issue with mbuf leaks in that showed especially badly with the cxl driver. That has been fixed for a few versions though.

Check the Status > Monitoring graphs for mbuf cluster usage.

When you say 'completely locked up' does it stop responding at the console? Try pressing Ctl-T at the console if it appears non-responsive, what output does that give?

Steve

9
Hardware / Re: Optiplex 790 SFF 2011
« on: April 16, 2018, 07:16:28 pm »
That 3.3GHz i5 is probably overkill unless you have a 1Gbps WAN and VPNs to setup.

That wifi card probably is supported and that's relatively unusual, I don't know if you chose that especially for that reason?

If you have only one Ethernet interface I would setup the box first with just that enabled. Trying to setup wifi as LAN as a first install would not be easy!

With just one interface pfSense will allow you to connect to that address even if it's labelled WAN. Once you have that setup you can connect to it and add a firewall rule to prevent yourself being locked out and then assign the wifi card.

Really though for best results you should add the quad port card and use an external access point.

Steve

10
Yes the recover config script in 2.4 is much improved. A full /var/run would not stop the config being read.

The only worry is that the filesystem may not actually be full, a bad drive can also sometimes present like that.

Steve

11
Yeah that^ pretty much.

The best you can do in FreeBSD/pfSense currently is 802.11N. If you want to try I recommend an older Atheros card:
https://wiki.freebsd.org/dev/ath_hal%284%29/HardwareSupport

I have seen reported connection speeds close to 300Mbps and actual throughput >200Mbps with an AR9380 based card. That's the best I've ever managed. Fine for most things with 1 user but...

Steve

12
Hardware / Re: Unstable connection PPP with Huawei E3372, E3272
« on: April 16, 2018, 06:57:55 pm »
Thanks for reporting back  :)

13
So the problem here is simply that the modem is not given enough time to initialise at boot?

You could try increasing the value of kern.cam.boot_delay or autoboot_delay in loader.conf(.local).

Steve

14
Hardware / Re: LAN Interface "In" errors
« on: April 16, 2018, 12:35:20 pm »
Hmm, that's fun.  ;)

I would also disable 'Hardware Checksum Offloading' if you have not done already.

Steve

15
Ah, so it did upgrade but only then showed that error...

It depends how far though the process you are. If you see the boot menu you can try booting to single user mode.

If not you might reach a shell from the error by escaping the script with ctl-c. No promises there though.

Steve

Pages: [1] 2 3 4 5 ... 850