Re: [pfSense] PFsense blocking https for one IP

2012-07-16 Thread Chris Buechler 
On Mon, Jul 16, 2012 at 7:41 PM, Brad Otto  wrote:

> This is the message I get in the logs for why it is being blocked:
> "The rule that triggered this action is: @12 block drop in log quick proto
> tcp from  to any port = https label
> webConfiguratorlockout"
>

Means that host has tried to log into the web interface with a bad
user/pass too many times so it's been blocked.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] PFsense blocking https for one IP

2012-07-16 Thread Brad Otto 
Answered my own question guys...the user was locked out.  She tried logging
into the firewall too many times with a failed password.  this added her to
the webConfiguratorlockout table under Diagnostics > Tables




On Mon, Jul 16, 2012 at 6:41 PM, Brad Otto  wrote:

> This is the message I get in the logs for why it is being blocked:
> "The rule that triggered this action is: @12 block drop in log quick proto
> tcp from  to any port = https label
> webConfiguratorlockout"
>
> [image: Inline image 1]
>
> *
> *
> *
> *
>
>
>
>
> On Mon, Jul 16, 2012 at 5:57 PM, Brad Otto  wrote:
>
>> Hi PFSense community -
>>
>> I've got an odd one for you!  One of the admin users with access to the
>> firewall says she was adding a user to our VPN, and after that point, she
>> was unable to use HTTPS on her office computer.  She could not get to https
>> websites - period.  This was the only computer exhibiting this behavior.
>>  Other computers on the same network did fine.
>>
>> I've run through every troubleshooting guide imaginable for Windows, and
>> when that failed, I even rebuilt her computer.  But nothing did the trick
>> until I switched her reserved IP address to another address on the same
>> network.
>>
>> I checked firewall rules, aliases, etc. but did not see anything in
>> pfsense that the user might have touched which would bring this type of
>> behavior.  Any tips?
>>
>> Thanks!
>>
>> -Brad
>>
>
>
<>___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] PFsense blocking https for one IP

2012-07-16 Thread Brad Otto 
This is the message I get in the logs for why it is being blocked:
"The rule that triggered this action is: @12 block drop in log quick proto
tcp from  to any port = https label
webConfiguratorlockout"

[image: Inline image 1]
*
*
*
*




On Mon, Jul 16, 2012 at 5:57 PM, Brad Otto  wrote:

> Hi PFSense community -
>
> I've got an odd one for you!  One of the admin users with access to the
> firewall says she was adding a user to our VPN, and after that point, she
> was unable to use HTTPS on her office computer.  She could not get to https
> websites - period.  This was the only computer exhibiting this behavior.
>  Other computers on the same network did fine.
>
> I've run through every troubleshooting guide imaginable for Windows, and
> when that failed, I even rebuilt her computer.  But nothing did the trick
> until I switched her reserved IP address to another address on the same
> network.
>
> I checked firewall rules, aliases, etc. but did not see anything in
> pfsense that the user might have touched which would bring this type of
> behavior.  Any tips?
>
> Thanks!
>
> -Brad
>
<>___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

[pfSense] PFsense blocking https for one IP

2012-07-16 Thread Brad Otto 
Hi PFSense community -

I've got an odd one for you!  One of the admin users with access to the
firewall says she was adding a user to our VPN, and after that point, she
was unable to use HTTPS on her office computer.  She could not get to https
websites - period.  This was the only computer exhibiting this behavior.
 Other computers on the same network did fine.

I've run through every troubleshooting guide imaginable for Windows, and
when that failed, I even rebuilt her computer.  But nothing did the trick
until I switched her reserved IP address to another address on the same
network.

I checked firewall rules, aliases, etc. but did not see anything in pfsense
that the user might have touched which would bring this type of behavior.
 Any tips?

Thanks!

-Brad
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

[pfSense] ipsec HA

2012-07-16 Thread Pedro Serotto 
Hi all,
I try to set up multiple VPN gateways in a redundant configuration, allowing 
for 
transparent failover of VPN connections without any loss of 
connectivity.

But, if the master goes down, I lose all my connections.

Is there something like sasyncd in pfsense ?

BR

Pedro

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Squid package syslog

2012-07-16 Thread Fuchs, Martin 
Do you perhaps have any idea if it's possible to do this with some 
configuration items in the squid-config ?
If there's something in the docs it might be easier...

Von: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] Im 
Auftrag von Ryan Rodrigue
Gesendet: Montag, 16. Juli 2012 14:53
An: 'pfSense support and discussion'
Betreff: Re: [pfSense] Squid package syslog


From: list-boun...@lists.pfsense.org 
[mailto:list-boun...@lists.pfsense.org]
 On Behalf Of Ryan Rodrigue
Sent: Monday, July 16, 2012 7:27 AM
To: 'pfSense support and discussion'
Subject: Re: [pfSense] Squid package syslog

I am trying to setup Cyberoam iView for squid.  It appears it simply is setup 
as a destination syslog server.  I cannot find in the squid package where to 
setup the syslog server at.
Is there somewhere special I need to go, or is this function simply not 
available?

Sorry if I seem a little impatient.  I know this is more of a squid question 
and less of a PFsense question.  Who is the dev for squid?Maybe he will be 
able to help me.



OK so I solved this myself.  I googled this all day Friday with no positive 
results.  Today, I found it.  Proof My brain does work better in the morning.  
I figured I'd post what I found in case anybody else was interested

In the Services > Proxy Server settings of the PFsense GUI, at the bottom of 
the General settings there is a Custom Options field.  I added the following
access_log syslog:local:4
I then went to Status > System Logs > Settings
I setup my syslog server and selected portal auth events.  ( I found this by 
trial and error. )
Checked my syslog server and everything seems to work fine.

Thank you very much everybody for your help.
Ryan
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Squid package syslog

2012-07-16 Thread Ryan Rodrigue 
 

From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org]
On Behalf Of Ryan Rodrigue
Sent: Monday, July 16, 2012 7:27 AM
To: 'pfSense support and discussion'
Subject: Re: [pfSense] Squid package syslog

 

I am trying to setup Cyberoam iView for squid.  It appears it simply is
setup as a destination syslog server.  I cannot find in the squid package
where to setup the syslog server at.  

Is there somewhere special I need to go, or is this function simply not
available?

 

Sorry if I seem a little impatient.  I know this is more of a squid question
and less of a PFsense question.  Who is the dev for squid?Maybe he will
be able to help me.

 

 

 

OK so I solved this myself.  I googled this all day Friday with no positive
results.  Today, I found it.  Proof My brain does work better in the
morning.  I figured I'd post what I found in case anybody else was
interested

 

In the Services > Proxy Server settings of the PFsense GUI, at the bottom of
the General settings there is a Custom Options field.  I added the following

access_log syslog:local:4

I then went to Status > System Logs > Settings

I setup my syslog server and selected portal auth events.  ( I found this by
trial and error. )

Checked my syslog server and everything seems to work fine.

 

Thank you very much everybody for your help.

Ryan

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] Squid package syslog

2012-07-16 Thread Ryan Rodrigue 
I am trying to setup Cyberoam iView for squid.  It appears it simply is
setup as a destination syslog server.  I cannot find in the squid package
where to setup the syslog server at.  

Is there somewhere special I need to go, or is this function simply not
available?

 

Sorry if I seem a little impatient.  I know this is more of a squid question
and less of a PFsense question.  Who is the dev for squid?Maybe he will
be able to help me.

 

 

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

[pfSense] http traffic block and redirect

2012-07-16 Thread ade ayo 
I need to block all http and https traffic through the WAN connections and 
redirect the traffics through a server on the LAN.
 
How can I achieve this?___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list