did you found a solution?

No problem, your thanks is enough.  :) I think Jason's catch was probably the showstopper anyway. Enjoy playing with pfSense! Steve

Thank you  so much.

You could for instance get a VPN tunnel provider which is located in another country, and then use policy-based routing on pfSense to send traffic towards the website through the VPN tunnel. Not sure if pfSense is able to use external http proxy services based on rules.

Ok, so what's behind pfSense that can't see the IPTV box? Steve

So just to be sure you're not running pfSense yet at all? Instead you're running Windows on the box just to test the hardware? To make windows run as a router you need to use 'internet connection sharing'. Just enable it on the connection to the internal wifi device. They may have renamed it in the 10+ years since I last used it for anything!  ::) Steve

If you're using that wifi router just as an access point you probably don't want to use its WAN port. Instead connect directly to one of it's LAN ports and make sure you've disabled its DHCP service. That will make it act as an access point only. The exception to this is some routers have an 'access point' mode where the WAN port is added to the LAN port bridge or if you're running a third party firmware and can add the port manually. Steve

Both of the above suggested methods do not produce the result of issuing the command manually through CLI, the debug.txt contains no specifics to point to errors or privileges in execution of the script. the environment of cron is /var/log while environment of CLI is /root  How to execute cron scripts with /root environment

The two CA don't need to have the same keys on windows but must have the same name/freindly names I know this because I use a MITM to peek at SSL data and then isue fake certificates on the fly and did not always import the root CA and it all still worked if that helps

Friends, I have pfsense running perfectly with firewall and also authenticated proxy. But I have a serious problem when access the Proxy Server Logs in Real Time. So I Denied appears on users to pass through authentication. Anyone know why? Example: I when the user authenticate with your password and try to access blocked sites, deniede appeared in the logs. It does not. The error page also takes a long time to appear, even redirecting it to another page. Can someone help me?

ok will need to try it

Have seen the same problem occur with our setup: https://forum.pfsense.org/index.php?topic=73460.msg401168

I had that problem myself but never found out the reason. The problem just did not occur anymore and I did not have the opportunity to analyze this. There are several possible reasons apart form a problem with pfSense itself: pfSense could not receive group membership packets by the receivers of the stream or the provider could simply have caused that drop. You could start by monitoring the IGMP traffic on the WAN interface (Diagnostics / Packet Capture). I would prefer using tcpdump from the command line on pfSense because you can filter IGMP traffic. If you do that while receiving the stream then when you have drops you should check the exact time. This way you can associate the drops with events in the packet trace. I would first look whether the drops have been caused by missing IGMP packets to your provider.

What error are you seeing? You can switch back to http at the console: https://doc.pfsense.org/index.php/I_locked_myself_out_of_the_WebGUI,_help!#HTTP_vs_HTTPS_confusion Steve

The backup/restore functionality is pretty comprehensive.  Instead of imaging, perhaps try installing fresh and then loading the old config via Diagnostics - Backup/Restore.

@paklids: 3. Make pfsense "puppet friendly" (or just get the ball rolling - it doesn't have to be complete). Yeah, someone can post a bounty….then wait.....then get no response. Keep in mind that these changes are going to appeal to Enterprise environment admins who already have their commercial firewalls with dedicated change management systems - those people rarely post bounties. Although this is a somewhat old post, the situation may change to match your needs… I've started adding puppet support to pfSense as a separate package: https://forum.pfsense.org/index.php?topic=79397.0 You're welcome to contribute to the pfSense puppet provider and the puppet modules: https://github.com/fraenki/puppet-pfsense https://github.com/fraenki/puppet-pfsense_rancid https://github.com/fraenki/puppet-pfsense_autoupdate Regards Frank

KOM, I am using 2.1.4 with Squid version with 2.7.9. Not sure why I couldn't save the changes, so I did a Backup and reset the system to factory settings and now it seems to be working fine.