Subcategories

• Cache/Proxy

  Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.
  4k Topics

  21k Posts

  T

  @johnpoz said in Please help to configure HAProxy to serve certifficate on internal LAN too: Yeah - what part do you not understand if you always resolve nextcloud.domain.tld so that it hits your haproxy on your pfsense wan IP are you not getting? You have 2 options - use a different domain internally and always go to nextcloud.publicdomain.tld, or use the same domain internally as external and run into the problem of what IP it resolves to.. Change your local domain to say home.arpa or .internal or atleast something different than the public domain your using to point to pfsense wan IP on the public internet. You are shooting yourself in the foot trying to use the same domain externally as internally. There are ways around it, but they complicate the setup. For example you might be able to use views in unbound as one way to work around the problem. You could use only host entries for all your resources. But then again you run into a problem of using the fqdn for this service, now always pointing to your wan IP.. And that is great when you want to access the service haproxy is doing - but if you want to access that resource on some other service that haproxy doesn't handle - like say simple file sharing.. You are going to have problems. Since you clearly do not understand how any of this works - the simple solution is change the local domain you are using so it is not the same as the public domain you want to use to get to your nextcloud. This tone is outrageous directed at somebody who acknowledged right off the rip that English is not their first language. How many languages do you speak, John? And safely assuming it's only one—English of course—take it from a fellow English native that you'd do well to say more with less words. You otherwise were directing OP in the right direction in my opinion.
• IDS/IPS

  Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.
  2k Topics

  16k Posts

  T

  Here. I think. Referenced as "github.com: vendor-provided URL vendor-advisory" in your link.
• Traffic Monitoring

  Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.
  573 Topics

  3k Posts

  D

  @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.
• pfBlockerNG

  Discussions about the pfBlockerNG package
  3k Topics

  20k Posts

  T

  @netboy said in is something wrong with pfBlockerNG?: After my post, I "changed" DNSBL -> DNSBL mode from "unbound python mode" to "unbound mode" and so far i have no issues. Terrible idea. Moving backwards in development history there.
• UPS Tools

  Discussions about Network UPS Tools and APCUPSD packages for pfSense
  102 Topics

  3k Posts

  D

  @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.
• ACME

  Discussions about the ACME / Let’s Encrypt package for pfSense
  503 Topics

  3k Posts

  M

  I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?
• FRR

  Discussions about the FRR Dynamic Routing package on pfSense
  296 Topics

  1k Posts

  C

  This one has been tricky still not sure what to try. Any ideas?
• Tailscale

  Discussions about the Tailscale package
  93 Topics

  649 Posts

  L

  @mightykong @CarlMRoss Looks like you might be experiencing https://github.com/tailscale/tailscale/issues/17793 I also have a 6100 + Tailscale 1.90.6 so I will test mine now. update: I don't seem to be having this problem, which is odd because I'm usually that one guy in a thousand who has the strange bug that nobody else can reproduce. Have you tried deleting the contents of /usr/local/pkg/tailscale/state ?
• WireGuard

  Discussions about WireGuard
  715 Topics

  4k Posts

  P

  @andresbraga can show a diagram of your network layout (hand-draw is ok)? What was the reason to deactivate NAT? Did you decative it in general or only for the WG connection? Do you have firewall rule(s) for the WG connection that allows clients to access the firewall? relevant pfSense documentation: Remote Access VPN: https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-ra.html Wireguard help overview: https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/index.html