Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
On 05/12/2017 13:47, Eero Volotinen wrote: > well. take backup of config and ask operator to reinstall box from usb > stick & restore backup? Yeah. This went from bad to worse today, I eventually lost contact with it, so this is what I'm going to do. Thanks for your help. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
Actually those log entries were from further back in time. Though they do now seem pertinent, this was from yesterday, and obviously points to a lack of resolv.conf: dnsmasq 23562 failed to access /etc/resolv.conf: No such file or directory dnsmasq 23562 failed to load names from /etc/hosts: No such file or directory -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
It was available to login to again after power cycling. >From the log - General: check_reload_status Rewriting resolv.conf >From the log - DNS Resolver: dnsmasq 6768failed to create listening socket for port 53: Address already in use dnsmasq 6768FAILED to start up /etc/resolv.conf was missing. I created a new copy and DNS now works. Version 2.4.2 is again being advertised. I initiated the upgrade and it appears to take place, though there are lots of this kind of issue, I don't know if this is of interest: Installed packages to be REINSTALLED: xinetd-2.3.15_2 [pfSense] (ABI changed: 'freebsd:10:x86:64' -> 'freebsd:11:x86:64') "Number of packages to be removed: 1 Number of packages to be installed: 16 Number of packages to be upgraded: 47 Number of packages to be reinstalled: 81" After the eventual reboot it's still saying it's 2.3.5. I initiated the upgrade again from the GUI and it says "Please wait while the update system initializes" and nothing more. It's at least currently stable enough for people to use. Any help is most appreciated, thanks. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
On 04/12/2017 22:08, Eero Volotinen wrote: > well. ssh into box and cat /etc/resolv.conf to see nameserver addresses. if > it contains 127.0.0.1 entry, then it is using dnsmasq/unbound or similar > dns cache. Thanks for your help. If it comes back after people on site power cycle it tomorrow then I'll check that. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
I'm not sure where to look for a DNS Forwarder issue. I tried restarting the service. I looked in firewall rules for WAN. I changed DNS servers in System > General Setup to Google Public DNS. I tried turning this off: DNS Server Override [ ] Allow DNS server list to be overridden by DHCP/PPP on WAN I tried enabling this: Disable DNS Forwarder [*] Do not use the DNS Forwarder/DNS Resolver as a DNS server for the firewall I turned the latter 2 back. I rebooted, and it didn't come back. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
On 04/12/2017 20:48, Eero Volotinen wrote: > well. for temporary fix, try hardcoding needed hostnames in /etc/hosts and > check also that your firewall rules allow access to dns server 53/udp and > tcp. Thanks for your help, everyone. I have to do something else for a while but will get back to this a bit later. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
Great, thank you. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
On 04/12/2017 20:39, Adam Thompson wrote: > Do you have functional DNS from the CLI? No, I can't ping google.com or localdomain names. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
uname -a says this is FreeBSD 11.1-RELEASE-p4 RELENG_2_4 -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
On 04/12/2017 20:11, Steve Yates wrote: > If you ssh to the device and pick the option to update from its console menu, > does it update there? No, those package repository errors are what I'm seeing when doing that. I tried the swapping to different repositories in the GUI, trying update from console, back and forth, as described in the page you linked to, but that hasn't helped, each time it has the same repository errors. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
strace isn't installed, no packages are installed. Ideally I'd like to recover this to 2.3.5 or 2.4.2 if possible. I'd like to not have to do a fresh install and restore of config if possible, though I can get local people brought in to do that, or have it posted to me. People on site can draft in the spare pfSense PC if need be tomorrow. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
On 04/12/2017 19:52, Eero Volotinen wrote: > Can you ssh into device and drop to shell? Yes, that's where I've been trying the pkg-static commands. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] 2.3.5 to 2.4.2 on SG-2440 failed accessing repository
Hi. I upgraded a production SG-2440 running pfSense 64-bit 2.3.5 to 2.4.2 using the web GUI. There were no packages installed. It appeared to update OK, and rebooted afterwards. However it came back as version 2.3.5 and now says it's on the latest version, despite going to the update page and re-saving. Choosing "Update from console" gives the following: "Updating pfSense-core repository catalogue... pkg-static: Repository pfSense-core load error: access repo file(/var/db/pkg/repo-pfSense-core.sqlite) failed: No such file or directory pkg-static: https://firmware.netgate.com/pkg/pfSense_factory-v2_4_2_amd64-core/meta.txz: No address record repository pfSense-core has no meta file, using default settings pkg-static: https://firmware.netgate.com/pkg/pfSense_factory-v2_4_2_amd64-core/packagesite.txz: No address record Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg-static: Repository pfSense load error: access repo file(/var/db/pkg/repo-pfSense.sqlite) failed: No such file or directory pkg-static: https://firmware.netgate.com/pkg/pfSense_factory-v2_4_2_amd64-pfSense_factory-v2_4_2/meta.txz: No address record repository pfSense has no meta file, using default settings pkg-static: https://firmware.netgate.com/pkg/pfSense_factory-v2_4_2_amd64-pfSense_factory-v2_4_2/packagesite.txz: No address record Unable to update repository pfSense Error updating repositories! If I run "pkg update -f" I get this error: Shared object "libssl.so.8" not found, required by "pkg" These commands give the same repository error messages as aobve: pkg-static update –f pkg-static upgrade –f I don't have physical access to the device. So far, ostensibly, it appears to be running OK; I'm VPNd in. Has anyone any ideas that might help please? Thanks -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense 2.3.2-p1 RELEASE Now Available
On 07/10/2016 13:57, Holger Bauer wrote: > pkg clean > pkg update > pkg upgrade > reboot This worked for me, thanks. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense 2.3.2-p1 RELEASE Now Available
Same for me, failure first time on a full install: Fetching pfSense-kernel-pfSense-2.3.2_1.txz: . done pkg: https://pkg.pfsense.org/pfSense_v2_3_2_i386-core/All/pfSense-kernel-pfSense-2.3.2_1.txz: Operation timed out >>> Locking package pfSense-kernel-pfSense... done. Failed -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Internet access for LAN to LAN router
I have a scenario where pfSense1 is running the gateway to the Internet for LAN1 in an office with its own WAN. Another box, pfSense2, is running the gateway out to another LAN2, a network administered by other people, where there's a shared printer on a LAN shared by other organisations and that LAN has its own Internet connection for those other organisations. pfSense2's LAN interface is on LAN1 and its WAN interface is on LAN2. pfSense2 has as its gateway the LAN2 gateway address, which doesn't work (for whatever reason, maybe it requires a subscription, I don't know). I access pfSense2 using VNC from a PC on LAN1, upgrading using .tgz files, but now that pfSense 2.3 doesn't support upgrade in this way, I need to get pfSense2's Internet access working. I presume I do this by swapping pfSense2's WAN and LAN assignments around, and giving its WAN the gateway address of pfSense1? I administer this remotely. Is there a way to do the above without losing connection to pfSense2 half way through the procedure? If I swap the WAN and LAN around, is different firewalling rules going to come into play, or some other issue, and break access to the printer for PCs on LAN1? Or is there an alternate means of getting Internet access to pfSense2, maybe by adding a gateway address to its LAN interface? I already specifically allow traffic out to the printer's IP address, and turn this off: Interfaces -> WAN -> [ ] Block private networks and loopback addresses Thanks in advance -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] How to manually update 2.3 onwards?
I have a pfSense 2.3.0_1 which has had an issue connecting to pfsense.com to check for updates for years. That's not the issue, as far as I believe. Perhaps its LAN and WAN are mistakenly the wrong way around. It routes between two LANs. Anyway I always update it manually by downloading a tgz file. With 2.3.0_1 it appears to offer no means of manually updating, giving these error messages on the System > Update screen [1]. I see the release notes say "Removed "full update" or "full slice" upgrade for systems on 2.3 to later versions" - is this what I am seeing? How do I manually update pfSense now please? [1] "The following input errors were detected: ERROR: Error trying to get packages list. Aborting... pkg: repository meta /var/db/pkg/pfSense-core.meta has wrong version or wrong format pkg: No signature found pkg: No signature found pkg: repository meta /var/db/pkg/pfSense.meta has wrong version or wrong format pkg: No signature found pkg: No signature found pkg: repository meta /var/db/pkg/pfSense-core.meta has wrong version or wrong format pkg: Repository pfSense-core cannot be opened. 'pkg update' required pkg: repository meta /var/db/pkg/pfSense.meta has wrong version or wrong format pkg: Repository pfSense cannot be opened. 'pkg update' required ERROR: Error trying to get packages list. Aborting... pkg: repository meta /var/db/pkg/pfSense-core.meta has wrong version or wrong format pkg: No signature found pkg: No signature found pkg: repository meta /var/db/pkg/pfSense.meta has wrong version or wrong format pkg: No signature found pkg: No signature found pkg: repository meta /var/db/pkg/pfSense-core.meta has wrong version or wrong format pkg: Repository pfSense-core cannot be opened. 'pkg update' required pkg: repository meta /var/db/pkg/pfSense.meta has wrong version or wrong format pkg: Repository pfSense cannot be opened. 'pkg update' required" Thanks -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense 2.3 "Secure Connection Failed"
My local pfSense 2.3 works fine in Firefox ESR 38, as does one remote site that I contact through an independent solution. 2 remote sites that I contact through pfSense's OpenVPN (not using its built-in CA) don't work in Firefox. One of those 2 remote sites has a second pfSense, that I connect with by first VPNing in, then using VNC to connect to a PC, and using Firefox ESR 38 on that PC. pfSense 2.3 works fine in Firefox in that case. So far, the remote connection over OpenVPN is the common factor in what's not working. Does that help pinpoint anything please? -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] pfSense 2.3 "Secure Connection Failed"
On 12/04/2016 23:06, Chris Buechler wrote: > If it's the same browser and > system that can connect to 1 of 3 but not the other two, there's > something else going on there. Not sure what, haven't heard of that > from anyone else. Thanks Chris. Yes it's the same Windows 7 Pro with Firefox ESR 38 used to connect to all 3. I'll report back if I learn anything more. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] pfSense 2.3 "Secure Connection Failed"
What is the change in 2.3.0 that means that Firefox 38 ESR now gives me this message when trying to login using the GUI on 2 of 3 systems I have upgraded from 2.2.6 so far, via OpenVPN: "Secure Connection Failed The connection to X.X.X.X was interrupted while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified." I can get around this with Chrome 49, by choosing Advanced and something like 'Login anyway'. Firefox works fine with one of the systems I've upgraded, the local one. Thanks -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] OpenVPN Server on pfSense 2.1.4
On 01/07/2014 01:29, David White wrote: > I'm having trouble connecting my Windows 7 OpenVPN client to the pfSense > 2.1.4 server. If this was working before, and now has just now stopped, I'm not sure if the security fix in both the client and server makes disparate versions now incompatible, but could be worth checking you have the latest OpenVPN on Windows - for example 2.3.4-I002 from http://openvpn.net/index.php/open-source/downloads.html (Frustratingly, they don't keep a changelog for the frequent changes specific to the Windows builds) -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] pfSense 2.1.2 is released
On 10/04/2014 21:13, kol wrote: > How do you revoke a CA certifate? Export the CRL from whatever you use to manage your CA (I use TinyCA, I've no experience of using pfSense, this whole thing might well be even easier if you use pfSense). In pfSense: System -> Cert Manager -> Certificate Revocation -> + paste in the CRL. It way have "In Use: NO". VPN -> OpeNVPN - server -> Edit -> Cryptographic Settings -> Peer Certificate Revocation List - select the CRL. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] The Heartbleed Bug, CVE-2014-0160
Thanks for the update Jim and for your and others' efforts in bringing us updated software. These things keep many of us in employment, but I expect you guys would have appreciated a little breather after releasing 2.1.1. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] The Heartbleed Bug, CVE-2014-0160
On 08/04/2014 12:59, b...@todoo.biz wrote: > You would notice that this bug concerns OpenSSL : > > • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable > • OpenSSL 0.9.8 branch is NOT vulnerable > > If you are on the latest version of pfSense the version is : OpenSSL 0.9.8y 5 > Feb 2013 > > So you are not vulnerable to this heart bleed bug ! But I see this: /usr/bin/openssl version OpenSSL 0.9.8y 5 Feb 2013 /usr/local/bin/openssl version OpenSSL 1.0.1e 11 Feb 2013 -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] The Heartbleed Bug, CVE-2014-0160
Can someone please let me know where pfSense and its OpenVPN is in terms of any vulnerability because of The Heartbleed Bug, CVE-2014-0160. Thanks -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] pfSense version 2.1.1 has been released
The 2.1.0 to 2.1.1 upgrade on nanobsd (4g) on ALIX failed for me with "Something went wrong when trying to update the fstab entry. Aborting upgrade." I got the same issue when using auto update, and when using local upload of pfSense-2.1.1-RELEASE-4g-i386-nanobsd-upgrade.img.gz. The log has 2 instances of this: php: /system_firmware.php: The command '/sbin/mount -u -w -o sync,noatime /cf' returned exit code '1', the output was 'mount: not currently mounted /cf' On bootup it already has this issue in the log: php: rc.bootup: The command '/sbin/mount -u -r -f -o sync,noatime /cf' returned exit code '1', the output was 'mount: not currently mounted /cf' Does anyone have any thoughts on how to remedy this please? -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Very slow printing when 2 of pfSense on network
>From what you've given me I've managed to fix the printing issue by making this alteration on Windows workstations: Windows Firewall -> Advanced -> ICMP -> Settings -> [*] Allow redirect I'm going to investigate the performance issues you spoke of (there are 15 workstations on the network), and likewise look into employing a dynamic routing protocol. After all the time I've spent tracking this down, I find that my pfSense book has precisely the same information as you've told me, if only I'd picked it up, and is quite reassuring about the security implications. Thanks again -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Very slow printing when 2 of pfSense on network
That's very helpful thank you. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Very slow printing when 2 of pfSense on network
Michael D. Wood wrote: > What do the firewall logs show? Any noticeable blocked traffic between > A & B? Turn on logging in the Firewall rules to check it out. Nothing in either of their firewall logs. -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Very slow printing when 2 of pfSense on network
Ian Bowers wrote: > are both pfSense A and pfSense B on the same subnet? such that pfSense A > is the default gateway for clients, but pfSense B is how they have to get > to the printer? Yes to all of that. > if this is the case, and both firewalls are on the same > subnet, you're going to have issues. That's a shame to hear as I was under the impression this was entirely normal, and it worked fine for a couple of years, possibly until pfSense A was upgraded from 1.2.3 to 2.0 (whilst at that time pfSense B remained on 1.2.3; both are now on 2.1.0). Would it help if I added a third network adapter to pfSense A, attached to the subnet that the printer is on? (This is a medium term goal anyway, so as to save power and support costs) -- Pete Boyd Open Plan IT - http://openplanit.co.uk The Golden Ear - http://thegoldenear.org ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Android VPN with pfSense
Thanks. I've also now had successful results using 'OpenVPN for Android' by Arne Schwabe. I've used a PKCS12 file, added into the Android certificate store, from an SD card (where it will only install from the root directory). Because I've made the certificates in TinyCA, separate from pfSense, from when I was using pfSense 1.2, I've had to turn off: Authentication/Encryption -> Except TLS Server. I've not yet tried using a .ovpn file for pre-configuration. Other than that it all Just Works. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Android VPN with pfSense
On 08/09/12 08:43, Seth Mos wrote: > If your phone has android 4 or higher, you can install the OpenVPN > client that is available. It does not need root afaik and 1 of the > developers can successfully use it on his tablet and phone with > Android 4. This is welcome news indeed! I see there are various OpenVPN clients now available for Android 4, that don't require rooting, do you have anything to share of your experience with the different apps please? -- Pete Boyd thegoldenear.org openplanit.co.uk ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Compex WLM54SAGP23 (Atheros 5413), ALIX 2D3 & pfSense 2?
On 27/04/12 11:00, bsd wrote: >> I've been using the above miniPCI card in an Alix board for over a >> year now - entirely trouble free. Great. Thanks. -- Pete Boyd thegoldenear.org openplanit.co.uk ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] Compex WLM54SAGP23 (Atheros 5413), ALIX 2D3 & pfSense 2?
Hi. I'm choosing a miniPCI wireless card from www.msdist.co.uk to go in an ALIX 2D3. The only cards there that appear to be supported by FreeBSD 8.1 are the Wistron DCMA81 (Atheros AR5213A), Wistron CM9-GP (Atheros AR5213A) and the Compex WLM54SAGP23 (Atheros 5413). I'd just like to check if people have successfully used the Compex WLM54SAGP23 (Atheros 5413) in a wireless access point (host AP) setup with pfSense 2.0.1? Thanks -- Pete Boyd thegoldenear.org openplanit.co.uk ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] OpenVPN clients affected by upgrade from 1.2 to 2.0?
Thank you both for the useful information. ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
[pfSense] OpenVPN clients affected by upgrade from 1.2 to 2.0?
I have pfSense 1.2.3 setup to use its OpenVPN server. I use TinyCA to create CA and client certificates and keys on a separate computer, giving the CA cert to pfSense and the client certs & keys to users. If I upgrade pfSense 1.2.3 to 2.0.1, the OpenVPN will migrate fine, but will OpenVPN clients continue to be able to VPN into the pfSense OpenVPN server despite them not being in the User Manager, or do I have to additionally, manually, create accounts and paste in certs & keys using the User Manager? I'm expecting them to be able to VPN in fine as they have valid certificates for that CA, but am wondering if because they're not also represented in the User Manager that pfSense might block them for that reason. Thanks -- Pete Boyd thegoldenear.org openplanit.co.uk ___ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list