Netgate Store

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - silverhoof

Pages: [1]
General Questions / Openvpn gateway monitor always reads 100% loss
« on: February 07, 2018, 01:03:09 am »
The titles I think is self explanatory. Pretty much I have 2 seperate networks in my home, 1 for standard usage and the other for the purpose of international material, in this case a vpn for US multimedia in Canada. The connection works perfectly and speeds are not an issue nor is real packet loss. However the vertual gateway always reads 100% packet loss. I wanted to see if it was possible to use the monitor for real as the vpn I purchased restarts every day on there end at the same time roughly. Witch is not a problem at all for my needs. So down to the details

Network 1 (wan link to wimax antenna)
Network 2 (standard usage network)
Network 3 (US vpn network)
Network 4 (tunnel network)
Network 5 (vertual gateway network)

Openvpn is configured with the usual auto login profile downloaded from there server and the link works perfectly. My only question is if anyone has got an the monitoring to work properly

the over all final goal is that my isp uses 4G LTE with double nating and combining users to 1 dynamic ip (ie. 500 customers have the same public ip address). in turn i cannot access my servers properly without headache and instability. so my thought was to create a VPN access server with linode using debian 8 and connect my pfsense machine with a tunnel BUT... only send DMZ server network threw the vpn instead of all of it. i have tried modifying the NAT ruling on my side to try and send the LAN threw the original wan and the dmz network threw the OpenVPN port. but it seems no matter what i try, the OpenVPN virtual port will take full control of the WAN port and not allow anything threw (ie. when the modified rule is applied my dmz network indeed goes threw the vpn, but my lan network gets completely blocked)

OpenVPN / Specifying 1 network on 1 interface tunnels the whole network
« on: September 24, 2017, 04:02:05 am »
Hello so this is my delema. I have a linode server outside of Canada (Florida to be specific) now due to my ISP double NAT I beloved this might be a possible chance to bypass such an issue with the network I want to make available to the world (ie. My DMZ) now I have 4 networks on 4 seperate ports. My wan interface ( my standard home usage for family ( my dmz( and finaly my direct access for maintenance port via console ( I have applied the rules to assure these networks cannot speak to each other and as a added step my layer 3 switch has each of these networks (if using) on seperate vlans. The vpn successfully works with open vpn, the configurations all work and the handshake goes withought a hitch. However even though I specify the 2.0 network in the remote ipv4 section it tunnels the entire network. This is an issue due to online services that block vpn and antiblock connections or software. So my question is, is there an option or section I have missed that is doing this? Or is it a error in pfsense that specifying the network to tunnel doesn't actually matter and will run me the entire network regardless

Hardware / Fiber WAN
« on: September 07, 2017, 02:47:39 am »
Dell power 2950

2 8 core Intel xeons (not hyperthreaded) 3.2ghz
64gb of registered ecc ddr2 memmory
2 built in 10gb Ethernet jacks (seperate memory)
1 gigabit 4 port Ethernet expansion card (seperate cache and processor)
Raid 1 of 2 360gb 6000rpm sas drives
Isp: Rogers fiber
I'm planning on adding a sfp plus card for fiber from isp. Anyone have a hystory with this?

General Questions / Cant ping router
« on: March 20, 2017, 08:34:39 pm »
hello i cant manage to get a ping to hit or go threw my pfsense machine 2.3.3)
my isp placed a LTE antenna ontop of my home (witch i had to remount since they did the most idiotic job ive ever seen)
the anteena is forced to be in nat mode since they are beyond incompetent and have no idea how to set static IP for fixed wireless to there tower network (set up a DynDNS hostname)
i currently have the router on the DMZ and the firewall off anyway with "Redirect ICMP to host" on
i currently have this rule on both my LAN and WAN side
action: pass
Interface: (wan or lan depending on interface i set it to)
Protocol: ICMP
ICMP Subtypes: ANY
source: ANY
Destination: ANY

to assure it doesnt have anything to do with my ISP i atempted pinging the router from the antenna on my house ( pinging no success
i however can ping from within my network (lan rules same as above with lan as interface)
i also am incapable to pinging devices inside the network from the antenna but can ping devices outside the network from inside

main need for this is so i can both monitor my router and install my SSL certificates

Pages: [1]