I am still fighting with StrongVPN. I have managed to get the tunnel up, inasmuch as I received the message: "Initialization Sequence Completed". I have read that this means that the handshake between VPN server and client is  OK. Immediately thereafter, however, the VPN bombs.

Here is a log transcript. Might a good soul tell me what I am doing that is wrong? Thanks in advance! (Note that the newest entry is on the top.)

Apr 14 20:07:01 openvpn 56391 SIGTERM[soft,exit-with-notification] received, process exiting
Apr 14 20:07:01 openvpn 56391 /usr/local/sbin/ovpn-linkdown ovpnc2 1500 1546 10.8.0.86 10.8.0.85 init
Apr 14 20:07:01 openvpn 56391 Closing TUN/TAP interface
Apr 14 20:07:01 openvpn 56391 /sbin/route delete -net 10.8.0.81 10.8.0.85 255.255.255.255
Apr 14 20:07:01 openvpn 56391 TCP/UDP: Closing socket
Apr 14 20:06:59 openvpn 56391 SIGTERM received, sending exit notification to peer
Apr 14 20:06:59 openvpn 56391 event_wait : Interrupted system call (code=4)
Apr 14 20:06:56 openvpn 56391 Authenticate/Decrypt packet error: cipher final failed
Apr 14 20:06:47 openvpn 56391 Authenticate/Decrypt packet error: cipher final failed
Apr 14 20:06:37 openvpn 56391 Authenticate/Decrypt packet error: cipher final failed
Apr 14 20:06:36 openvpn 56391 Initialization Sequence Completed

Not yet, we are testing internally. There will be some announcement when we have an RC snap ready for testing.

Steve

@pantigon did you have any luck with cx255?

@Nova9 said in [HOWTO] Captive portal + FreeRADIUS + local MySQL user friendly single step:

Maybe the .js files aren't loading properly?

Use the right button of your mouse.
Every browser will give you the possibility to see the 'html source of the web page.
You'll be seeing in a split second if resource files like css and js files are not load, most of the time because they have another file on the system name.

Btw : The subject "Captive portal + FreeRADIUS + local MySQL user friendly single step:" is a rather big project.
Nothing something that can be pulled of 'ASAP'.
Using an old pfSense version gives you a new feature : you created a security time bomb.

Hello Sir,
We currently use the bind pfsense.
We are satisfied with the product, but we still have some things to clarify.

I wish to make the declaration of a zone reverse type:

For example:

zone "80/20.30.40.90.in-addr.arpa" {
xxxx,
}

But unfortunately the pfsense bind interface does not accept this kind of statement with a "/" and returns me an error message (syntax error?)
How I should do this type of statement without getting an error message?

Sincerly,

k. Shekohivand

I updated to 21.05 too, had no problems updating. Also applied the patch. Thanks for the help!

@stephenw10
It is too early to tell but my internet fell-over today so multiple disconnects and re-connection attempts...

...and the router didn't crash.

There is hope.

☕️

@binhex01 I already have a 120mm fan attached. Idles around +- 25° so that can't be a problem. I've PMed you with an offtopic question.

@dgcom:

I perfectly understand implications of this particular issue, and yes - it is not just a matter of replacing openssl executable… What I am saying is that recompiling everything is not very efficient. But, I guess, you know your product :)

…
@dgcom:

shouldn't build system be smart enough to recompile only if dependencies changed?

the build system is, but the system is packaged in a way that is a forklift upgrade on every update.

We're exploring ways to update differently (such that updates are more like freebsd-update), but even here
there are impacts that you might not imagine.

PBIs are dead after 2.2, btw.

@dgcom:

I, personally, do not run anything, based on recent versions of openssl - except pfSense.

this is probably mistake at this point.

hi,
here we can find some refurbished Dell EMC SD-WAN Edge 620, for a very interesting price. But i don't know if they are "unlocked", they say in the description that "No DNOS Installed", and "Supports Native Linux OS provided by the VNF partners. Supports KVM or ESXi hypervisors".
so do you think that we can easily install pfsense on it ?

EDIT:
on a deleted message in reddit someone said :

Dell EMC SD-WAN Edge 604 is a C3758 CPU It uses the same Motherboard as the VEP-1445.

However if you change the OS, it will boot loop. You must install the BIOS from the VEP-1445 onto the SD WAN if you want your own OS.

To Flash the BIOS you need to first flash the Dell Recovery OS from the VEP-1445 to the eMMC of the SD-WAN. Once booted to the recovery OS you can then flash BIOS.

EDIT 2 :
look at that : https://www.etb-tech.com/dell-emc-vep1425-switch6-x-1gb-rj45-2-x-10gb-sfp-sw02212.html

Licenses Installed : OPNsense 19.7.10.1 Installed

Hmm, OK. Since you have a screenshot does that mean it did boot correctly after that? Or did you roll back the driver to get that?

Just reporting that the 1.94 driver still works with 2.4.3. No issues so far. The change log is scary.

@mrrobot . I managed to solve the problem, but what exactly is going on? I can't say.
Change DNS Resolution Behavior to "Use remote DNS Servers" and put 9.9.9.9 as your first DNS server.