Netgate SG-1000 microFirewall

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - chpalmer

Pages: [1] 2 3 4 5 ... 128
DHCP and DNS / Re: DNS resolution fails
« on: Today at 05:42:45 am »
McFrisch- Sorry I think I was trying to answer another post

JKnott and anyone else wondering-

Anything with an Intel Puma chipset has one of the problems mentioned.  The Puma 6 is the worst. 

Try this test..

Try running this-     Let it run for a couple of minutes and look at the tabular data.

Puma 6 modems on older firmware will show less than 100% results.  With my system I get 100% easily. I have Motorola MB8600 models all over the place. They are Broadcom chips and work flawlessly.  Ive had a couple of the Puma 6 models in hand and they tested as low as 70%.

Puma 6 modems with newer firmware have fixed this particular issue but still have all the other issues mentioned on DSLreports and the badmodems site.    Make sure you read and understand the issue.  If having these issues is acceptable to you then to each his own.

If you have one of these modems your fooling yourself if you think your not affected.

If you have a Puma 6 modem and are having DNS issues then you should look at the modem first.     Just over 8000 replies.

NAT / Re: Does NAT + real bonding work ?
« on: Yesterday at 10:41:55 am »

Are you sure they are not talking about bonding using your modem to bond the circuits?     Centurylink does that here in the states.  We have a circuit at one of our locations using a Technicolor C2000 bonding circuits in front of our pfsense router there..

Funny though-  Seemed like everyone in Canada could get an MLPPP circuit while we had to beg for ISP's here to do it.. Usually they would not.


DHCP and DNS / Re: DNS resolution fails
« on: February 21, 2018, 08:04:34 pm »

What model of cablemodem?

Not one on this list is it?

This is a common issue with systems behind these modems. 

NAT / Re: Issue with ClearSIP
« on: February 12, 2018, 11:20:25 am »

I generally tell people to put everything back to default (no port forwards/ no static ports..)

Instead make inbound firewall rules from the SIP server to the phones behind the firewall.   You will also want firewall rules that allow the RTP streams from whichever server(s) provide those streams inbound..

Also- if your phones are going out for a provisioning files then make sure you have /system_advanced_firewall.php   TFTP proxy set for your phone interface.
I can provide some screenshots of some of my sites here if you need..

Hardware / Re: WatchGuard XTM 5 pfSense 2.4
« on: February 02, 2018, 09:53:50 am »

No issues whatsoever on my XTM5 box here.   I use all 7 interfaces and have 8 site to site VPN's active on it.

Hardware / Re: Throughput Firebox X550E
« on: January 30, 2018, 11:00:34 am »
Is there a setting within pfsense that caps the throughput of the device?

No.  Watchguard did that in their software however. But that does not affect you now. Im not sure how you could get 380 running their stuff.

The ports are on a PCI bus so your limited to the speed of that bus.  Ive maxed mine out routing locally so I know they are capable of a bit faster than you are seeing.

Its been years so I don't remember the details but it was much faster than 100mbps.

NAT / Re: SIP issue - NAT or Siproxd ?
« on: January 21, 2018, 08:36:44 pm »

From scratch:

Do not do anything with NAT.

Simply make a firewall rule on your WAN with your PBX as the source and your ATA devices as the destination.

You can do it with two rules to single destination (one for each ATA) or one rule with your devices within the same range. 

Routing and Multi WAN / Re: How to setup a second LAN?
« on: January 11, 2018, 09:51:38 pm »
Enable it,

Mirror the "LAN" firewall "Allow all" rules on "OPT1".

Ive found that I have to go to "outbound NAT" and at least click "save".   YMMV.   (maybe a reboot will do.)

NAT / Re: NAT port forward - What am I doing wrong?
« on: January 11, 2018, 11:35:37 am »

Firewall on webserver?

Hardware / Re: Box with built in VDSL Modem?
« on: January 07, 2018, 11:33:52 pm »
This product is now EOL (discontinued)

Well..  it was nice while it lasted.

General Questions / Re: rack setup
« on: January 06, 2018, 06:52:06 pm »       ;)

or equivalent.

but here is were it gets crazy i was wondering if i could have several different dhcp's

Yes. One for every LAN you have if desired.

no it gets complicated i would also like to access my cctv via a vpn to use anywhere

Yes. Many do this.

Draw a picture of how you have this set up and talk about your ultimate goals. 

Hardware / Re: Hardware for a region with lot of power outages
« on: January 01, 2018, 07:00:24 pm »

I just did a build using a 12vdc capable device using a 24vdc to 12vdc regulator (Samlex) with a seriously big battery and charger (24Vdc) and its done us well so far. 

But even with the long outages the system has come back up fine.


You converted your WAN to LAB interface?

You have to disable all outbound NAT.

Pages: [1] 2 3 4 5 ... 128