Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Routing all traffic through ipsec, pfsense can't update

    General pfSense Questions
    4
    8
    426
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jca1981 last edited by

      Hi i have a pfsense box a place where we route all trafic trough ipsec to another pfsense box, the inteternet connection does not allow any other traffic than ipsec.
      everything works great for clients but not for the pfsense box itself when i want to update the box or check for packages it does not work.
      i think i have to make a new lan gateway and maybe route netgate update ip to that (not sure what ip is used) but i am not really sure, anyone can help me?

      1 Reply Last reply Reply Quote 0
      • J
        jca1981 last edited by

        anyone know the ip where pfsense gets its updates and packages from?

        1 Reply Last reply Reply Quote 0
        • J
          jca1981 last edited by

          bump

          1 Reply Last reply Reply Quote 0
          • J
            jc2it last edited by

            It looks like you cannot manually update 2.3 and newer. Internet only. With that said it doesn't answer your question, but this shows you where the option used to be in the system.

            From: Firmware Updates - Version 2.3 and newer

            https://doc.pfsense.org/index.php/Firmware_Updates#Version_2.3_and_newer

            In 2.3 and newer versions, the update system is pkg-based, changing the available update methods. Upgrades are performed either under System > Update in the webGUI, or option 13 at the console. Manual updates are no longer available, and systems must be Internet-connected to update. 
            
            1 Reply Last reply Reply Quote 0
            • ?
              Guest last edited by

              • Do a config backup
              • Download the lastest version 2.4.1 64Bit
              • Do a fresh and full install on your pfSense box

              Be sure that the entire hardware is 64Bit only and that your installation is not a NanoBSD.

              1 Reply Last reply Reply Quote 0
              • J
                jca1981 last edited by

                thanks for replying but is does not solve the problem with no internet

                1 Reply Last reply Reply Quote 0
                • P
                  PiBa last edited by

                  I think youl need a workaround similar to this one: https://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN

                  Make your lan-ip the default gateway perhaps. The ipsec will probably still work going out the wan as it makes a static route of its own..

                  1 Reply Last reply Reply Quote 0
                  • J
                    jca1981 last edited by

                    Thanks, it worked, had to make 2 static routes bacause i can only select 0.0.0.0/1 in static routes so i made a anoter entry with 128.0.0.0/1 and updates began working.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post

                    Products

                    • Platform Overview
                    • TNSR
                    • pfSense
                    • Appliances

                    Services

                    • Training
                    • Professional Services

                    Support

                    • Subscription Plans
                    • Contact Support
                    • Product Lifecycle
                    • Documentation

                    News

                    • Media Coverage
                    • Press
                    • Events

                    Resources

                    • Blog
                    • FAQ
                    • Find a Partner
                    • Resource Library
                    • Security Information

                    Company

                    • About Us
                    • Careers
                    • Partners
                    • Contact Us
                    • Legal
                    Our Mission

                    We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                    Subscribe to our Newsletter

                    Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                    © 2021 Rubicon Communications, LLC | Privacy Policy