Recent Posts

Pages: [1] 2 3 ... 10

Feature Requests / Re: Support creating generic tunnel interface (GIF)

« Last post by andywhite on January 31, 2021, 08:18:04 PM »

Hi !

There is support already there , carried over from m0n0wall days, for an ipv6 tunnel.

Once ipv6 is enabled (in the system settings), the wan interface will show options for using a tunnel endpoint for ipv6

Feature Requests / Support creating generic tunnel interface (GIF)

« Last post by tuaris on January 17, 2021, 02:26:45 PM »

This is a feature request to support creating a generic tunnel interface:
https://www.freebsd.org/cgi/man.cgi?query=gif

A use case example is with https://tunnelbroker.net. The tunnel would be created as follows on a FreeBSD system

Code: [Select]

ifconfig gif0 create
ifconfig gif0 tunnel $IPv4_address_of_Firewall WAN interface $IPv4_address_of_remote_tunnel_server
ifconfig gif0 inet6 $assigned_IPV6_client_address $assigned_IPV6_endpoint_address prefixlen $given_prefixlen
route -n add -inet6 default $assigned_IPV6_endpoint_address
ifconfig gif0 up

The GUI/form to create this interface would probably be a new tab under Interfaces with a page name like interfaces_gif.php. The form would prompt for the variables above:

Code: [Select]

$IPv4_address_of_Firewall = get_ip_of_wan_inet();
$IPv4_address_of_remote_tunnel_server= "x.x.x.x";
$assigned_IPV6_client_address = "x:x:x:x::x";
$assigned_IPV6_endpoint_address = "x:x:x:x::x";
$given_prefixlen = 128;

Afterwards a new interface should be present on the firewall, and the firewall has IPv6 connectivity. The part I'm unsure of how to do (since I haven't experimented with dual stack yet, is how to configure the firewall to use dual stack to 1) provide cleints with IPv6 addresses, and 2) route IPv6 client packets over the GRE tunnel.

Installation / Re: restore config

« Last post by andywhite on June 15, 2020, 09:13:24 AM »

Hi,

Sounds like a firewall rule that worked with ipfilter, but not pf. can you send DM output of /status.php to me ?

Thanks

Installation / restore config

« Last post by RobbanG on June 15, 2020, 04:55:55 AM »

I need help with my new APU3C4 i can login when its newly installed but as soon as i load an old config from smallwall or t1n1wall i cant get any ip or cant access webinterface.
but if i disable pf i get an ip and i can access webinterface.
But same occur if i reboot.

VPN / Firewall Rules for PPTP VPN clients

« Last post by tuaris on October 19, 2019, 10:06:19 AM »

I already have the default rule in place to allow PPTP clients to access hosts on the remote network (LAN). No issue when a PPTP VPN client makes an outbound connection to a host on the LAN.

The hosts on the LAN are unable to make outbound connections to (or ping) any of the VPN clients. Additionally, VPN clients are unable to communicate with each other.
What additional firewall rules do I need to add?

This is what my LAN rules currently are:

Pages: [1] 2 3 ... 10

Recent Posts

Feature Requests / Re: Support creating generic tunnel interface (GIF)

Feature Requests / Support creating generic tunnel interface (GIF)

Installation / Re: restore config

Installation / restore config

VPN / Firewall Rules for PPTP VPN clients

General Questions / Re: DNSSEC Problem?

General Questions / Re: DNSSEC Problem?

General Questions / Re: DNSSEC Problem?

Firewall/NAT / Re: NAT Port Fowarding Ranges Not Workig Correctly

General Questions / Re: DNSSEC Problem?