Re: [pfSense] Two factor Authentication

2016-12-08 Thread RB
On Thu, Dec 8, 2016 at 2:33 AM, user49b wrote: > Any idea's on how to get two factor authentication to work in console and/or > GUI? Should be pretty simple. Point the system to third-party authentication (say, AD). Configure that third-party option to use 2-factor. Enter

[pfSense] Two factor Authentication

2016-12-08 Thread user49b
Hi Any idea's on how to get two factor authentication to work in console and/or GUI? Regards Chris ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] Two factor Authentication

2016-12-08 Thread Eero Volotinen
Just configure radius with two factor authentication and point authentication server to it: sample how to configure two factor radius under linux: http://www.supertechguy.com/help/security/freeradius-google-auth I am using it with minor modifications for vpn and console+gui authentication.. --

Re: [pfSense] pfsense rules

2016-12-08 Thread Freund, Ingo
put the more restrictive rules before the "allow any" rule. - Ingo > -Original Message- > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Luc Paulin > Sent: Thursday, December 08, 2016 5:51 PM > To: pfSense Support and Discussion Mailing List > Subject: [pfSense] pfsense

Re: [pfSense] pfsense rules

2016-12-08 Thread Luc Paulin
I knew the rules were processed in order, but didn't think about doing it this way. Thanx ! -- ! ( o o ) --oOO(_)OOo-- Luc Paulin email: paulinster(at)gmail.com Skype: paulinster 2016-12-08 11:57

[pfSense] pfsense rules

2016-12-08 Thread Luc Paulin
Hi Everyone, I am curently to look at migrating rules from our iptable/fwbuilder system to pfsense. But now I am facing an issue. I need to grant internet access from LAN to WAN, so I created a rule PASS ANY on the LAN interface. However this cause an issues because I want to have specific

Re: [pfSense] pfsense rules

2016-12-08 Thread Moshe Katz
Remember that rules are processed in order. Given that fact, here's one way to do what you want. First, put in any rules that ALLOW specific traffic from LAN to OPT2. Then, put in a rule to DENY ALL TRAFFIC from LAN to OPT2. Finally, put the rule to ALLOW ALL TRAFFIC from LAN to ANYWHERE. This