Packages for 1.2-RC2 - Cannot connect to pfsense.com?
-
I am starting a new thread from another because the thread is taking a different direction…
I have been trying to install pfsense v1.2-rc2 for a while now and the results have been the same - installation goes reasonably well but after installation, I cannot download packages.
The following is a quote from another thread...and I have tried this.
@Cry:
Sounds like either a DNS, routing or firewall problem.
From the pfsense host:
-
Can you resolve pfsense.com? "ping -c 1 -t 1 pfsense.com" from the command line
This should give you an IP, but will the ping will fail -
Can you fetch a file from pfsense.com: "fetch -o /tmp/test http://pfsense.com/" from the command line
This should give you a file in /tmp, called test, that is the home page of pfsense.com
Number 1 succeeds
Number 2 times out - however, if I try to do the same with http://www.google.com, it downloads the google page and saves it as "test".The results of number 2 above are leaving me a bit confused and frustrated at this point (wanting to point to a problem with pfsense.com).
My setup is the following:
inet <–----> Modem <--------------> pfsense f/w <---------------> LAN
WAN: ADSL2 Dynamic IP WAN: 192.168.0.2 network: 192.168.1.x
Internal: 192.168.0.1 LAN: 192.168.1.254
(static ip above) DHCP: 192.168.1.xThe pfsense install has been upgraded using today's firmware found at the following link: http://snapshots.pfsense.org/FreeBSD6/RELENG_1_2/updates/
(I hoped this might improve the situation, it did not.)Any suggestion or help would be appreciated.
L
-
-
Ok, so what IP do you get for pfsense.com?
On any other host between the modem and the pfsense host, can you connect to pfsense.com?
-
The IP that comes back from the "ping -c 1 -t 1 pfsense.com" command is: 69.64.6.13
As far as other machines being able to connect to pfsense.com - I am currently using a PC connecting through the pfsense f/w and it certainly loads the http://pfsense.com web page. (Resolves to the same ip address as above on this PC as well.)
Am I wrong that this is very strange?
-
The IP that comes back from the "ping -c 1 -t 1 pfsense.com" command is: 69.64.6.13
As far as other machines being able to connect to pfsense.com - I am currently using a PC connecting through the pfsense f/w and it certainly loads the http://pfsense.com web page. (Resolves to the same ip address as above on this PC as well.)
Am I wrong that this is very strange?
Run these tests from a pfSense console not a client behind pfSense.
-
Just to be clear, these tests were done from the console (selecting "shell" from the pfsense firewall machine) as reported in my original post.
-
Do your other hosts have a proxy set up?
-
Your DNS appears to be working properly. If you can fetch google.com and other sites, Internet access from your firewall is working. If you can access the site from the LAN and the LAN is NAT'ed to the WAN IP, there aren't any connectivity issues between you and our servers.
That leaves only one possibility that I can see - one of the above isn't true. fetch is fetch, the package system is completely identical on all installs, and it works for everybody else. Something doesn't add up.
Can you paste the exact output you get from:
fetch -o /tmp/test http://pfsense.com/ -
-
I had the same problem when running the modem in bridge or half bridge mode. how is your modem configured?
-
I've forwarded all traffic (all ports) to the firewall wan ip address.
It is a thompson speedtouch modem - I'm not happy with the options on that modem but it's worked this way with IPCOP and Astaro - the astaro had no problems downloading it's updates.
(There is an option to assign a device to the DMZ, but it won't let me do that for some reason…So I've used the port forwarding option (on the speedtouch called "application & game sharing") to create an application called IPCOP that includes all ports/protocols and forwarded to the IP address of the f/w wan nic.)
Does the above translate to "bridged mode"?
I hoped this would not be a discussion about the modem, as the other f/w's did not have any problem contacting the internet with the modem set as it is.
-
A bit more information that I've seen after installing a syslog server to monitor the firewall.
I see the following error after clicking on "Packages"
php: /pkg_mgr.php: xmlrpc communication error: rpc server did not send response before timeout.
Is it possible the time-out is too short? How could I change this?
L
-
PM me your public IP, I'll put a logging rule in on our server to see what it's seeing and check the web logs.
Also try:
fetch -o /tmp/test http://cvstrac.pfsense.org
fetch -o /tmp/test http://forum.pfsense.orgThe former hosted on the same server, latter on another server on the same network.
-
I'm suffering the same strange problem. I'm using 1.2RC3.
fetch -o /tmp/test http://pfsense.com/
fetch: transfer timed out
fetch -o /tmp/test http://google.com/
fetch: http://google.com/: size of remote file is not known
/tmp/test 3917 B 824 kBpsfetch -o /tmp/test http://cvstrac.pfsense.org
fetch: transfer timed out
fetch -o /tmp/test http://forum.pfsense.org
fetch: transfer timed out
I've seen with tcpdump that outgoing traffic is from my WAN CARP address, don't know if something to do with this …
lensor, have you resolved it finally ?
best regards.
-
it seems to connect to http port, but there is no dialog … only get timeout
telnet pfsense.com 80
Trying 69.64.6.13...
Connected to pfsense.com.
Escape character is '^]'.GET /index.php HTTP/1.0
On the other wan carp host member i neither receive packets from 69.64.6.13
Also tried this :
fetch http://www.pfsense.com/~sullrich/tools/easyrsa.txt
easyrsa.txt 100% of 736 B 4251 kBps
and it works ...
whats is the exact url related to packages ?