Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Smoothrunnings

Pages: [1] 2
General Questions / pfSense and Ubiquiti
« on: December 24, 2017, 01:49:20 pm »
My network is mostly ubiquit except for my firewall which is a WatchGuard XTM (with 8GB of RAM and SSD) running pfSense 2.4 along with HAProxy.

I want the fuctionality of Ubiquiti and would like to buy a USG-Pro-4, i wonder if anyone has had some success connecting the two together, ideally I want (if possible) to put the USG first, and then let the internet traffic in/out go to the pfSense before hitting my network.


Packages / ntopng update?
« on: December 08, 2017, 02:51:19 pm »
I am using pfSense v2.4.2, packages shows I have the latest ntopng installed v0.8.11, when I open ntopng I get a message that v3.2.0 is the latest version and I should download and update to it.

So is ntopng going to be updated in the pfSense packages anytime soon? It seems that v0.8.11 is fairly old if v3.2.0 is the latest.


Installation and Upgrades / Upgrading to 2.4.0 from 2.3.4
« on: December 06, 2017, 07:24:25 pm »
I just want to know to if its safe to upgrade from 2.4.0 from 2.3.4 as I run HAProxy, LCDProc, and ntopng which I can't lose, especially HAProxy and all my 50 server settings.

Let me know,

Installation and Upgrades / Update issues.
« on: July 28, 2017, 10:51:50 am »
So I am updated to the recent build of 2.3.x. I did this a fews ago not thinking I needed to check anything after it restarted. But as I am trying to access my web mail, anything else I realized since then no traffic has come in, no emails, nothing can't hit anything. Traffic does go out because when I have been home I have been able to do everything I normally do, watch my IPTV service, netflix, play wow or wows.

The last time this happen was when updated to the previous 2.3.x build. I had to and physically power cycle the firewall and go into it console and make sure everything was running. Previous updates prior to the recent and previous build would install/reboot the box and everything would be OK.

I am using a WatchGuard XTM 5 series, 4Gb of RAM, 256GB Curcial SSD.

I wonder if anyone else has experienced this with their hardware.


General Questions / Having issues with RWW (RWA) connections
« on: May 01, 2017, 01:49:04 pm »
Since 2.3.3 I have been experiencing issues with my RWW connections. I have even reinstalled 2.3.3 P1 from scratch. I didn't have the problem with 2.3.2..

I use a Watchguard XTM 5 series firebox with a QC9450, 4GB of RAM and a 275GB SSD.
Making the initial connection works fine but every 3 or 4 minutes later the connection drops, then reconnects back to where I left off. I recently upgraded my switch from HP L3 to Cisco L3's. No difference, I don't experience the dropping from the network itself, only when I am on over the internet. The internet I am using is 250Mbps/20Mps. And it's idle during the day time when I am accessing my network from work.

As far for what I use on my Pfsense I am running HAProxy, LCD Proc, and that's all.

I wonder if anyone else is having this problem or if there is some known issue with the Pfsense 2.3.3 doing this?


IDS/IPS / Will snort work?
« on: April 13, 2017, 08:17:52 am »

I am just wondering if I have HAProxy installed on my firewall if Snort will work along side it too, or do I need to worry about anything?


Ntopng - When you select it in the diagnostics the GUI should open the location in a new tab under IE11 and Google Chrome, instead of opening in the same tab. It gets a bit annoying when you have to open a new tab and re-connect to the pfSense firewall.

Thanks in advanced,

Traffic Monitoring / ntopng not working - pfSense 2.3.3-p1
« on: March 12, 2017, 08:45:15 pm »
I just installed ntopng and it doesn't show up in services nor status. Installed packages shows me that 0.8.6_1 is installed.

Any ideas?

Installation and Upgrades / Time Zone change?
« on: March 03, 2017, 05:11:15 am »

Is there any way from the GUI to change the time zone? It looks like by default the time zone is set so that my pfSense is about a day ahead when I do a quick install. I looked through the system menu options minus the setup the wizard and didn't an option nor did I see one in the NTP services.

Thanks in advanced,

Cache/Proxy / no traffic on HAProxy.
« on: February 11, 2017, 07:36:13 am »
After following this with adding my own URL and server IPS:

And removing the NAT/Rules from my pfSense for port 443 all traffic on port 80, and 443 cloud protected or not doesn't even hit HAproxy. When I turn the proxy off, and create my HTTPS/HTTP NAT rule to any one of my 3 servers and test again from an external source I am able to hit the servers.

The only thing that might be causing it from what I can see is that I am using the Dev Snapsot 2.3.3?

Thanks for your constructive help in advanced.


Cache/Proxy / how do I fix this error in HAProxy?
« on: February 10, 2017, 10:06:14 pm »
[WARNING] 041/090521 (61632) : Setting tune.ssl.default-dh-param to 1024 by default, if your workload permits it you should set it to at least 2048. Please set a value >= 1024 to make this warning disappear.

I am running HAProxy 1.7.1


Cache/Proxy / questions about haproxy
« on: February 05, 2017, 10:04:12 am »
Hey everyone,

So I want to use HAProxy in a 1 IP multiple backends.

So for instance, right now I have an Exchanges 2013 server running, I will be adding a Web server soon, and possibly an RWW server.
I know exchange uses two IPs on 443, webmail and autodiscover.

1. is HAProxy support under CARP because I want to setup a failover system for my firewall.
2. I am not too clear on this but does HAProxy use host headers to redirect the traffic? I have watch whatever youtube videos I could find but nothing make it clear.
3. does HAProxy take over the NAT? Can I still have NAT rules in place for other things, like SMTP?
4. I use Cloudflare to manage my NS records, they also provide an SSL services that injects the SSL cert into the URL so you don't have any issues with having to buy serveral certs or a wildcard. Will this be a problem with Haproxy?

And is there any good how-to, step by step, videos or sites to setup HAProxy with 1 IP frontend and multiple backends?


2.3.3 Development Snapshots / services not starting up on reboot
« on: February 05, 2017, 09:45:33 am »
Is there anyway to get some consistency with the services when a new firmware is applied and the firewall is restarted that they turn on automatically instead of me having to go in and turn them on manually?

Initially when I installed 2.3.3 snapshot it was a problem, then I came here and mentioned something, then after a patch or two I noticed the services coming on by themselves after apply and rebooting, now its back to me having to turn them on manually. :(


Traffic Shaping / IPTV services
« on: January 31, 2017, 05:45:27 am »
Would it be possible to add a option under the set application priority for IPTV services?


Traffic Monitoring / ntop question
« on: January 14, 2017, 08:51:04 pm »
Is there anyway to reduce the number of alerts that ntop picks up?


Pages: [1] 2