How to install pfBlockerNG if you don't want to upgrade to pfSense v2.4.4
-
What is your reasoning for wanting to stay on 2.4.3? Is it even p1?
Curious minds need to know ;)
-
I can't get my Multiple (iOS, Android, Windows 10) IPSec Roadwarrior config to work on 2.4.4 (only one at a time) where it is running fine on 2.4.3p1.
-
Where is your thread to this problem? Is there an actual bug report of this in redmine? Have not seen anyone else complaining about such an issue.
-
Yes,
https://forum.netgate.com/topic/122307/multiple-roadwarriors-phase-1/8
-
Dude that was a YEAR AGO.. and doesn't seem like it worked on 2.4.3 even you had to do some work around for whatever it is your doing..
I would agree with the advice given... Road warriors much easier to just use openvpn... FREE client that works on anything..
You need to created new thread with whatever issue it is you think your having... Lots of changes with ipsec in 2.4.4 with vti, etc. So not exactly sure what your doing... But you should start a thread with the details.. Not ask how to stay on what will become non supported version at some point..
-
Yes, it's a year ago, and working fine for almost a year.
Never change a winning team, lots and lots of updates are causing more troubles than they solve these days.I'll create a new issue then.
Thanks for your support.
-
Never change a winning team?
Then we would be still running like dos 5.2... Come on - there is going to be constant change... Especially in IT.. That your still using ipsec is beyond me for road warriors.. Good luck getting that to work with any sort of hotspot access..
Openvpn can be bounced off a proxy for gosh sake.. and doesn't care about nat, etc.
-
Some habits are indeed hard to break but every customer I had to deal with for the last two years with conversions from %software/%hardware to pfSense that had some proprietary IPSec things running I managed to convert to OpenVPN. Yes they had to install a piece of software (and yes that's hard for some or sometimes even not allowed) but even those in financial sectors got to see that it's much easier then tinkering around with various IPsec implementations and getting all together (try dealing with MS, Apple and mobile iOS & Android devices that should use the same dial-up IPsec without any additional software... bleh).
Help yourself to use a more flexible and easier to configure solution then running IPsec! -
Thanks for you reply,
I'll look into OpenVPN, I used it before, years ago.
Problem is that the company I work for has restrictions on their IT platform, laptops and computers, I as user/employee can't install any software on it, there is Shrew Soft VPN Client installed on all of the laptops, maybe that one can connect to OpenVPN or any of the other vpn services in pfSense. -
Shrew Soft is obsolete, there is not even some official Windows 10 Client.
5 year old VPN client is allowed by IT restrictions but no top of the line and free OpenVPN? Weird company...-Rico
-
@rico said in How to install pfBlockerNG if you don't want to upgrade to pfSense v2.4.4:
Shrew Soft is obsolete, there is not even some official Windows 10 Client.
5 year old VPN client is allowed by IT restrictions but no top of the line and free OpenVPN? Weird company...-Rico
Had the same restriction with an financial sector customer (SAP consultants) and told them the same things. ShrewSoft is allowed for some IPSec dial-ins (with chosen cipher suites that are equally old as the software, 3DES and such) or - even worse - guys that stubbornly told me, that they used PPTP(!) to "VPN into that bank customer" - sometimes reality is more satirical as any magazine/show/internet blog you can imagine ;)
