On Mon 05 May 2014 18:34:28 NZST +1200, Lars Wuerfel wrote: Hi Lars,
> I had this some time ago, when I defined a virtual IP > (IP alias) to my LAN Interface, and then tried to login to this > virtual IP. When I pointed the browser to the "real" IP, login > was possible. That makes sense and is an easy explanation. > Did you define IP aliases, and your DNS is pointing to an alias IP? No. There may be name mismatches between the pfsense host's name and the CN of the web GUI cert. All alternative names for the LAN IP address used to access the web gui are listed in -> advanced -> alternate host names. It did not used to be a problem so maybe security was beefed up again in 2.1.3. I created new certs for the web gui and put cert exceptions into the browsers. It worked, until yesterday. The rebinding warning is shown only some of the time, no idea why. The main reason I mentioned it is that "use the IP address to log in" does not in fact provide a path for remedial action. It's a bit fishy to me, but I'm also still having problems with the hme driver (on course for replacement) which may interact. Volker -- Volker Kuhlmann http://volker.top.geek.nz/ Please do not CC list postings to me. _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
