Install packages through LAN proxy
-
From the sound of it, you'll have to find a way to get the PFS to route out directly to the internet, even if only temporarily. If you have a gateway out to the web on the same network as the PFS WAN you can just change your default gateway out and that should do it. Otherwise, you may have to add a route to your switch to allow the PFS to 'see' the internet properly.
-
I know that. But I was hoping I could just use the local proxy for that, there's no way to put any internet connection on the WAN side at all.
-
Had a quick look at the php involved in downloading and installing the packages. From what I can see, the system pulls down a '*.pbi' package file and drops it in the /tmp folder from where it installs it. If you can set up a second PFS which can pull down the relevant package file directly from the internet, you could transfer the *.pbi to your internal PFS and install it manually perhaps.
https://forums.freebsd.org/threads/howto-install-pc-bsd-pbis-on-freebsd.35180/
-
That certainly would not work, downloading the PBIs will get you no GUI.
-
Yep, that's what I was afraid of.
-
Other than that - this should work on any 2.2.x box (see https://redmine.pfsense.org/issues/3612). Random pointers (this really is not debuggable in a meaningful way without logs from the proxy or some packet captures)
- If you have IPv6 set up there, tick the "Prefer IPv4" checkbox.
- Remember that the traffic is HTTPS (if the proxy won't proxy HTTPS, it won't work)
-
It doesn't work, sorry. (and I'm using IPv4 only)
On my proxy's log, I see when it connects from the dashboard to updates.pfsense.org via HTTPS. But there's no log entry at all for anyone trying to access packages.pfsense.org in any way, despite the fact that I clicked several times in the web gui to the Available Packages link. It just says "unable to communicate with https://packages.pfsense.org…" but in reality, it doesn't even try to touch the configured proxy server.
-
Do some packet capture, perhaps, and file a bug eventually.
-
OK, packages don't download through LAN proxy that's for sure.
Worked around by setting up a VPN server on LAN side, connecting from pfSense to that as VPN client and routing all internet traffic through it. -
That certainly would not work, downloading the PBIs will get you no GUI.
My bad. Hadn't tried it, so wasn't sure but thought it might be worth a go. Good to hear you found a workaround.
-
Hello i am new to this too . I have as a project to make a Computer work as DHCP , Firewall , DNS , http(s) proxy and L3 routing and route traffic from trusted and DMZ to and the outside network of the school that has internet connection threw another proxy. (Proxy support isn't working for me either) Is there any way to install the packages manually (even the pkg is not installed)?I can download any packages from my trusted network but i have no internet connection on pfsense.I posted here as its similar problem .
