Netgate Store

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - pbnet

Pages: [1] 2 3 4 5
1
Replaced cable on BCE2 (CAT7) --> same issue
I finally changed the port to BCE1 and everything is back to normal (had to force the port in 1000BaseT from PFSense though).

Thanks.
Andy

2
Hello,

I've just upgraded from 2.4.3 to 2.4.3_1 on a Dell R710 (using BCM5709 hardware).
Now my LAN (holding 2 VLANs) cannot negotiate more than 100Mbps.

Any hints/ideas/suggestions ? Tomorrow everybody in the company will probably kill me when they'll see the "improved" speeds from 1Gbps internet down to 100Mbps :)

Any help will be greatly appreciated (and will help me in keeping my job :) )

Thanks.

L.E

I have 4 Gigabit Ethernet ports on the Dell 710

BCE0 --> WAN (PPPoE)
BCE1 --> not used
BCE2 --> LAN (VLAN5) ---> only negotiates @ 100Mbps
BCE3 --> LAN (VLAN10) ---> negotiates OK @ 1000Mbps

Still waiting for ideas... thanks

3
Thanks for confirming that I'm not the only one experiencing the issue.

I wonder if Mr.  Ivor Kreso who wrote the official article is among the forum's readers/admins.


4
DHCP and DNS / DNS over TLS with CloudFlare not working for LAN hosts
« on: April 04, 2018, 02:18:50 am »
Hello,

I've followed this article: https://www.netgate.com/blog/dns-over-tls-with-pfsense.html and now none of the Windows or Linux machine on my 2 VLANs are able to perform DNS resolution.

If I don't use the custom settings
server:
ssl-upstream: yes
do-tcp: yes
forward-zone:
name: "."
forward-addr: 1.1.1.1@853
forward-addr: 1.0.0.1@853

Everything works fine, but IMHO it doesn't use TLS anymore.

Any hint/idea would be greatly appreciated.

Andy.

5
it also had issues when upgrading to 2.4.2 it seems :(

https://forum.pfsense.org/index.php?topic=140718.0


6
General Discussion / Re: Bogons if ISP has private IP addresses
« on: March 12, 2018, 03:45:24 am »
Thanks a lot !!!

Andy

7
General Discussion / Bogons if ISP has private IP addresses
« on: March 12, 2018, 02:24:23 am »
Hello everybody,

Sorry if I posted in the wrong area, but I didn't know where exactly to put the question.

My ISP is using some private IP addresses in its network and I'm wondering if blocking bogons on PFSense's WAN interface can cause issue.
To have an idea, here is a traceroute:

Tracing route to www.pfsense.org [208.123.73.69]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  172.17.77.100 --> PFSense Box
ISP Traffic below:
  2     1 ms    <1 ms     1 ms  10.0.0.1
  3     2 ms     1 ms     2 ms  10.30.0.145
  4    39 ms    39 ms    43 ms  10.220.134.206
  5    40 ms    40 ms    45 ms  ge-2-1-0.mpr1.lhr2.uk.above.net [195.66.224.76]
  6    41 ms    40 ms    40 ms  ae11.mpr2.lhr2.uk.zip.zayo.com [64.125.30.52]
  7   139 ms   139 ms   139 ms  ae27.cs1.lhr11.uk.eth.zayo.com [64.125.30.236]
  8   139 ms   139 ms   191 ms  ae5.cs1.lga5.us.eth.zayo.com [64.125.29.126]
  9   140 ms   169 ms   140 ms  ae4.cs1.dca2.us.eth.zayo.com [64.125.29.203]
 10   139 ms   149 ms   139 ms  ae3.cs1.iah1.us.eth.zayo.com [64.125.29.49]
 11   140 ms   140 ms   141 ms  ae0.cs2.iah1.us.eth.zayo.com [64.125.28.95]
 12   135 ms   135 ms   135 ms  ae27.cr2.iah1.us.zip.zayo.com [64.125.30.241]
 13   140 ms   153 ms   141 ms  ae2.mpr2.aus1.us.zip.zayo.com [64.125.31.250]
 14   138 ms   139 ms   138 ms  ae0.mpr1.aus1.us.zip.zayo.com [64.125.27.193]
 15   140 ms   139 ms   140 ms  te-6-1.aus-core-10.zip.zayo.com [64.125.32.198]
 16   142 ms   143 ms   142 ms  net64-20-229-158.static-customer.corenap.com [64.20.229.158]
 17   141 ms   141 ms   141 ms  gw2.netgate.com [66.219.34.174]
 18   142 ms   142 ms   142 ms  fw2.pfmechanics.com [208.123.73.4]
 19   143 ms   143 ms   143 ms  www.pfsense.org [208.123.73.69]

Trace complete.

Thanks,
Andy

8
Here comes the issue... I cannot have 2 default gateways.

That's not an issue, that is normal. If you have more than one gateway for an address family you need to do policy based routing.

Would static routing work ?

Thanks,
Andy

9
@kpa

Here comes the issue... I cannot have 2 default gateways.
If I follow the article https://doc.pfsense.org/index.php/Using_IPv6_with_a_Tunnel_Broker and put interface OPT as default gateway, the clients from VLAN1 won't be able to use my ISP's IPv6.



 OPT2_TUNNELV6  OPT2  2001:470:1f1a:699::1  2001:470:1f1a:699::1  Interface OPT2_TUNNELV6 Gateway      
 WAN_DHCP6 (default)    WAN  fe80::1  fe80::1  Interface WAN_DHCP6 Gateway      
   WAN_PPPOE (default)    WAN  10.0.0.1  10.0.0.1  Interface WAN_PPPOE Gateway

Thanks,
Andy

10
@Gertjan

I know how it is...
I have a /64 for about 3 years now, since Digi (the main ISP in Romania) provides it.
Sadly, the move to /56 will come sometimes this year (no timeline defined).

Now back to our sheep (revenons a nos moutons :) )...
I can't seem to find a way to assign the /64 from Hurricane Electric to the second VLAN I have.
I only have a LAN tab, that points to VLAN1 and I need to et HE's V6 to VLAN2 (that is on a different NIC Card).

If I can't figure it out, I'll probably send them an e-mail.

@Community: any ideas on how to assign a specific NIC to HE V6 ?

Thanks,
Andy

11
Thanks Gertjan.

Well, if I get a /48 or /56 from HE.NET it will probably work.
Why: because I have 2 VLANs and would like to have IPv6 on both VLANs, which I can't do with a /64 from my ISP.
I'm open to any suggestions.

Thanks,
Andy.

12
@johnpoz

Quick question:
I have the following setup:
- WAN over PPPoE that offers both IPv4 and IPv6 (::/64)
- LAN (IPV4 DHCP, IPv6 using track WAN)
- LAN2 (different VLAN) - IPv4 DHCP

I tried to setup an HE.NET IPv6 TunnelBroker, and when setting up the IPv6 static IP on LAN2 (following the article: https://doc.pfsense.org/index.php/Using_IPv6_with_a_Tunnel_Broker, I get IP address overlapping - a bit normal since both IP addresses in the guide are in the same /64 if I read correctly).
Any idea ? Is my scenario even supported ?

Thanks,
Andy.

13
Packages / Can we run Squid both as a proxy and as a reverse proxy ?
« on: January 31, 2018, 02:21:08 am »
I want to start configuring a reverse proxy on PFSense to replace my aging Microsoft TMG.
Can I run both Squid Proxy (forward proxy) and Squid Reverse Proxy ? Or do you guys recommend a different reverse proxy ?

Thanks,
Andy.

14
IPv6 / Monitoring IPv6 WAN logs
« on: January 14, 2018, 09:12:13 am »
Hello,

I have native IPv6 from my ISP assigned though PPPoE with Prefix Delegation (they assign a /64).
This week the ISP upgraded the firmware on the ONT providing the connection and so far I encounter the following issue:
- PFSense WAN interface periodically loses its IPv6 IP.
First I suspected a port flap or something, but the uptime of the interface is in the range of days.

Is there a way I can find in PFSense logs when the interface lost its IPv6 address ?

Thanks a lot,
Andy

15
pfBlockerNG / Re: DNS Whitelist
« on: January 09, 2018, 02:24:59 am »
Thanks.
Managed to do it and whitelist the domains.


Pages: [1] 2 3 4 5