Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - AndroBourne

Pages: [1]
1
Feedback / Logging Features
« on: July 19, 2017, 08:35:06 am »
I first wanted to say thank you for your hard work in working on PFSense and having a completely free version of a true firewall!

I'd like to make a suggestion, and that is to rework the logging system. As of now it is decent, but I from experience with other firewalls such as Watchguard, its logging manager is really nice. It gives a little more details about the packet and even color coordinates packet types (drops, allowances, losses) etc... it makes it WAY easier to work out the logs for quicker issue resolutions!

I would love to see this become a feature in PFSense logging. It's really the only department I feel is lacking in features.

Here is just an example.


2
General Discussion / Intel X5670 Questions...
« on: July 18, 2017, 05:50:58 pm »
So this is a werid one.

I have a Supermico X8DA3 server. I just upgraded from E5580 2x cpus to the fastest CPUs I could get for the server that was still at 95wts power usge. That is the X5670 @ 2.93GHz.

I had to update the firmware on the BIOs to get it to post but it works. Updated from ver1.0 to R2.1A.

When I check in computer properties, I get the following "Intel Xeon CPU X5670 @ 2.93GHz 2.26GHz (2 processors)

When I check in task manager. I see the same thing expect "Maximum speed: 2.26GHz".

Any idea what gives? The board is compatible with the CPU, BIOS was recently updated etc... it even shows the CPU @ 2.93Ghz... so why is maximum speed stuck at 2.26Ghz???

I looked online and can't find anything on this... its weird.

Any ideas?

The bios was flashed so it was reset to defaults during the upgrade. I only changed IDE mode to SATA to get array functional again... no other changes have been made.


3
Packages / ACME Pkg Questions
« on: July 18, 2017, 11:05:22 am »
Hi guys,

I have a few questions about the ACME package usage. I'd like to create a Let's Encrypt cert for the Web UI because it is open for WAN management. (on a non standard port and forced https connection)

1. I already have a Let's Encrypt certificate running on a web server behind the firewall. If I apply the cert to the pfsense box, will it in any way clash with my existing cert on the webhost? (both will be using the same domain name).

2. What authorization method should I use? I was following this post. https://blog.artooro.com/2017/02/16/quick-easy-lets-encrypt-setup-on-pfsense-using-acme/ and leaning toward "standard" however. It stated 80 and 443 need to be forwarded to the PFSense box during the time of authorization to properly take place. If I have a webhost running on those ports, couldn't that create an issue with my websites? Should I try doing the DNS-Manual instead? Will DNS-Manual work for auto renewals?

3. If I already have the webhost with the certificate, is there anyway I can just simply import the cert for the PFSense? (I'm guessing issue here is that it would be a manual process to have to renew it on the PFSense box once it auto renews on the webhost?)

Any ideas here on a good method to deploy this? I really just need to to help secure my https traffic to PFSense Web UI.

4
Gaming / Gaming time out every 2 hours on the dot...
« on: May 29, 2017, 07:29:35 pm »
I havn't had a chance to test it with many other games. But I've been playing Ark a lot lately and noticed that I keep getting time outs. I'll run a continous ping check and time it. Every 2 hours on the dot I get a row of 4 packet loses in a row and my Ark client times out.

I have troubleshooted local hardware, including switch and NIC etc... I left the continous ping running all day long and came back to a 0% packet loss. It seems to only happen when I'm playing Ark.

I have it feeling it might have to do with how packets are handled. I'm trying to set my NAT from auto to manual and see if that makes a difference. But while I'm testing that... anyone else have any recommendations?

And yes. I have the game ports forwarded.

5
Packages / Snort & Firewall IP to Resolve to DNS?
« on: May 24, 2017, 10:22:05 am »
Is it possible to force PFSense logging for firewall and Snort logs to resolve IP to DNS name automatically?

6
General Questions / Order of Operation - Port Exceptions Help!
« on: May 24, 2017, 09:55:55 am »
Hi guys,

I've been using PFSense for the last year. However, I'm actually Watchguard certified so this is a big change for me. I'm still getting a handle on how a few things function in PFSense compared to a Watchguard. My issue here is with Port Exceptions and Order of the exceptions.

Here is my issue.

I have a web server on one device that has ports 80 and 433 open in the firewall so I can access webpages.

I also have a PS3 on the network. According to Netflix. It suggesting opening ports 80 and 443 as well. (I'm currently getting random "there was a problem playing this title" when I'm half way through movies etc...)

However, when I open port 80 and 443 for my PS3 which is on a static IP. Netflix works fine but I can no longer access my website on those ports.

I changed the order of operations and moved PS3 to the bottom of my port forwarding rules and the web server to the top of my rules. Saved the changes and nothing.

In order to restore my web server. I had to remove ports 80 and 443 exceptions from the PS3 policy. However, now I'm back to having the time out issues with Netflix.

With a Watchguard. As long as the order of operation was in place (ie, placing them in the correct order in the policy list) would normally resolved this issue. However, it doesn't seem to function this way with PFSense.

Any idea why? Ideas?

7
Installation and Upgrades / Slow Download Speeds After Moving to PFSense
« on: August 08, 2016, 11:46:17 am »
Hello all,

I was previously using a Linksys AC router and receiving 150mpbs by 20 mpbs speeds. But due to me hosting a webserver from my home I decided to increase my firewall protection and go with a PFSense firewall. However, I wanted to test it out to ensure it is suitable for my needs before purchasing a standalone unit to run PFSense on. So I have installed PFSense as a VM on my SuperMicro server.

I'm able to get it up and running without much issues however, ever since I've removed my old Linksys and started using PFSense, my download speeds at stuck at 17mpbs rather then the 150mpbs I was receiving before. (and now it should actually be more like my full 200mpbs speeds, due to Linksys hardware limits which is one reason why I was trying to upgrade to PFSense) This is with a blank PFSense configure mostly.

I do have my modem in bridge/pass-through mode so all traffic is being handled directly by the PFSense firewall. WAN is a DHCP address so no static info is needed to make the WAN function properly.

I thought the issue may have been with the broadcom netxtreme gigabit NIC I had in my server. So I went out and purchased an Intel Pro/1000 Duel Port 1GB NIC and reinstalled PFSense using this NIC instead. But I'm still receiving the same problems.

I figure my server may have come into question. However I don't know how, because the server specs are far beyond what is required for a PFSense unit.

My server is the following:

Supermicro X8DA3
Intel Xeon E5520 @2.26GHz X2 (2 processors)
32GB UCC Memory
Raid 10
Windows Server 2012 R2 Standard

I'm using Hyper-V for my VM platform. I have installed PFSense using the VM guide including correct settings for my NIC interfaces (which shows is correctly configured as I would have no internet access at all if it wasn't).

Settings I have dedicated to my PFSense install is the following:

4 Cores
4gb memory
40gb hard disk space

I have read online that some users had issues with bridged mode on the router with PFSense but that doesn't make sense to me as a normal firewall configuration for ANY firewall should be to place the ISP modem into bridge/pass-through mode to allow the firewall to handle all the traffic and avoid double NATing. I do not believe that is my issue. (plus it works fine with the Linksys router in the same mode).

I followed the tweak guides and have increased jumbo and standard NIC frames etc... and disabled the recommended settings for my NIC just to be safe. I have also played around with MTU settings. No changes.

Any ideas?

Pages: [1]