Tim Nelson | 19 Dec 00:15 2008

Re: sudden ssh problems with 1.2.1 rc1

Check the 'Advanced Options' for any rules you have related to SSH or your web host. You may find that someone
set a simultaneous connection limit, maximum new connections per second limit, or maximum state entries
per host.

Good luck!

Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105

----- "JJB" <onephatcat@...> wrote:

> Also, more info: we are able to any internet host but our www server 
> without problem, and to ssh from any internet host TO our www sever
> with 
> no problem, just ssh to www from the office behind pfsense is not 
> working correctly.
> 
>  - Joel
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: support-unsubscribe@...
> For additional commands, e-mail: support-help@...
> 
> Commercial support available - https://portal.pfsense.org

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe@...
For additional commands, e-mail: support-help@...
(Continue reading)

JJB | 19 Dec 01:11 2008
Picon
Picon

Re: sudden ssh problems with 1.2.1 rc1


Tim Nelson wrote:
> Check the 'Advanced Options' for any rules you have related to SSH or your web host. You may find that
someone set a simultaneous connection limit, maximum new connections per second limit, or maximum state
entries per host.
>
> Good luck!
>
> Tim Nelson
> Systems/Network Support
> Rockbochs Inc.
> (218)727-4332 x105
>
> ----- "JJB" <onephatcat@...> wrote:
>
>   
>> Also, more info: we are able to any internet host but our www server 
>> without problem, and to ssh from any internet host TO our www sever
>> with 
>> no problem, just ssh to www from the office behind pfsense is not 
>> working correctly.
>>
>>  - Joel
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: support-unsubscribe@...
>> For additional commands, e-mail: support-help@...
>>
>> Commercial support available - https://portal.pfsense.org
>>     
(Continue reading)

Tim Nelson | 19 Dec 01:11 2008

Re: sudden ssh problems with 1.2.1 rc1

Maybe there are issues with your routing table since adding a second link? Or maybe you had both the T1 and DSL previously?

When you reverted back to 1.2 did you simply upload your config file from the previous install or setup
everything from scratch?

After your deleted the newly created www1/www2 rule, did you clear your state tables?

^^^ Maybe those questions aren't important since your problem is fixed. BUT, some of us may still be
interested... :-)

Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105

----- "JJB" <onephatcat@...> wrote:  
> We didn't make any changes to the system. Well yesterday we added a
> rule 
> to send all traffic destined for two new web hosts www1 and www2 over
> 
> the T1 instead of the DSL. The problem did not happen till today. 
> Deleting the rule did not fix the problem.
> 
> Reverting the system back to 1.2, thank the gods, fixed everything.
> 
> Other weird things - internet downloads would start off reasonably
> fast 
> and then wind up running at about 3kbps
> 
> Carp got screwy fw1 and fw2 became confused as to which was which -
(Continue reading)

Bill Marquette | 19 Dec 01:40 2008
Picon

Re: sudden ssh problems with 1.2.1 rc1

Sounds like this may have been part of your issue.  It sounds like you
had multiple machines acting as carp master.  Not a good idea.

--Bill

On Thu, Dec 18, 2008 at 6:11 PM, JJB <onephatcat@...> wrote:
>
> Tim Nelson wrote:
>>
>> Check the 'Advanced Options' for any rules you have related to SSH or your
>> web host. You may find that someone set a simultaneous connection limit,
>> maximum new connections per second limit, or maximum state entries per host.
>>
>> Good luck!
>>
>> Tim Nelson
>> Systems/Network Support
>> Rockbochs Inc.
>> (218)727-4332 x105
>>
>> ----- "JJB" <onephatcat@...> wrote:
>>
>>
>>>
>>> Also, more info: we are able to any internet host but our www server
>>> without problem, and to ssh from any internet host TO our www sever
>>> with no problem, just ssh to www from the office behind pfsense is not
>>> working correctly.
>>>
>>>  - Joel
(Continue reading)

Chris Buechler | 19 Dec 02:10 2008
Picon

Re: sudden ssh problems with 1.2.1 rc1

On Thu, Dec 18, 2008 at 7:40 PM, Bill Marquette
<bill.marquette@...> wrote:
> Sounds like this may have been part of your issue.  It sounds like you
> had multiple machines acting as carp master.  Not a good idea.
>

Yeah, and downgrading almost certainly did nothing (unless this is
some extremely unusual FreeBSD issue) that rebooting alone wouldn't
have done. Impossible to say exactly what happened without having
hands on the system, but if both systems were somehow running as
master, a reboot could have cleared whatever condition caused that.

---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscribe@...
For additional commands, e-mail: support-help@...

Commercial support available - https://portal.pfsense.org


Gmane