pfSense Gold Subscription

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Smoothrunnings

Pages: [1] 2 3 4 5 ... 7
1
General Questions / Re: pfSense and Ubiquiti
« on: December 27, 2017, 08:16:05 am »
How many vpn users will you have that using radius to auth makes sense?  This is not a home setup I take it then?  Yeah Derelict is right what does the diagnostics auth section tell you?

I think I need to take a break from this fourm. Instead telling what I want or what I should do you should offer to help me to get there. This isn't directly at only you (Johnpoz) but everyone who has contributed to this thread what I want or should do. I have found myself having to fight a battle here which I should have to do.

Thanks,



2
General Questions / Re: pfSense and Ubiquiti
« on: December 26, 2017, 09:43:45 pm »
Is there a good walk through setting it up?

The stuff I have seen pre-dates pfSense 2.3.x and server 2008.

3
General Questions / Re: pfSense and Ubiquiti
« on: December 26, 2017, 03:41:17 pm »
What do you know about setting up pfSense 2.4.2 VPN (OpenVPN) using Windows 2016 NPAS for RADUIS?

I tried it once already and it didn't work out well.

Thanks,

4
General Questions / Re: pfSense and Ubiquiti
« on: December 26, 2017, 09:15:06 am »
the usg-3p could handle the 500/50 fine as long as it didn't turn the shaping which turns off the hardware offload.. If you left hardware offload on it handled the 500 without any issue..

If you want dpi, then just install the ntop package all the dpi you could want ;)  And pfsense also has layer 7 filtering back... with the snort package..
https://www.netgate.com/blog/application-detection-on-pfsense-software.html

It's not the same, I already have it installed. And I already have Ubuiqiti gear in my environment.

My environment now. The main switch on the backside and the UAP's are in the ceiling.
https://youtu.be/w8LTeGWgU8w


5
General Questions / Re: pfSense and Ubiquiti
« on: December 26, 2017, 08:43:38 am »
I am sorry to hear that you USG-3P couldn't hand your internet. My work friends own the USG-3P, I actually make fun of them not owning the Pro saying they aren't "PRO" enough! Anyhow one them has Rogers Gbit Fiber internet, granted switches max out at 1Gbit/sec the doesn't have any problems getting close to those speeds.

In the past when pfSense was version 2.3.x I was talking to guy on the USG forum who was trying to do what I looking to still do. He found that pfSense wasn't very good at it at the time and the only other firewall software that worked best was Sophos XG which he said was a walk in the park compared to doing it with pfSense. Now that we are on 2.4.x, and I have invested in my WatchGuard XTM 5 (put a faster CPU and 8GB of RAM in it) I would like to keep it a bit longer if that's possible. I have looked that Sophos XG documentation and for what I use pfSense for right now setting it up on the Sophos looks much easier than what I had to go through to get it setup this way. lol

I appreciate your offer on the USG-3P but it's not PRO enough for me. :P

And yes DPI is one of the things am interested in, and possibly VPN...but that's another project down the road.

Thanks,

6
General Questions / Re: pfSense and Ubiquiti
« on: December 25, 2017, 10:42:43 pm »
The USG is not anywhere near as capable as pfsense I'm afraid.

I have a USG, I install it and swap out the pfsense occasionally, then a day later put pfsense back in.

I have thought about using pfsense as the DHCP server, OpenVPN server, DNS server..... then USG do the rest.

Thanks for the info, but it doesn't really help me.

Thanks.

7
General Questions / pfSense and Ubiquiti
« on: December 24, 2017, 01:49:20 pm »
My network is mostly ubiquit except for my firewall which is a WatchGuard XTM (with 8GB of RAM and SSD) running pfSense 2.4 along with HAProxy.

I want the fuctionality of Ubiquiti and would like to buy a USG-Pro-4, i wonder if anyone has had some success connecting the two together, ideally I want (if possible) to put the USG first, and then let the internet traffic in/out go to the pfSense before hitting my network.

Thanks!!
 

8
Packages / Re: ntopng update?
« on: December 09, 2017, 07:41:20 am »
I am using pfSense v2.4.2, packages shows I have the latest ntopng installed v0.8.11, when I open ntopng I get a message that v3.2.0 is the latest version and I should download and update to it.

So is ntopng going to be updated in the pfSense packages anytime soon? It seems that v0.8.11 is fairly old if v3.2.0 is the latest.

Thanks

Go to your package manager and look at what you installed...you'll see as below...surprise!

I think you miss read my message maybe? How does 3.0.2 = 3.2.0?  :D ;) :P


9
Packages / ntopng update?
« on: December 08, 2017, 02:51:19 pm »
I am using pfSense v2.4.2, packages shows I have the latest ntopng installed v0.8.11, when I open ntopng I get a message that v3.2.0 is the latest version and I should download and update to it.

So is ntopng going to be updated in the pfSense packages anytime soon? It seems that v0.8.11 is fairly old if v3.2.0 is the latest.

Thanks

10
Installation and Upgrades / Upgrading to 2.4.0 from 2.3.4
« on: December 06, 2017, 07:24:25 pm »
I just want to know to if its safe to upgrade from 2.4.0 from 2.3.4 as I run HAProxy, LCDProc, and ntopng which I can't lose, especially HAProxy and all my 50 server settings.

Let me know,
Thanks,

11
Hardware / Re: Watchguard XTM 5 Series
« on: August 25, 2017, 10:57:26 pm »
On the WatchGuard XTM 5 motherboard do any of the pin-outs and or sockets support a VGA connector?

I have been looking on Google but nothing I see points to anyone investigating if a VGA connector can be connected to the motherboard or not.

Thanks,

12
Thanks pfBasic.
I wear quite a few hats that require regular non-administrative use of all subnets (one is subject to PCI) in our environment. To avoid having to keep half of a dozen towers by my desk, would VMs on maybe two desktops be advised/ secure with dedicated NICs per VM? Would a host-based hypervisor suffice, or should it be bare metal?

Thanks.

VMWare or Hypervisor would work.

13
1. does your modem give out an IP based on MAC address?
2. when take down your VLAN's on the laptop and plug in the modem to it does it work?
3. Are you able to ping the laptop over it's WAN and LAN vlans?

Sounds like you have reverse engineer the problem and check everything over. If your modem assigns an IP by MAC make sure there is a being broadcasted.

14
Installation and Upgrades / Update issues.
« on: July 28, 2017, 10:51:50 am »
So I am updated to the recent build of 2.3.x. I did this a fews ago not thinking I needed to check anything after it restarted. But as I am trying to access my web mail, anything else I realized since then no traffic has come in, no emails, nothing can't hit anything. Traffic does go out because when I have been home I have been able to do everything I normally do, watch my IPTV service, netflix, play wow or wows.

The last time this happen was when updated to the previous 2.3.x build. I had to and physically power cycle the firewall and go into it console and make sure everything was running. Previous updates prior to the recent and previous build would install/reboot the box and everything would be OK.

I am using a WatchGuard XTM 5 series, 4Gb of RAM, 256GB Curcial SSD.

I wonder if anyone else has experienced this with their hardware.

Thanks

15
General Questions / Having issues with RWW (RWA) connections
« on: May 01, 2017, 01:49:04 pm »
Since 2.3.3 I have been experiencing issues with my RWW connections. I have even reinstalled 2.3.3 P1 from scratch. I didn't have the problem with 2.3.2..

I use a Watchguard XTM 5 series firebox with a QC9450, 4GB of RAM and a 275GB SSD.
Making the initial connection works fine but every 3 or 4 minutes later the connection drops, then reconnects back to where I left off. I recently upgraded my switch from HP L3 to Cisco L3's. No difference, I don't experience the dropping from the network itself, only when I am on over the internet. The internet I am using is 250Mbps/20Mps. And it's idle during the day time when I am accessing my network from work.

As far for what I use on my Pfsense I am running HAProxy, LCD Proc, and that's all.

I wonder if anyone else is having this problem or if there is some known issue with the Pfsense 2.3.3 doing this?

Thanks,

Pages: [1] 2 3 4 5 ... 7