Click the logo (top left) - that should also go to the dashboard.

It may be your browser, too, IE has been known to do silly things like that.

And then there is the minor issue of DNS Rebind Check…  I'll wait for it to crop up.

What ptt said above. You cannot meaningfully test WAN from LAN. (Best case, it will get NAT-reflected back to LAN.)

Good stuff - I'm glad its working.

This is happening to me right now.  Internet is down (No IP on the WAN - Me and half the North East coast apparently) and so I bounced the pfsense box, not knowing that everything connected to FIOS for surrounding 4 states was offline, and it reboots just fine but no webconfigurator.  Verified the time in bios and that was fine.  Could it be possible pfsense was unable to read time from the onboard clock properly?

Anyway - very strange.  I suspect its a problem that will correct its self when internet outage is over.  I'm going to try revert to http and see if that has any effect.

(Reverting to webconfigurator had no effect at all.)

Changing this to HTTP was a really bad idea.  Accomplished nothing.  Created work for myself.
Easy work around was to throw a DD-WRT router in front of pfsense and then boot it so that it could grab an IP via DHCP from that router.  Even though there was no internet connectivity, this fixed the webconfigurator starting issue.  Once the normal internet returned, this problem disappeared.

Some of this won't make a difference, but won't hurt and might help.

This has nothing to do with it, but generally UDP is better than TCP for openvpn.
Try "Force all traffic generated through the tunnel"
compress tunnel packets
Set TOS IP header value of tunnel packets to match the encapsulated packets
Provide a default domain name to clients.  Call it something like openvpndom1
Provide NTP Server list to clients - You can get some IPs for them on the web from NTP.ORG
I assume the interface pfsense GUI falls within 10.100.0.0/16?

Now - I see you have "WAN1" listed as interface.  This means you have multiple WANS?
If so, you might need manual outbound NAT and set outbound routing by interface.

If you have packets coming in on 1 interface and trying to leave on another, that would break things.
(I'm actually a little in the dark on that because it seems hit and miss.  There is one pfsense running that I admin from time to time with 5 IPs, 5 WANs and no manual outbound NAT and it works just fine with openvpn.  Maybe because it only has 1 gateway?)

Why not just use the cert manager to either create a cert/key or import one from some other CA you run or use.

Then when you set your webgui to use https you can pick what cert you want to use from the dropdown list.

certwebgui.png
certwebgui.png_thumb

Cheers, Jimp! Thank's for the info!

Not sure the command, but if you want to break it again, you should be able to just check the same button again in the web gui?

(Yeah - I like everything there EXCEPT the mango with shrimp paste)

Windows Internet Explorer Command-Line Options or RTFM for your other browser.

@nabs:

Hi is there a way to monitor more than 3 pfsense servers at least link status for the cards.. (WAN , LAN, other)

I have 5 pfsense servers in different sites have them all connected through OpenVPN Site 2 site.

but i have to be checking them one by one so to view status and info.

and i was wondering if it is possible to grab some widgets from each server and create a customized dashboard with the info from different pfsense server.

might sound wired and out of scope but its getting annoying to be opening different tabs to check each one by one..
thanks

Hi,

Nubee here, I am interested on how you can connect site2site. I also have 3 pf servers on 2 diff location. I am using teamviewer to manage them but I also need something faster and your setup interest me. Would you care to share with me how would I use open vpn to monitor my 2 pf servers?

@a216vcti:

I just installed pfsense 2.0.3 on ESXi.  The server is connected to a linksys E4200 that is connected to my internet gateway(internet provider's modem/router).  When I type in 192.168.1.1, it continues to take me to the gateway.  Anyone know of a way to find out the webGUI address from the console?

You can also change the LAN IP from the console by selecting 2 > 2 then set your preferred LAN IP

We are working on a project with pfsense-php, but we want to see debug info from lighthttp, because is the web server under pfsense, maybe this could help us fix issue with our app.
Apache logs help a lot, but we have never work with this web server.
Is all, thanks for your input we will check that file, if u have more tips that could help us we will appreciate, thanks again.

This really depends on the subnet you are using.
But considering that 172.16.0.0 is the Net ID of the 172.16.0.0/16 block, yes this is probably a problem.
Why do you need to have it .0 ?
(I would use 172.16.0.1/24 as ip/gateway)

that's the one :)

where in the file structure can i find the themes folder?

If you download the root certificate and put that in your trusted certificate store in in the browser of the computer you are logging in with AND its common name etc etc are properly constructed, you will no longer get errors.  (I actually feel like ALOT of what goes on with certs and browsers is put there to make you feel uneasy unless you or someone else has paid a cert authority for a signed cert. - basically extortion on the stupid)

Here yes.  Without. This is just home. I only have traffic shaping running on the boxes others use for VPN access.
I used to have a 150 plan here, and it was nice but totally a waste here since the only servers running out of here are chat, phone, private VPN and other small things.  Nothing that ever touched my bandwidth.  So, I just moved it back to cheap old reliable FIOS rather than keep paying for bandwidth I never touched.  Mostly here what I need is less latency not more bandwidth.  I'll eliminate MOCA and should be all good.

Yes I get the rule in the firewall it just seems as if it is not working is all, I have no problem posting what ever is needed to help others and myself, just not sure on what you wanted sorry. I am a PFsense noob and moved over from DD-WRT, and have no or little experience with FreeBSD. I know a bit about Linux as that is what all my servers are running on (only saying all this so maybe the lingo gap for me can be bridged)

I speak good English but suck at typing and spelling lol so very sorry if that is making things harder

oh I think I know what you mean hold on, I will edit again in a sec

http://iblocklist.charlieprice.org/f/wujnnzxrgppvpdujdetm/bt_ads.gz

this is where I get the list from and as far as posting the Firewall rule it is auto gen'ed by PFblocker but I could take a screen shot if you need it