And / or your test client is not respecting the HSTS policy maybe?

@safia said in Natgate 6100 Problem:

I do not see the windows the below window

What do you see at the serial console then?

Very unlikely. As mentioned all the current work is on FreeBSD main builds. Currently that's 14.

Steve

Longer route, more hops. Generally more chances to lose packets.

1.1.1.1 is an anycast address so you see replies from whatever is logically closest to you.

Steve

The printer will be establishing a connection to the server outbound that is then used to send printjobs to it.
It's as secure as any IoT device. You would hope more so because HP is running it, but....

The risk is that the printer connects to something that isn't HP's server and that connection allows back in more than just printjobs. That should be difficult to impossible if HP have done a good job.

As always it comes down to security vs convenience.

Steve

I have created and submitted a pull request for the Netgate developer team to review and merge. The request is posted here: https://github.com/pfsense/FreeBSD-ports/pull/1221.

Once this is merged into the pfSense snapshot branches, a new Snort GUI package version will appear (version 4.1.6_5). It may take a bit to get merged and built because the team is quite busy prepping the upcoming new pfSense releases.

And that worked?

If not then check for blocked traffic. Check the state table at both sites make sure traffic is going where you think it should.

Steve

@dominikhoffmann said in Gateway has 100% WAN packet loss but is online:

I can ssh into the WAN address the gateway reports, from outside of the LAN.

I don't think that really answers the question. [Also, it seem strange that you would be able to ssh into the gateway?]

When you look in VPN > OpenVPN > Servers, what are the Tunnel Networks?

When you look in Status > Gateways, what are the addresses being monitored?

Boooo!

I mean.... I'm pretty sure that's what they are trying to do. But that doesn't rule out ineptitude!
Hanlon's razor may apply. 😉

@stephenw10 I think I either fixed this or its not my main issue...going to open a new post for my main issue

ok run into same thing ...
gonna have a look into this

2.6CE

brNP

You can execute commands directly using ssh if you have key based authentication setup. Like:

steve@steve-NUC9i9QNX:~$ ssh root@apu "sysctl dev.amdtemp.0.core0.sensor0" dev.amdtemp.0.core0.sensor0: 54.1C

You have to use root to avoid the menu.

Steve

VLAN10 only needs to have ports 1 and 8 as members if you don't need to have DMZ hosts anywhere except as VMs. Otherwise that will work for the switch config.
The VBox config is probably going to be more complex. I'm not sure I've ever tried it, I moved away from VBox a while back.

@stephenw10 All working now. Thank you all.

@stephenw10 Ok then, I will use the email option to remind our users to change passwords when they are about to expire.

Stunnel listens on localhost and forwards requests to dap.google.com so I would expect to point Freeradius at localhost on the appropriate port. As you do for LDAP auth directly:

https://docs.netgate.com/pfsense/en/latest/recipes/auth-google-gsuite.html#configure-ldap-authentication-on-pfsense-software

That appears to be the same crash report file. Do you have a different one?

0.5.1 has been released with support for nat forwarding of non-TCP/UDP protocols.

https://galaxy.ansible.com/pfsensible/core

Actually, a simple reboot cleared up this problem (I was afraid to reboot before going to bed).
It was odd.

I suspect it was nginx problem but I was not able to fix it

Thx all!