Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Dynamic Proxy via SSH broken?

    1.2.1-RC Snapshot Feedback and Problems-RETIRED
    4
    7
    4183
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      val123456 last edited by

      1.  Using 1.2.1 from Tuesday, 12 August. 
      2.  SSH to pfsense WAN interface from a remote network.
      3.  SSH connection works fine until I try to use a dynamic tunnel (using it as a SOCK proxy for browsing).*

      Has anyone else see this?

      *Details:  I ran PFtop in the shell.  PFtop updates until I try loading a web page.  Web page partially loads, then everything dies.  PFtop stops updating, browser times out.  Log shows ssh connection, followed by sshd client timeout a few minutes later.  No other log entries.  This configuration worked with 1.2.  The remote client configuration has not changed.

      Thanks,

      Colin

      1 Reply Last reply Reply Quote 0
      • V
        val123456 last edited by

        Update:  works from INSIDE the firewall.

        Colin

        1 Reply Last reply Reply Quote 0
        • N
          NickC last edited by

          Today I posted on a OpenVPN issue that may or may not be MTU related. I also see SSH problems via WAN (and I think not by LAN, but would need to re-test to be sure).
          My WAN SSH transfers usually fall over after about 1.5k, so I think it may also be a MTU problem or at least that the two issues are related in some way.
          Also, I'm testing on a quad-core, are you running multiprocessor? If so this could explain why nobody else is seeing this.

          Nick.

          1 Reply Last reply Reply Quote 0
          • V
            val123456 last edited by

            @NickC:

            Also, I'm testing on a quad-core, are you running multiprocessor? If so this could explain why nobody else is seeing this.

            Yup, SMP.  Core 2 Duo:

            CPU: Intel(R) Core(TM)2 Duo CPU    E4600  @ 2.40GHz (2394.01-MHz 686-class CPU)

            1 Reply Last reply Reply Quote 0
            • N
              NickC last edited by

              CPU: Intel(R) Xeon(R) CPU E5310 @ 1.60GHz (1595.93-MHz 686-class CPU)
              Other config info:
              Multi-wan, CARP interfaces on both WANs
              remotely tested SSH to real WAN infterface (broken)
              remotely tested OpenVPN to CARP on WAN (broken)
              remotely tested OpenVPN to CARP on OPT-WAN (broken)
              locally tested SSH on the LAN interface, works fine.

              How to test if this is a SMP issue? What's the simplest way to force the uniprocessor kernel. On pf 1.2 there was a uniprocessor/SMP select dropdown in the manual firmware upload GUI. Not here, BSD 7 may now detect on boot. Cannot force single core in the BIOS.

              Nick.

              1 Reply Last reply Reply Quote 0
              • W
                wallabybob last edited by

                The uniprocessor kernel should run on single CPU systems and multi-CPU systems. It will only ever start one CPU.

                The uniprocessor kernel has optimisations that are not possible on a multi CPU system.

                The SMP kernel should also run on single CPU systems and multi-CPU systems but will start whatever CPUs the BIOS tells it are present.

                1 Reply Last reply Reply Quote 0
                • C
                  cmb last edited by

                  Run "rm /boot/kernel/pfsense_kernel.txt" and you'll have the kernel selection box back.

                  I very seriously doubt if it's SMP vs. uniproc kernel related.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post