pfSense Gold Subscription

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - johnpoz

Pages: [1] 2 3 4 5 ... 952
Its never had anything to do with pfsense at all ;)  dns problem give you that, but it was never something specific to pfsense.

Like I said something not right with their dns.. you shouldn't point to different stuff like that..  if you going to use a CDN fine, but it sholdn't point to different cnames and have ones that just do one and then others than have 3 in a daisy chain, etc..

Firewalling / Re: Cannot access emails via Outlook
« on: Yesterday at 10:31:09 am »
And all of those are different.. Gmail setting are different than MSN, Hotmail - etc...

What part is not working??  For all we know your putting in the wrong username password info, etc..

What is not working.. Like telling you firefox is not working.. Does that help you help me??  What are the account settings you have in outlook.. What are you exact firewall rules? Post a screen shot of them..  What other packages if any do you have? pfblocker?

What error does outlook give exactly.. So your saying non of your email accounts work?  Not hotmail, not gmail, not Outlook?  Allow of those have web interfaces?  Do those work?  Did you enable say imap access?

Firewalling / Re: Cannot access emails via Outlook
« on: Yesterday at 08:49:55 am »
"Snort was blocking anything and everything."

Which you didn't mention either.. Again zero info to go off of.. Sorry bout office 365 outlook doesn't use all those ports..  Where exactly are you going for your outlook...

These really should be the only ports and dest needed to be open.

inbound mail 993
outbound  mail 587

General Questions / Re: SVL 3 Problem
« on: Yesterday at 08:44:31 am »
what version of pfsense did you install.. I don't see how proxy would be even attempting to use ssl3

And you shouldn't even be doing proxy of https anyway..  You can filter it for the connect but the client should be end to end for https - mitm middle opens up a whole can of worms from privacy and security points of view.

General Questions / Re: speed
« on: Yesterday at 07:12:55 am »
combine load balancer
  As BlueKobold mentions, doesn't work that way..

You can for sure load balance across those connections... But you would need multiple clients or client doing multiple sessions to different places to load them all up to see your max..

No single client is going to go to some site like a speedtest and see all of them loaded up...

So lets ask again - how are you trying to max out all of your connections at the same time to see total bandwidth, etc.

Here is the simple solution.. You need a fatter pipe, then get a fatter pipe.. Trying to load up a bunch of smaller pipes doesn't do what your thinking..

Firewalling / Re: HTTP filtering based on user agent
« on: Yesterday at 07:04:48 am »
What is your webserver running.. Its possible to do this with a simple .htaccess, nginx also has simple way to block bots and useragents, etc.

DHCP and DNS / Re: DHCP not working
« on: Yesterday at 06:49:14 am »
If dhdpd is running - did it ever see a dhcp discover?  It would log seeing the discover.. Or sniff are you seeing any discover?  With the right vlan set, etc.

you didn't duplicate my test - everyone of those queries is to the same ns

My would you point to that one - its not the SOA

;; ANSWER SECTION:              3600    IN      SOA 214840 3600 600 604800 60

Their dns seems to be a MESS if you ask me.. Their SOA is not even listed as one of the NS for the domain..

Why would you pick that one to query?  Is one of the ones missing from the RRset

The following NS name(s) were found in the authoritative NS RRset, but not in the delegation NS RRset (i.e., in the com zone):,

I would just use a override pointing say google or something until they fix their mess.

General Questions / Re: SVL 3 Problem
« on: Yesterday at 06:36:28 am »
Who would still be using slv3 ??  Been dead for years ;)

That site only gets a C btw..

Firewalling / Re: Cannot access emails via Outlook
« on: Yesterday at 03:33:54 am »
Or is he talking about downloading his emails to the software outlook from his isp email server via pop? or imap?  Or some other mail server somewhere?

The allow ports thing means zero since out of the box there is any any on lan outbound..

So if you want some help your really going to need to provide actual info to work with.

Firewalling / Re: Blocked udp 67 (DHCP) on wrong network?
« on: November 19, 2017, 07:19:38 pm »
How is traffic being blocked inbound to pfsense interface from itself?

Are you blocking outbound via a floating rule?

General Questions / Re: speed
« on: November 19, 2017, 10:28:58 am »
And how exactly are you trying to max it out?

General Questions / Re: speed
« on: November 19, 2017, 08:25:23 am »
Any info to work with.. How exactly are you trying to max this out...

So your thinking you should see 520Mbps?  How are you thinking your going to get there - how many clients, how many sessions?

what hardware are you on for pfsense..

Hardware / Re: USB NIC or managed switch?
« on: November 19, 2017, 07:34:27 am »
"I just realized the machine I bought for pfsense has only 1 NIC"

Some other advice would be just to return it and get something that has the correct amount of nics you need to support your network for the performance you want/need..

Yes you can vlan on a nic.. But this is never a max "performance" choice.. Because any inter vlan traffic is now a hairpin.  So if your going to do a wan/lan on same physical nic you just cut your possible available bandwidth in half. Not an issue if your internet is low... But as you get higher speeds you could have problem with full speed between intervlans..

All vlans on physical interface share the bandwidth of that interface..  If you think your going to get get gig between your 2 vlans on the same physical nic, think again..

Pages: [1] 2 3 4 5 ... 952