Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - chpalmer

Pages: [1] 2 3 4 5 6
IPsec / Paloalto
« on: November 30, 2017, 11:26:46 am »

Anyone recently able to make a vpn connection (psk) between a pfSense box and a Paloalto box?

CARP/VIPs / WAN takes VIP as address after outage.
« on: November 20, 2017, 10:31:10 pm »

I have a box running 2.4.1 (this has happened for a while since at least 2.3 and maybe longer)

The box acquires its primary WAN address from the cable co. via DHCP..

I have one static IP address which I assigned as a VIP (IP Alias).

I had the WAN set to ignore DHCP from the modem address.  (Ive changed this as of two days ago so the WAN will get a 192.168.100.x address but hopefully correct after the lease runs out)

Intermittently if the cable goes down and has to restart the WAN will take on the VIP address causing the box to go offline.  It won't correct without manual intervention.   Im watching closely to see if my change above changes this.



Feedback / Survey
« on: November 15, 2017, 12:58:07 pm »
Guys:   I tried to do your survey but sorry its a PIA.   ;)

Well..  not really but 2.4.1 did install on every box just fine and is working as designed.   ;D

2.4 Development Snapshots / (Solved) IPv6 Kernel Panic
« on: August 05, 2017, 01:55:07 am »
 2.4.0.b.20170804.1136Looks like a recent change to IPv6 caused a kernel panic

Latest 2.4 snaps

OpenVPN logs during startup-

Code: [Select]
Syncing OpenVPN settings...done.
route: writing to routing socket: Invalid argument
route: writing to routing socket: Invalid argument
route: writing to routing socket: Invalid argument
route: writing to routing socket: Invalid argument

Continues for each openvpn session I have set up minus one..   VPN tunnels still work so just noise?

Seems to have started somewhat recently. No changes to my config from my end

General Discussion / LAN across routers
« on: June 15, 2017, 03:22:45 am »
I have a set of devices that will only work (communicate with each other) on a local LAN.  I want to place one device out on a remote site (behind router A) which crosses a few networks (all VPN and private) to get to the device on the other end (behind router Z) on the same subnet..

Possible scenario?

General Questions / Cable Modem Ethernet Cable Bonding
« on: May 27, 2017, 10:45:48 pm »

Has anybody made use of their "bondable" ethernet ports on their so equipped cable modem to a LAGG'd pair on their pfSense box?

What flavor a LAGG did you use?    My Motorola MB8600 is supposed to arrive tomorrow and Im just getting ready.

General Discussion / If you have one of these cable modems..
« on: February 25, 2017, 02:55:44 pm »
Arris SB6190
Arris TG1672G
Arris TM1602
Super Hub 3 (Arris TG2492LG)  (commonly - virgin media)
Hitron CGN3 / CDA / CGNV series modems:
Hitron CDA-32372
Hitron CDE-32372
Hitron CDA3-35
Hitron CGNV4
Hitron CGNM-3552 (commonly - Rogers)
Hitron CGN3 (eg CGN3-ACSMR) 2013 link
Hitron CGNM-2250 (commonly - Shaw)
Linksys CM3024
Linksys CM3016
TP-Link CR7000
Netgear AC1750 C6300 AC1900
Netgear CM700
Telstra Gateway Max (Netgear AC1900 / C6300) (Australia) 2014 link.
Cisco DPC3848V (eg High latency/ping to Shaw router? )
Cisco DPC3941B / DPC3941T  (commonly - Comcast Xfinity XB3)
Cisco DPC3939
Compal CH7465-LG / Arris TG2492LG (commonly - Virgin Media Hub 3)
Samsung "Home Media Server"

Read This-     Before you blame anything else on your network for erratic pings and lost packets..

2.4 Development Snapshots / IPv6 Gateway Monitoring shows pending
« on: January 30, 2017, 12:03:51 am »
Anybody else running a 6to4 tunnel..  Can you make gateway monitoring work?

Generally if the gateway wont answer..  2002:c058:6301::  add a 1 to the end 2002:c058:6301::1 and it should answer..

Im seeing Pending with 2.4  but working with 2.3 snaps.

General Discussion / Watchguard XTM330
« on: January 28, 2017, 11:54:46 pm »
Just picked up an XTM 330

Code: [Select]
U-Boot 2011.03 (Jan 20 2012 - 10:52:36)

CPU0:  P2020E, Version: 2.1, (0x80ea0021)
Core:  E500, Version: 5.1, (0x80211051)
Clock Configuration:
       CPU0:1066.667 MHz, CPU1:1066.667 MHz,
       CCB:533.333 MHz,
       DDR:333.333 MHz (666.667 MT/s data rate) (Asynchronous), LBC:33.333 MHz
L1:    D-cache 32 kB enabled
       I-cache 32 kB enabled
Board: P2020RDB
XTM330 P2020 334788 Jan 20 2012
I2C:   ready
DRAM:  Configuring DDR for 666.667 MT/s data rate
DDR: 1 GiB (DDR3, 32-bit, CL=6, ECC off)
Flash: 2 MiB
L2:    512 KB enabled
NAND:  512 MiB
*** Warning - bad CRC, using default environment

PCIe1: Root Complex of Slot 2, no link, regs @ 0xffe0a000
PCIe1: Bus 00 - 00
PCIe2: disabled
In:    serial
Out:   serial
Err:   serial
Net:   eTSEC1: No support for PHY id ffffffff; assuming generic
eTSEC3: No support for PHY id ffffffff; assuming generic
Init SW10 switch to forwarding mode.... Done
Init SW11 switch to forwarding mode.... Done

2.3.3 Development Snapshots / DNS Resolver Service
« on: January 14, 2017, 05:10:03 pm »

Not sure if I have done something weird in my config but for the last two weeks or so when I update to the latest snap or lose power to the unit I have to hit restart on my resolver service after bootup.   


2.3.3-DEVELOPMENT (amd64)
 built on Sat Jan 14 00:27:18 CST 2017
 FreeBSD 10.3-RELEASE-p15

Traffic Monitoring / traffic totals error (call this solved)
« on: December 22, 2016, 09:59:13 pm »

2.3.3-DEVELOPMENT (amd64)
 built on Wed Dec 21 15:29:53 CST 2016

Status Traffic Totals (1.2.1)  Package shows-

Error: {"vnstatversion":"1.15","jsonversion":"1","interfaces":[Error: Database load failed even when using backup (No such file or directory). Aborting.


2.3.3 Development Snapshots / Dashboard Traffic Graphs
« on: November 23, 2016, 08:56:24 pm »
Firefox v50 and Internet Explorer (windows 7)   

2.3.2-RELEASE-p1 (i386)
 built on Tue Sep 27 12:13:32 CDT 2016

When Im at the dashboard and allow the traffic graphs to populate switching to another tab and then back the traffic graphs are empty and start to populate over.

Is this by design?   I really want to be able to leave the page and still have them record so I can come back and view results.   I did search but found no references to this with my chosen search terms..   ;)

Pages: [1] 2 3 4 5 6