HAVP unstoppable

bezourox

Hi,

I use pfsense 1.2.3 with squid + squidGuard + lightsquid.
Now I want to add HAVP.
After installation, all seems okey.
( My configuration : (inet)->(HAVP)->(squid)->(local) )
But now, impossible to use TightVNC witch use port 5900 … Don't really understand what is the relation between... HAVP and VNC....
Any idea ?

I have stopped HAVP, but impossible tu stop ClamAV...

onkeldave83

hi bezourox,

there is no relation between…i think

have you a firewall rule to access tcp port 5900 to your lan interface in pfsense?

i think this is the problem.

you can stop the firewall with terminal command:
pfctl -d
for disable and
pfctl -e
to enable it

good luck!

bezourox

Hi,

You are right, when I do pfctl -d, I can use VNC.
But when I add 2 rules (the same on LAN and WAN)
Source : any / Destination : anny / Port from : VNC (5900) and apply changes, impossible to use VNC…
I check the config of my VNC, and the port used is 5900 (default)

Strange...

dvserg

@bezourox:

Hi,

You are right, when I do pfctl -d, I can use VNC.
But when I add 2 rules (the same on LAN and WAN)
Source : any / Destination : anny / Port from : VNC (5900) and apply changes, impossible to use VNC…
I check the config of my VNC, and the port used is 5900 (default)

Strange...

This is you f/wall rule?
proto:tcp source:any srcport:any destination:any destport:5900

Must work…

bezourox

This is my rules on LAN :

Proto Source Port Destination      Port          Gateway
TCP    *      *      *  5900 (VNC)  *

No WAN rules.

Doesn't work…

onkeldave83

i have this :

For LAN

TCP LAN net * * 5900 (VNC) *   Allow LAN VNC

For WAN

TCP LAN net * * 5900 (VNC) *   Allow WAN VNC

and when you use vnc over openvpn you have to put one access rule for the other network (f.e. 10.10.10.0/24) for wan and lan to test it ;)

GOOD LUCK