Mga Master bakit po pag connect ko sa pfsense ung globe namin na naka bridge mo na pag nag browse ako sobrang bagal po pero may net naman nakakaping naman ng mga domain,
- TIA
Forum Topic
Unified PFSense Users
-
I'm new to pfsense as in noob ...
Planning to buy a refurb PC na makapag decrypt ng 128bit AES na OpenVPN, ok naba yung Core 2 Duo @ 2ghz with 2gb ram? Mainly used siya for OpenVPN kasi medjo di kaya ng router ko may lag siya even on local VPN hosted with Converge ICT. Will also implement cache and blocking of ads. -
^how fast your internet is? (state both upload and download speeds).
since core2duo doesnt have a hardware accelerated AES encryption (AES-NI for Intel) then your CPU will probably suffer depending how fast your internet connection is. if its under 100mbps internet speed (both dl and ul), I guess it is manageable but dont quote me on it since I never tested it.
but in my case I had a octa-core atom c2750 here that I tested how good it is for a simple VPN server for OpenVPN, with hardware acceleration I can get as high as 900+mbit/sec while the CPU usage chills under 5-7%. Wihtout hardware acceleration, I manage to get at least, well 180mbit-ish/sec (sometimes it dips as low as 70mbit/sec) and CPU usage under 80-90% -
You might consider using the relatively cheap Lattepanda single board computer for PFSense. The board uses the Atom X5-Z8300 processor with 2GB RAM and 32GB flash drive all for $79.
-
^lattepanda is a bad idea for me, first its a dev board, 2nd there's no expansion slot available and its very very bad idea to run a 2nd ethernet port via USB.
not unless you run a standalone VPN server on it, but still the spec on the ethernet port is only 100mbit. Kind of pathetic for this kind of board in 2016, talo pa nya yung ibang arm based dev board na merong gigabit ethernet.
-- edited by polka on Sep 20 2016, 10:23 PM -
@joseph0829
@polka
List of Intel CPUs with AES-NI support: <click here for link>
AES benchmark comparison: <click here for link>
-- edited by awakeruze on Sep 20 2016, 10:46 PM -
^Pwede na siguro Mikrotik or Ubiquity Edge Router dyan basta dedicated for OpenVPN only.
-
@awakeruze
lol, I dont need a list like that, I pretty much assume any 5th gen or later of intel processors have it. Or any modern pre 2013 era server boards / processors also have it.
source: my own experience with these things, specially on server stuff. -
magandang araw!
tanong ko lang po kung ano solution sa realtek (8111) on-board lancard na may problem sa pfsense 2.2 up to 2.3.2?
nade-detect naman yung NIC at may IP address pero walang internet
pero sa pfsense 2.1.5 , okey naman..may internet
eto po set up ko
WAN: re0 realtek 8111 (On-Board NIC) IP:192.168.22.3
LAN: re1 (PCI NIC Card) IP: 192.168.1.1
tapos na-check ko sa Gateway naka OFFLINE
ano po kaya solution dito..nagtry na ako magupgrade from pfsense 2.1.5 to 2.3.2 pero nawawala ang internet connection..di ma-ping ang host/gateway ip -
^ I assume that's a atom board youre using, realtek 8111 based kasi yan.
wala naman issue yan, go to gateway setting and make sure you set the "Disable Gateway Monitoring".
see if it works. -
yes intel atom board gamit ko for my pfsense setup..
sa old version ng pfsense ok naman walang issue..noong nag install ako ng bago na version 2.3.2 ayaw na kumonek sa internet o lan kapag naka-set yung re0 sa WAN o LAN
sige po try ko gawin kung gagana yung config na sinabi nyo..salamat -
ayaw pa din po din maka connect sa internet kahit nagawa ko na yung "Disable Gateway Monitoring"
nag ONLINE na yung gateway pero di pa din maka connect sa internet
sa PC na connected sa pfsense server, nai-ping ko yung IP address ng Modem pero kapag nag ping na ako ng website, ayaw ma-ping
sa command line ng pfsense..ayaw din ma-ping yung IP Address ng modem at website
ano po kaya problem nitong pfsense setup ko? -
^
may DNS ka ng nilagay? minsan yung DNS service kailangan off/on. -
yes po..
sinubukan ko din pagpalitin yung NIC ng WAN at LAN
WAN re1 PCI NIC
LAN re0 On-board NIC
may ip address sila at may physical connection
pero kapag nagping na ako sa PC ko ayaw naman maping yung IP ng Pfsense server
posible po bang driver issue ito?
detected yung onboard NIC pero walang traffic in and out
saka napansin ko din na same ang MAC Address ng On-board NIC at PCI NIC
yung On-board NIC lang talaga may problem
nag-try din ako ng ganitong set up
WAN -- usb WIFI adapter IP: 192.168.22.1
LAN -- PCI NIC IP 192.168.10.1
nakakaconnect sa internet -
mga masters!
anyone familiar with this error?
"timecounter tsc-low frequency hz quality 1000" -
@dre2k
I tried replicating your setup with my spare D945GCLF2D atom board here.
hindi ko ma trigger yung issue, it works fine with me regardless if I set my onboard gigabit lan to WAN or LAN interface it works fine.
at first setup kahit hindi ko disable yung gateway monitoring it states that its online and works right away.
setup:
realtek 8111 >> LAN
intel PRO 1000 Dual Port PCI NIC >> WAN1 and WAN2 (only wan1 is active)
or vice versa -
ay salamat po sa pagtulong magsolve ng trouble
ang board na gamit ko po ay Intel Atom D525MW
eto..nag subok po ako ulit ng bagong setup
una gumamit muna ako ng pfsense 2.1.5 release
hardware set up
NIC1: Onboard NIC Realtek 8111 set as re0 (WAN)
NIC2: dual port Intel PRO 1000MT set as em1 (LAN)
then I tested..working naman tapos gumamit naman ako ng pfsense 2.3.2 release version
same hardware set up
naka enable sa bios yung onboard Realtek 8111
then load pfsense
upon set up.
di na-detect yung Realtek 8111 na naka set dapat na re0
ang lumalabas lang ay em0 o yung (Intel PRO 1000MT)
tapos nag command ako ng dmesg
eto po lumabas sa part ng re0
pcib1: <ACPI PCI-PCI bridge> at device 28.0 on pci0
pcib1: failed to allocate initial prefetch window: 0xe0000000-0xe00fffff
pci1: <ACPI PCI bus> on pcib1
re0: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet> port 0x2000-0x20ff irq 16 at device 0.0 on pci1
re0: Using 1 MSI-X message
re0: Chip rev. 0x2c000000
re0: MAC rev. 0x00200000
re0: PHY read failed
re0: attaching PHYs failed
em0: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0x1040-0x107f irq 20 at device 0.0 on pci5
em0: Setup of Shared code failed
device_attach: em0 attach returned 6
em0: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0x1000-0x103f irq 21 at device 0.1 on pci5
em0: Ethernet address: 00:11:0a:04:96:43
em0: netmap queues/slots: TX 1/256, RX 1/256
3rd set up
disable sa bios yung on-board realtek 8111
at ang gumaganang LAN card ay yung Intel PRO
load pfsense 2.3.2
lumabas po yung
em0 (WAN)
em1 (LAN)
working naman..may internet connection sa LAN
nagtataka lang ako kapag sa pfsense 2.3.2, ayaw gumana ng onboard realtek 8111..
nag try din po ako sa pfsense higher than 2.1.5..same ang result tulad sa pfsense. 2.3.2 which is freebsd 10
may issue po kaya pagdating sa freebsd version?
-- edited by drx2k on Sep 27 2016, 12:13 AM
-- edited by drx2k on Sep 27 2016, 12:21 AM -
try mo sir sa System > Networking > check Disable Hardware Checksum Offload save reboot
Hardware Checksum Offloading
Disable hardware checksum offload Checking this option will disable hardware checksum offloading.
Checksum offloading is broken in some hardware, particularly some Realtek cards. Rarely, drivers may have problems with checksum offloading and some specific NICs. This will take effect after a machine reboot or re-configure of each interface.
sa atom d410 mobo ko ayaw gumana yung builtin realtek nic kung walang check ito.
pfsense 2.3.2
-- edited by jeffreynr on Sep 27 2016, 11:06 AM -
na-troubleshoot ko na po
sa bios settings ko binago
naka set pala sa IDE dapat AHCI pala
buti nabasa ko eto
<click here for link>
thank you sa inyo -
bakit ang bagal ng wifi ko sa Pfsense? PLDT Fiber po
-
For a multi-wan setup where in separate rules allow for segregation of traffic between two WANs, is there a way to monitor which LAN connections go to which WAN?
Parang parehas sana dun sa built in traffic monitor ng pfsense? -
@Krisgettin
Need mo maglagay ng value under your hotspot. May upload and download don. -
bridge mode lang din ginawa ko sa wireles AP, working agad
-
Hi I try to configure itong limang pc para ma lessen ung bandwith for youtube at downloading but after this configuration ayaw pa rin 4mbs pa rin ung speedtest ko.
Salamat sa tutulong.
Ito ung binigay ni Zlite sa thread na ito na ginawa ko.
Sa Traffic-shaper/Limiter,
1. Add ka ng new limiter para sa parent
A. Enable = yes
B. Limiter name: DefaultDownload
C. Click Add bandwidth then, ilagay mo, 1500
D. Save and Apply.
2. Sa loob ng DefaultDownload, click mo yong Add para sa Child
A. Enable = Yes
B. Limiter name: OUT
C. Choose Distination
d. Save and Apply
3. Click Limiter again, click add New Limiter para sa Parent.
A. Enable = Yes
B. Limiter name: DefaultUpload
C. Click Add para sa Bandwidth = 546
D. Save and Apply
4. Under ng DefaultUpload, click Add para sa child
A. Enable = Yes
B. Limiter name: In
C. Choose Source
D. Save and Apply
Since may gawa kanang Limiter. Need mo nang e-apply sa Firewall Rule.
Applying Firewall Rule
1. Under Firewall tab, click Rules
2. Click LAN
Kung hindi ka pa nakakagawa ng rules before, usually, walang rules.
1. Click Add to create a rule.
A. Proto type = TCP
B. Source = LANNet
Distination:
C. HTTP
D. In/Out
1. In = In
2. out = Out
E. Click Save and Apply
May makikita kanang Rules, click mo yong Add under the 1st rule para maduplicate na yong rule na ginawa mo.
2. Sa 2nd rule, need mo lang palitan yong Distination = HTTPS.
3. Ulitin mo lang ulit yong ginawa mo para maduplicate para sa pangatlo,
Distination = FTP
4. Distination = DNS
Applying changes:
1. Kapag natapos kana,
A. Click Diagnose
B. Click State
C. Click Re-state
D. Click Reset.
Wait mo, after 2 minutes or less than,
do a speed test. -
I'am using pfsense 2.2.2 and intel atom d510 onboard realtek for wan and intel pro for lan.
-
mga bossing, ano kaya problema sa pfsense installation ko.
After kasi ng reboot from installation.
*edit
pfsense version 2.3.2 i386
F1 Pfsense
F6 PXE
Boot: F1
ganyan siya, then kapag press enter or F1 magrerestart lang siya. Nadedetect naman yung mga nic ko re1 at re0.
Nagcheck na ako sa BIOS, ang problema iba yung interface ng HP Bios nung gagamitin ko sana sa paginstall ng pfsense.
Sa unang installation ko naman ng pfsense na ginagamit ko sa bahay wala naman ako naging problema. :(
-- edited by p3chak on Oct 24 2016, 09:13 PM -
anyone had any issues with 2.3.2 regarding, NAT Redirect and pfblocker regarding DNSBL
for some reason eto yung binabato ng DNSBL during update, ending up not working yung adblock feature nya.
Reloading Unbound... Failed to Reload... Restoring previous database.... Not completed.
sa NAT Redirect naman, kailangan pa ng ilang restart bago gumana. not sure why.
same rules and config works fine naman sa 2.2.2 -
gud day po.. eto setup ko internet to pfsense to switch to pc's.. ask ko lng po mga sir pde po kaya maglalagay ako ng wifi router access point galing switch?
-
Patulong po. Paano po mai limit yun youtube video streaming bandwidth. Naglalag kasi pag nag may nagyoutube. 15mbps po ang connection namin na PLDT DSL. Salamat po sa sasagot.
-
^
gawa ng rule to limit http/https.