Re: [pfSense] Configs or hardware?

2018-02-15 Thread Edwin Pers 
I believe I read somewhere that the new version that requires aes-ni will be 
3.x, and they plan to continue the 2.x line alongside it, as 3.x will be a 
major rewrite


-Ed

-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Eero Volotinen
Sent: Thursday, February 15, 2018 12:14 PM
To: Kyle Marek 
Cc: pfSense Support and Discussion Mailing List 
Subject: Re: [pfSense] Configs or hardware?

Well. Next version of pfsense (2.5) will not install into hardware that does 
not support AES-NI, so buying such hardware is not wise ?

Eero


___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Force CA certificate installation as tsueted root CA on WiFi clients

2018-01-30 Thread Edwin Pers 
I'm assuming you're talking about devices you own/control. 
Windows is easy, just push it out using AD
Linux you'd have to script something to push it out to each device with ssh or 
similar
IOS & Android you might have luck with apple & google's enterprise management 
systems, but I'm not sure they support pushing out certs

If they're not devices you own/control then you can't do it, that's not how SSL 
works.

Ed


-Original Message-
From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Roberto Carna
Sent: Tuesday, January 30, 2018 11:57 AM
To: pfSense Support and Discussion Mailing List 
Subject: [pfSense] Force CA certificate installation as tsueted root CA on WiFi 
clients

Dear, I have pfSEnse + Squid in transparent mode.

I have to filter web sites and content in HTTPS with Squidguard, so I've 
created a CA self-signed certificate and a server certificate (signed by the 
CA) in pfSense. After that I defined the CA certificate in the Squid 
configuration tab from pfSense.

In order to let navigate the WiFi clients in a good way through the Squid 
transparent proxy, filtering everything we want with Squidguard, I have to 
force the installation of the CA certificate on them.

How can I automatically force the CA certificate installation as a trusted Root 
CA on WiFi clients, taking into account they can be Windows, Linux, Android, 
Iphone, etc. ???

Thanks in advance.

ROBERT
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold