Domain user can only access https sites and blocked from port 80 sites???
-
And stuff like
The rule that triggered this action is:
@61 block drop in log quick all label "Default deny rule" -
Could it be the server, I don't think so. I just switched the dns on the server to 4.2.2.2 that should have taken the dns out of the picture, I believe that 4.2.2.2 is a public dns.
-
How do you turn pfsense back on after hault system?
-
I'm bummed I just replaced the pfsense box with a old sonic wall I had and it works. All but email, so far. Sad night/morning.
-
What could have gone wrong in a day? I hate SonicWall, I should go home and sleep now I need to be back here in 5 hours. :'(
-
A few questions:
- Is your squid transparent? Do you use captive portal? Is your webgui on port 80(http)?
- What is your user's network setting? Do they set proxy? Do they use your pfsense as gateway? Or something else?
- (If you are not using proxy)What is the firewall rule that permit your users to go out to WWW? eg. Allow any ip any port to non-internal-network port 80. This rule should sit on your LAN interface.
- When you say Domain users, do they need to perform any authentication to use internet? Sth like captive portal? Or Squid authentication? etc?
If your squid is transparent, try reinstall your squid package, miracle might happened.
If all port 80 traffic fall into the "Default deny rule", it could be that the component that handle http traffic isn't working properly.
-
I tried the squid both transparent and not. No captive portal, yes gui is on 80.
The users did use the pfsense box as a gateway no proxy.
It had/has allow any to 80
Domain users need to authenticate to gain access to the network I suppose that really should have nothing to do w/ PF.PF runs on a old dell pc I had in a vbox, so I guess many things could have gone wrong other then the rules / squid / snort… I'm going to rebuilt it this SonicWall thing is only temporary.
-
Yikes my cable service went south yesterday…
Is the pfsense GUI on port 80? Can you see the gui?
Did you originally set this box up?
My guess is that you may have a package config error that is blocking you.
Save your config.
Delete your packages.
Add them back one by one.
See at what point you start to see the problem again.. Hopefully its gone away by deleting the packages...
You can always go back to your saved config...
-
if squid is involved you should look at that … if it is running transparently and something is wrong with it then all http traffic will fail and all other traffic will be fine
-
Well I went to upgrade the sonicwall and it also died, tech support said they would send a new one. What a joke I need it to run a 100 user network now. Anyway I rebuild the Pf box from scratch and got it all working again owa still is still not working but I needed sleep. So i guess it could have been one of the packages so now I have a back up of my config and once I get owa back up and running I'll take another back up then build a failover PF box I guess.
-
I had a PFS box that with similar(if not exact) problem as what you described, all the settings are okay, webGUI okay, captive portal radius auth okay, even package info display nicely(if internet down it will say sth like can't access server), but just no internet connection on the user side. The issue fixed by reinstalling the squid package. My squid is on transparent mode.
Did you try to reinstall the squid package to see if it can help your issue? Your squid is in transparent mode so it is capturing all port 80 traffic automatically but it is not proxying them out. Did you see anything funny in the squid cache.log? Did your squid use any disk cache? What is your hdd usage?
Or apparently the most direct way backup your settings, factory default your PFS, and restore them back, the squid would reinstall itself and settings will retain(once an internet connection hooked up to WAN), be warned that I never try this on any snort.
Better if you have another spare machine, set it up as PFS, and try on that. So you won't ruin the old PFS further.
