[pfSense] Captive Portal REDIRURL$ / missing
Hello, I'm using the captive portal for authentication purposes. a) A not yet authenticated user opens the browser and enters eg.:* http://de.wikipedia.org* He's redirected to the captive portal, authenticates and everything's fine. b) A not yet authenticated user opens the browser and enters eg.: *http://de.wikipedia.org/wiki/Pfsense* He's redirected to the captive portal, a closer look to the URL in the browser show: *...?redirurl...de.wikipedia.orgwiki* The / after the TLD is missing. The authentication succeeds but the result is of course: *Server not Found (...wikipedia.orgwiki) * I'm using Version: *2.0.2-RELEASE * (amd64) and the captive portal is using https. I'm pretty sure the missing / can be added somewhere, any ideas where? Thanks, Frank ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Captive Portal REDIRURL$ / missing
On 2/27/2013 6:23 AM, Frank Richter wrote: I'm using Version: *2.0.2-RELEASE * (amd64) and the captive portal is using https. That's already been fixed in 2.0.3 images, and discussed several times on the forum with workarounds/fixes. You can upgrade to a 2.0.3 snapshot (check the forum for links) or if you look in the commit history for the pfSense RELENG_2_0 branch on github you can find and apply the fix. Jim ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Question about pfSense Mobile IPsec on 2.0 document
I have been bashing my head against a wall trying to get Mobile IPSec (Mutual PSK + Xauth) working on pfSense 2.0.2. As I've reported previously here, I can only get traffic to flow in both directions if I set NAT Traversal to Force instead of Enable in the Phase 1 tunnel definition. Non-NATted connections will only route traffic from the client to the VPN, not vice versa. I discovered subsequently in the pfSense Mobile IPsec on 2.0 document (http://doc.pfsense.org/index.php/Mobile_IPsec_on_2.0) that the description of how to set up Mobile IPSec on 2.0 also lists NAT Traversal: Force under the Phase 1 section. Is this a hard requirement in 2.0.X? If so, is this due to bugs/limitations in the version of racoon/ipsec-tools used in 2.0.X? My experience of 2.0.X is that it correctly detects whether a client is behind a NAT for NAT Traversal: Enable but traffic only flows bidirectionally in the case of clients behind a NAT (i.e., NAT-T is enabled). Does this problem still exist in 2.1? Cheers, Paul. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Can't ping LAN behind VPN Gateway
Hello, I have a site to site VPN between 2 offices, one is 10.0/16 (with static IP) and one is 10.1/16 (without static IP and has a 192.168.0/23 hidden behind it). I can't remember the exact setup, but it was working fine for a few months, and broke yesterday. Because there are 2 different subnets, I created 2 different phase 2 entries that maps each subnet to a remote subnet. Both phase 2 are up and green. Problem is, now every host in 10.1/16 can reach anything in 10.0/16, but it's going out the open Internet, even though I've set up tunnel mode for phase 2. 10.0/16 can reach 10.1/16 (according to the first phase 2 entry) without a single problem, but every single packet to 192.168.0/23 (the hidden subnet) failed in one of 2 ways:- If there are no static routes, the packet seems to be routed out to the Internet and dropped dead somewhere. Probably because it can't find the dynamic IP of the other side- If there is a static route for 192.168.0/23 pointing to 10.0.1.1 (pfSense), it drops dead right there in 10.0.1.1 So what do I do now? Angela___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list