Subcategories

• Cache/Proxy

  Discussions about packages which handle caching and proxy functions such as squid, lightsquid, squidGuard, etc.
  4k Topics

  21k Posts

  H

  @johnpoz said in Please help to configure HAProxy to serve certifficate on internal LAN too: @ha11oga11o if you resolve nextcloud.mydomain.xx to your external IP, ie the same one public people do then it would be handled by your haproxy. Example I have ssl offloading for external users for the public fqdn something.mydomain.tld - this resolves externally to my public IP that hits pfsense wan, this also resolves to my public IP when on my local network, so again haproxy handles the ssl, etc. But if I wanted or needed to access that directly on my local lan then I use its name.home.arpa:port that the service is on that doesn't do ssl, etc. What is the point of using the same fqdn internally and externally? What do you think that gets you other than issues? On this case problem is that phone nextcloud client hangs when switching out and in. Simply cannot be used when inside LAN. Well, it can be used either out or in. But to switch it it needs to be totally reset and sync. It remember which connection is allowed, at which cert. And sticks on that. Basically its useless until i sort this out to behave exactly same out and in. I cant believe no one had similar issue at home lab self hosted?? Im sure someone had need to do things like this? Thank you again.
• IDS/IPS

  Discussions about packages whose functions are Intrusion Detection and Intrusion Prevention such as snort, suricata, etc.
  2k Topics

  16k Posts

  R

  @bmeeks Understood. Thank for kindly for your help. I will likely be ordering a new unit soon.
• Traffic Monitoring

  Discussions about packages that handle bandwidth and network traffic monitoring functions such as bandwidtd, ntopng, etc.
  573 Topics

  3k Posts

  D

  @kabeda If memory serves, that old version of ntopng did not run as user ntopng, but as user nobody. There are lots of problems in that old version. Anyway, check the ownership and permissions of /var/db/ntopng and make sure it matches the user that ntopng runs as. You may need to set ownership of the entire hierarchy. Example: /usr/sbin/chown -R nobody:nobody /var/db/ntopng However, the better choice would be to upgrade to a more recent version.
• pfBlockerNG

  Discussions about the pfBlockerNG package
  3k Topics

  20k Posts

  G

  @carlinix said in DNSBL blockpage only works with root domain: Meaning http://detectportal.firefox.com/ redirects to the DNSBL blockpage with the blocked domain info "This website detectportal.firefox.com has been blocked by the Network Administrator!" I presume that "detectportal.firefox.com" is just an example here. But ... be aware that this URL shouldn't be blocked if possible for two reasons : The resource requested returns just a 8 byte 'page' : it says 'success'. This URL is most probably be used by the OS or app on a device (probably Firefox ) to detect the presence of a captive portals on the connected network.
• UPS Tools

  Discussions about Network UPS Tools and APCUPSD packages for pfSense
  102 Topics

  3k Posts

  D

  @fjmp24 said in Notification: UPS ups battery is low: If I remove ignorelb directive, my UPS shuts down after 16 seconds This means your UPS is signaling a low battery. Either your battery is bad, or your UPS is bad. Most likely battery, but you never know. I suggest reaching out to Eaton support.
• ACME

  Discussions about the ACME / Let’s Encrypt package for pfSense
  503 Topics

  3k Posts

  M

  I am using the DNS-Update method I have to use a DNS-Sleep of 5 minutes to let the letsencrypt txt dns record update propagate. During this 5 minutes the acme-webgui times out. when the acme-webgui times out the Action list is NOT executed. How can I solve this ? Would it maybe be an idea to let the acme.sh script execute the actions in the action list as a post-hook instead of the web-gui? Or maybe add an option to add post-hooks in the webUI ?
• FRR

  Discussions about the FRR Dynamic Routing package on pfSense
  296 Topics

  1k Posts

  C

  This one has been tricky still not sure what to try. Any ideas?
• Tailscale

  Discussions about the Tailscale package
  92 Topics

  639 Posts

  E

  Updated CE 2.8.1 to 1.90.4. Looks like they are already working on .6 Freshports pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.90.4.pkg Changelog
• WireGuard

  Discussions about WireGuard
  714 Topics

  4k Posts

  R

  I was on PfSense version 23.xx (don't recall the xx) and was able to start the Wireguard service. I upgraded to the 25.11 beta version and now the Wireguard service will not even start. I am on Wireguard version 2.1, and I see that there are versions that go up to 2.9. How do I upgrade to a later version? The only version in the pfSense updater is 2.1. Thank you