Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - stephenw10

Pages: [1] 2 3 4 5 ... 853
1
Installation and Upgrades / Re: Disk Full After Upgrade
« on: Today at 06:51:47 pm »
Which part does it actually show as full?

I assume you installed with no swap slice?

If you have RAM to spare you might try moving /var and /tmp to RAM drives in System > Adv. > Misc.

Steve

2
The default console speed has been 115200 for a while now. Since 2.2 at least. But if you updated from an older version it might have been 9600 and it keeps that setting.
Some people set it to that to match the BIOS output so they can see the full boot sequence.
The ALIX board had a default BIOS speed of 38400 and pfSense shipped with it set to match on that hardware.

Steve

3
Hardware / Re: Huawei ME909S-120 setup help needed
« on: Today at 04:09:25 pm »
So no 3gstats.php line in the system log or actual numbers in Status > Interfaces?

That only works with Huawei cards and only some if them AFAIK. I have nothing to test with.

Steve

4
General Questions / Re: Link Alias to existing table
« on: Today at 09:57:45 am »
What table are you wanting to use in a rule that doesn't exist as a an alias out of interest?

Steve

5
Official pfSense Hardware / Re: X-1537 temperature issues
« on: Today at 09:16:52 am »
Those cards always run hot. 55░C is the maximum ambient temperature not the on-die temperature the sensor is measuring. That looks like a normal value.

The sensors widget is configured with nominal values it doesn't the orange/red limits from anywhere. You can reconfigure those if you wish.

Steve

7
Hardware / Re: Watchguard XTM 5 Series
« on: Today at 08:31:52 am »
Did you add the code to set the ARM LED red? Don't think I can live without that now.  ;)

Steve

8
Hardware / Re: Huawei ME909S-120 setup help needed
« on: Today at 07:08:54 am »
Mmm, well the recent parts of that log mostly look good. For example in your last connection attempt:

Code: [Select]
Apr 24 18:56:06 pfSense ppp: [wan] IPCP: SendConfigReq #3
Apr 24 18:56:06 pfSense ppp: [wan]   IPADDR 0.0.0.0
Apr 24 18:56:06 pfSense ppp: [wan]   PRIDNS 0.0.0.0
Apr 24 18:56:06 pfSense ppp: [wan]   SECDNS 0.0.0.0
Apr 24 18:56:06 pfSense ppp: [wan] IPCP: rec'd Configure Nak #3 (Ack-Sent)
Apr 24 18:56:06 pfSense ppp: [wan]   IPADDR 10.96.148.91
Apr 24 18:56:06 pfSense ppp: [wan]     10.96.148.91 is OK
Apr 24 18:56:06 pfSense ppp: [wan]   PRIDNS 10.4.149.70
Apr 24 18:56:06 pfSense ppp: [wan]   SECDNS 10.5.133.45
Apr 24 18:56:06 pfSense ppp: [wan] IPCP: SendConfigReq #4
Apr 24 18:56:06 pfSense ppp: [wan]   IPADDR 10.96.148.91
Apr 24 18:56:06 pfSense ppp: [wan]   PRIDNS 10.4.149.70
Apr 24 18:56:06 pfSense ppp: [wan]   SECDNS 10.5.133.45
Apr 24 18:56:06 pfSense ppp: [wan] IPCP: rec'd Configure Ack #4 (Ack-Sent)
Apr 24 18:56:06 pfSense ppp: [wan]   IPADDR 10.96.148.91
Apr 24 18:56:06 pfSense ppp: [wan]   PRIDNS 10.4.149.70
Apr 24 18:56:06 pfSense ppp: [wan]   SECDNS 10.5.133.45
Apr 24 18:56:06 pfSense ppp: [wan] IPCP: state change Ack-Sent --> Opened
Apr 24 18:56:06 pfSense ppp: [wan] IPCP: LayerUp
Apr 24 18:56:06 pfSense ppp: [wan]   10.96.148.91 -> 10.64.64.0
Apr 24 18:56:07 pfSense ppp: [wan] IFACE: Up event
Apr 24 18:56:07 pfSense ppp: [wan] IFACE: Rename interface ng0 to ppp0

The modem is responding and connecting. You are getting an IP address, gateway and DNS servers from the other end. All good.  :)
It's a private IP so your provider is using Carrier Grade NAT which is common for 3G/4G.

This looks like your pings are just being blocked. Do you have a current contract? Or credit available if not on contract?
Code: [Select]
76 bytes from 203.50.108.47: Communication prohibited by filter
Try connecting to a web page across that link, does it ger redirected to Telstra's 'give us more money' page?

The ^HCSQ command should give you the signal strength.
It appears the first value there after "LTE" is the lte_rssi with higher numbers being better.

You might be seeing that output on cuaU0.2 because pfSense is already running 3gstats against it. Check the system log when you connect for an line like:
Code: [Select]
php-fpm xxxxx /interfaces.php: Starting 3gstats.php on device 'cuaU0.2' for interface 'opt2'If it's there you might see the stats in Status > Interfaces.

Quote
Picture this - there's me and my fiancÚ in the upstairs bedroom testing this new router with dual (mimo) 16dBi yagi antennas about 1 meter long, fastened to the vacuum cleaner nozzle, pointing it out various windows in an effort to attract some 1800mhz packets.
We're gonna need a photo!  ;)

Steve


9
.....and there's the confusion!  ;)

But that's especially confusing. Good to know.  Thanks.

Steve

10
General Questions / MOVED: Unlocking USB Modems
« on: Yesterday at 10:55:39 am »

11
Hardware / Re: Huawei ME909S-120 setup help needed
« on: Yesterday at 06:43:57 am »
You need to leave a space between clog and the -f argument for answer 3. See:
https://doc.pfsense.org/index.php/Why_can%27t_I_view_view_log_files_with_cat/grep/etc%3F_(clog)

That gateway is probably being given to you be you provider. Cellular carriers often use private IPs for their gateway or even CGN. It looks it doesn't respond to ping. If you have internet access via that you might set the monitoring IP to a different address or disable monitoring. It pings twice a second by default which can eat data over time. That configurable though.

Steve

12
Hardware / Re: xg7100 configure ix0 and ix1
« on: April 22, 2018, 09:00:52 pm »
If those are 1Gbps switches/ports you'll need to set the link speed to 1G in the interface settings. It should link up no problem then.

Steve

13
General Questions / Re: PfSense VLAN + switch tagging trunk questions
« on: April 22, 2018, 06:21:46 pm »
Much of the confusion here is due to the different terminology and subtle differences in the way settings are applied between manufacturers.

The term trunk port or trunk connection is actually a Cisco term I believe but has come to be widely used to mean a link/port carrying tagged VLAN traffic, usually multiple VLANs but doesn't have to be.

I like to think of it like this, effectively there are three options for traffic on a VLAN leaving a switch port:

Tagged; the packet leaves the port with VLAN tags. Trunk port.

Untagged; the VLAN tags are stripped when the packet leaves the port. Access port. The PVID would almost always be set to that VLAN to re-tag the packets coming back in.

Excluded; packets from that VLAN are not permitted to leave via that port.

And indeed some switches mark the ports exactly like that which I always found the easiest to read. At least some HP switches are like that but lower end maybe...

It is better to avoid untagged and tagged traffic on the same link if you can. It's easy to make mistakes doing that. Some switches can behave unexpectedly. However it is valid.

The definitions between trunk port and access port blur when you have a port that is tagged on some VLANs but untagged on another.

They blur even further when you have multiple VLANs untagged on one port! Many (most?) switches won't allow that and it's of 'limited' use.  ;)

My own exposure to different switches is limited, open to thoughts on that.

Steve

14
Good to hear, thanks for the feedback.  :)

Steve

15
General Questions / Re: PfSense VLAN + switch tagging trunk questions
« on: April 22, 2018, 01:34:50 pm »
Yes the switch port should be a trunk connection to carry multiple VLANs.

You don't need to do anything in pfSense to mark it as trunk. The interface serving as the VLAN parent will always send the VLAN packets tagged.

Steve

Pages: [1] 2 3 4 5 ... 853