[pfSense] OpenVPN smartcard/token experiences?

2012-02-22 Thread Larry Sampas
I've been having limited success with a the Aventra smart card and pfSense's OpenVPN. I've had success using OpenSC libraries and OpenSSL to get the key and certificate onto the token. Client experience on Windows XP and Vista's dicey and requires frequent virtual NIC resets. In Windows 7, it's bee

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Bob Gustafson
I think you are correct. RFC 2136 seems to be focused on the server rather than the query client. On Wed, 2012-02-22 at 17:39 -0600, Bob Gustafson wrote: > It appears as though the DDNS is not updating properly, might be useful > information. > > Johan Braeken says: > Observed behaviour:

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Bob Gustafson
It appears as though the DDNS is not updating properly, might be useful information. Johan Braeken says: Observed behaviour: When the IP address on the WAN interface changes, nothing happens. There is also nothing logged regarding Dynamic DNS updates.

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Yehuda Katz
I do not have a RFC 2136 DNS setup to debug this with. It is probably not related because the DynDNS and RFC 2136 features are basically completely separate. - Y On Wed, Feb 22, 2012 at 6:29 PM, Bob Gustafson wrote: > See also http://redmine.pfsense.org/issues/2166 > > On Wed, 2012-02-22 at 18:

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Bob Gustafson
See also http://redmine.pfsense.org/issues/2166 On Wed, 2012-02-22 at 18:20 -0500, Yehuda Katz wrote: > On Wed, Feb 22, 2012 at 2:20 PM, Yehuda Katz > wrote: > On Wed, Feb 22, 2012 at 11:02 AM, Karl Fife > wrote: > My question very specifically was whether is it >

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Yehuda Katz
On Wed, Feb 22, 2012 at 6:03 PM, Karl Fife wrote: > The file: > /cf/conf/dyndns_wanzoneedit'my**.domain.net '.cache > > Indeed contains the cached IP address, but the file system is mounted > read-only. I assume this is due to the fact that I am running the embedded > versi

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Yehuda Katz
On Wed, Feb 22, 2012 at 2:20 PM, Yehuda Katz wrote: > On Wed, Feb 22, 2012 at 11:02 AM, Karl Fife wrote: > >> My question very specifically was whether is it possible to force an >> update WITHOUT changing the interface address (i.e. without changing the >> address as a method of making the IP d

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Karl Fife
The file: /cf/conf/dyndns_wanzoneedit'my.domain.net'.cache Indeed contains the cached IP address, but the file system is mounted read-only. I assume this is due to the fact that I am running the embedded version. I'm starting to think that the answer is an unqualified "NO". -K On 2/22/2012

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread newsgroups.ma...@stefanbaur.de
Am 22.02.2012 19:06, schrieb Karl Fife: My question is of course, HOW. How does one change the cached number without releasing the address on the monitored interface? -K Have a look at the files matching /conf/dyndns* and try editing those. -Stefan ___

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Yehuda Katz
On Wed, Feb 22, 2012 at 11:02 AM, Karl Fife wrote: > My question very specifically was whether is it possible to force an > update WITHOUT changing the interface address (i.e. without changing the > address as a method of making the IP different than the cached IP) > > Does anyone know if it is p

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Bob Gustafson
Hmm, must be stored somewhere. Check the source code. On Wed, 2012-02-22 at 12:06 -0600, Karl Fife wrote: > My question is of course, HOW. How does one change the cached number > without releasing the address on the monitored interface? > -K > > On 2/22/2012 11:47 AM, Bob Gustafson wrote: > > Ch

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Karl Fife
My question is of course, HOW. How does one change the cached number without releasing the address on the monitored interface? -K On 2/22/2012 11:47 AM, Bob Gustafson wrote: Change the cached number, then do as Martin Fuchs suggested. On Wed, 2012-02-22 at 10:02 -0600, Karl Fife wrote: Hi Mar

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Bob Gustafson
Change the cached number, then do as Martin Fuchs suggested. On Wed, 2012-02-22 at 10:02 -0600, Karl Fife wrote: > Hi Martin. You've hit right on the problem. The IP is NOT different > than the cached IP, thus the client will not update no matter what I > do, even if I delete the entry entirely an

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Karl Fife
Hi Martin. You've hit right on the problem. The IP is NOT different than the cached IP, thus the client will not update no matter what I do, even if I delete the entry entirely and re-create it (much less your simpler suggestion). My question very specifically was whether is it possible to for

Re: [pfSense] Dynamic DNS force update?

2012-02-22 Thread Fuchs, Martin
Hi ! Try editing the dyndns-provider and just hit the save button :) This should work, if the ip is different from the cached ip Regards, martin Von: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] Im Auftrag von Karl Fife Gesendet: Mittwoch, 22. Februar 2012 06:12 An: li