HAVP unstoppable



  • Hi,

    I use pfsense 1.2.3 with squid + squidGuard + lightsquid.
    Now I want to add HAVP.
    After installation, all seems okey.
    ( My configuration : (inet)->(HAVP)->(squid)->(local) )
    But now, impossible to use TightVNC witch use port 5900 … Don't really understand what is the relation between... HAVP and VNC....
    Any idea ?

    I have stopped HAVP, but impossible tu stop ClamAV...



  • hi bezourox,

    there is no relation between…i think

    have you a firewall rule to access tcp port 5900 to your lan interface in pfsense?

    i think this is the problem.

    you can stop the firewall with terminal command:
    pfctl -d
    for disable and
    pfctl -e
    to enable it

    good luck!



  • Hi,

    You are right, when I do pfctl -d, I can use VNC.
    But when I add 2 rules (the same on LAN and WAN)
    Source : any / Destination : anny / Port from : VNC (5900) and apply changes, impossible to use VNC…
    I check the config of my VNC, and the port used is 5900 (default)

    Strange...



  • @bezourox:

    Hi,

    You are right, when I do pfctl -d, I can use VNC.
    But when I add 2 rules (the same on LAN and WAN)
    Source : any / Destination : anny / Port from : VNC (5900) and apply changes, impossible to use VNC…
    I check the config of my VNC, and the port used is 5900 (default)

    Strange...

    This is you f/wall rule?
    proto:tcp source:any srcport:any destination:any destport:5900

    Must work…



  • This is my rules on LAN :

    Proto Source Port Destination      Port          Gateway
    TCP    *      *      *  5900 (VNC)  *

    No WAN rules.

    Doesn't work…



  • i have this :

    For LAN

    TCP LAN net * * 5900 (VNC) *   Allow LAN VNC

    For WAN

    TCP LAN net * * 5900 (VNC) *   Allow WAN VNC

    and when you use vnc over openvpn you have to put one access rule for the other network (f.e. 10.10.10.0/24) for wan and lan to test it ;)

    GOOD LUCK


Log in to reply