The pfSense Store

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - alex_london

Pages: [1]
1
Official pfSense Hardware / SG-3100 expected idle temperature
« on: November 06, 2017, 10:02:30 am »
Hi,

My pfSense is reporting an idle temperature of around 70 C, this is with load average of 0.16,0.18,0.17 and CPU of 10-15% (I guess this is being affected by my observation, as I have the web dashboard open which is obviously using up some cycles too).

Is this a "normal" temperature? It seems a little high for me, but I'm not familiar with the hardware...

On a related note - can anybody tell me the SNMP OID to monitor temperature?

Thanks,
-Alex

2
Official pfSense Hardware / SG-3100: How do I assign port(s) to a VLAN
« on: November 02, 2017, 07:51:22 pm »
Hi,

I've been setting up my new SG-3100, and I'm stuck trying to figure out how to properly set up VLANs and allocate port(s) to them.

Here's what I have so far:
  • WAN (mvneta2) - Directly connected to ADSL router 1
  • OPT1 (mvneta0) - Directly connected to ADSL router 2
  • LAN1 (mvneta1) - Connected to unmanaged switch
  • LAN2...4 (mvneta1) - Currently disconnected

Now I have a separate unmanaged switch that would be in my DMZ, and I'd like to assign LAN2 to a separate VLAN and configure an interface in the DMZ on that port (so I can configure WAN-to-DMZ and DMZ-to-LAN rules).

The onboard Marvel 6000 switch seems to not have any configurable options. I have created a VLAN on "mvneta1", but not sure where to go next - I need traffic on the 4 LAN ports (or at least on 1 of them) to be separate from the rest.

EDIT: I should add that I have found the Switch options pages, but these are all read-only; specifically the Interface/Switch/VLANs page, shows 5 groups, all configured as "Default System VLAN", with all 5 ports assigned to all of them (I assume 5 ports as 1 is the internal uplink port of the switch).

How would I go about doing this?

Thanks,
-Alex

3
SNMP / SNMP reporting incorrect (double?) the bandwidth usage
« on: November 01, 2017, 08:53:39 pm »
Hi,

I've just set up a new SG-3100, and using SNMP sensors in PRTG to monitor various statistics, including bandwidth. The reported bandwidth in PRTG seems to be double the actual use - I'm seeing 20Mbps where it should be closer to 10Mbps (I wish it was 20!).

I'm using a Multi-WAN setup, with policy-based routing, so I'm not doing anything fancy with load balancing etc. Both WAN links (WAN/mvneta2 and OPT1/mvneta0) seem to be exhibiting the same behaviour.

The RRD charts in the device itself seem to be correct.

Any thoughts?

Thanks,
-Alex

4
DHCP and DNS / DNS forwarder and resolution stopped working?
« on: September 23, 2014, 11:03:42 am »
Hi all,

I'm running pfSense 2.1-RELEASE with a single LAN and two WANs. I have DNS forwarder enabled on the pfSense and DNS servers configured as follows (in System --> General):
  • ISP1 Primary DNS - Use WAN1 gateway
  • ISP2 Primary DNS - Use WAN2 gateway
  • 8.8.8.8 (Google Primary) - no gateway
  • 8.8.4.4 (Google Secondary) - no gateway


For some reason, DNS resolution in my LAN has stopped working... it was on and off for a while, but now it's completely "broken", and I'm not sure why.

I can reach all 4 DNS servers from both inside the LAN and also from the pfSense itself - i.e. they are responding to ICMP ping.

But any domain lookups, whether from my LAN (using pfSense as the DNS resolver) or from the pfSense itself no longer work. I tried disabling the DNS Forwarder as a DNS server for the firewall (again in System --> General) and this still didn't change anything.

Here's the even stranger thing: Even if I set DNS servers on a PC on the LAN to Google public DNS it still fails with a timeout, as if the pfSense is blocking it!
Code: [Select]
> server 8.8.8.8
DNS request timed out.
    timeout was 2 seconds.
Default Server:  [8.8.8.8]
Address:  8.8.8.8

> www.google.com
Server:  [8.8.8.8]
Address:  8.8.8.8

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to [8.8.8.8] timed-out

Ping to the above IP is fine from inside the LAN, as is access to DNS itself from WAN, as I have checked from a server that is running "outside" the pfSense and connected directly to the ADSL modem/router. This is the case for all 4 DNS servers on both WAN connections.

I of course tried the usual, stop/start DNS forwarder, disable it completely, restarted pfSense etc... also, I checked and I'm not blocking (as far as I can tell) DNS IPs/ports in the firewall rules. Nothing has changed there for quite some time...

I'm stumped, any help would be appreciated!!!

Thanks,
-Alex

5
NAT / Static route & NAT to secondary LAN gateway
« on: September 19, 2014, 06:03:30 pm »
I'm not sure if the subject is accurate for what I'm trying to do, so I'll explain it...

My LAN is on 192.168.2.0/24. I have two WAN interfaces, connected to separate ISPs and pfSense is my default gateway for all devices on the 192.168.2.0/24 subnet.

There are some remote networks I need to reach via PPTP. Since pfSense cannot act as a PPTP client (or maybe I'm too dumb to figure out how to do it!), I have setup a Linux VM which is running pptp client and it does connection sharing and NAT via iptables. The VM is on 192.168.2.253, and one of the remote networks I'm connecting to via PPTP is on 10.20.30.0/24.

I have set a static route on all PCs to send traffic to 10.20.30.0/24 via the 192.168.2.253 gateway, and this is working just fine...


Now, I want to avoid having to configure the route on all LAN devices (there are 3 VPNs currently, so 3 routes per device), so I was wondering if I could do this using the pfSense instead.



So far on pfSense I've been able to:
* Create a gateway on the LAN interface, with IP 192.168.2.253
* Add a static route for 10.20.30.0/24 with the above gateway

I can ping devices on the 10.20.30.0/24 from the pfSense diagnostics page only... doing so from any other device on the LAN doesn't work. I suspect I need to force the pfSense to NAT the traffic to it's inside IP address (192.168.2.254) before routing it via the pptp gateway (192.168.2.253).

The only thing I could think of was to try adding a firewall rule on the LAN interface to do this (i.e. any traffic to 10.20.30.0/24 should use gateway 192.168.2.253), but that didn't work.

Any thoughts?

Once I can get one of the remote networks to connect, I'll just copy the configuration for the other two...

Thanks!

-Alex

6
Installation and Upgrades / pfSense 2.1 for Netgate 2D3?
« on: October 19, 2013, 02:09:59 pm »
Is there a pfSense 2.1 update for the Netgate 2D3 yet? I haven't been able to find one in the netgate subfolders in ftp (latest is 2.0.3). Is there a generic Alix file I can use instead?

Thanks!

-Alex

Pages: [1]