Solved IPSEC - HTTPS woes



  • Nevermind it all, I used Chrome/IE8, which both gave the same issue. Used linux w/ firefox, it worked. Thought why the hell not, used firefox on my win7, and it works. Seems to be an issue with the certificate.

    My current setup:
    Remote = monowall 1.33 w/ verizon fios. Ethernet from fiber box plugged directly into the firewall, firewall connects via ppoe. LAN = 192.168.1.0/24

    Local = pfsense 2.0 RC1 w/ Comcast, Modem > pfsense > LAN (192.168.0.0/24).

    I've managed to set up an IPSEC connection between pfsense 2.0 and monowall 1.33, HTTP traffic seems to work fine, however HTTPS seems a bit broken.

    It'll start off fine, then after maybe 10 seconds of use, no traffic makes it back to me. When I run netstat, it seems there are some ipv6 connections (or at least looks like), which is weird considering I've disabled ipv6 on my computer.
    NETSTAT info >>  TCP    192.168.0.4:1571       iad04s01-in-f100:http  ESTABLISHED

    This was the only other topic I found similar.
    http://forum.pfsense.org/index.php/topic,34482.0.html

    I have a wireshark dump, but it of course is much, much larger.

    This is my TCP dump, with 192.168.1.1 being the remote server.

    
    16:42:34.336896 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.358714 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 0
    16:42:34.358801 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.358916 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 412
    16:42:34.378314 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 0
    16:42:34.407976 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.409902 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.410006 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.430523 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.432150 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.432257 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.436099 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.450212 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 0
    16:42:34.455391 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.455507 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.456953 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.458546 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.458630 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.471079 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 0
    16:42:34.471146 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 0
    16:42:34.471284 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 429
    16:42:34.475337 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.476826 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.476917 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.479382 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.482814 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.482917 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.484021 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.485023 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.485120 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.486432 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1203
    16:42:34.486536 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.486627 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.493759 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 0
    16:42:34.496373 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 261
    16:42:34.508693 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 0
    16:42:34.542804 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.542936 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:34.543066 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.543183 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 0
    16:42:34.543285 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 452
    16:42:34.543391 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 0
    16:42:34.563763 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 0
    16:42:34.563836 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.563892 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 0
    16:42:34.563900 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.563959 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 466
    16:42:34.564060 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:34.564093 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.564163 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 460
    16:42:34.564175 IP 192.168.1.1.80 > 192.168.0.4.1387: tcp 0
    16:42:34.564213 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 448
    16:42:34.564265 IP 192.168.1.1.80 > 192.168.0.4.1388: tcp 0
    16:42:34.564283 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 0
    16:42:34.564314 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 466
    16:42:34.564415 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 0
    16:42:34.564522 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 459
    16:42:34.567214 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 261
    16:42:34.567571 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 459
    16:42:34.585870 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 0
    16:42:34.586212 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 0
    16:42:34.586314 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.586337 IP 192.168.1.1.80 > 192.168.0.4.1387: tcp 0
    16:42:34.591162 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 261
    16:42:34.591219 IP 192.168.1.1.80 > 192.168.0.4.1388: tcp 0
    16:42:34.591583 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 466
    16:42:34.594251 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 261
    16:42:34.594566 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 460
    16:42:34.596124 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 261
    16:42:34.596429 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 466
    16:42:34.596562 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 261
    16:42:34.597130 IP 192.168.1.1.80 > 192.168.0.4.1387: tcp 261
    16:42:34.598734 IP 192.168.1.1.80 > 192.168.0.4.1388: tcp 261
    16:42:34.614283 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 261
    16:42:34.618560 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 261
    16:42:34.618916 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 261
    16:42:34.623343 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 336
    16:42:34.646668 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 384
    16:42:34.648615 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.648676 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.771966 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.791088 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.791958 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 0
    16:42:34.793961 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 0
    16:42:34.793995 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 0
    16:42:34.811961 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.811995 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:34.831111 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 261
    16:42:34.831178 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.831811 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 261
    16:42:34.831869 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:38.861006 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 0
    16:42:38.881983 IP 192.168.1.1.443 > 192.168.0.4.1389: tcp 0
    16:42:38.882066 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 0
    16:42:38.882223 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 154
    16:42:38.905771 IP 192.168.1.1.443 > 192.168.0.4.1389: tcp 0
    16:42:38.961724 IP 192.168.1.1.443 > 192.168.0.4.1389: tcp 796
    16:42:38.962217 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 0
    16:42:38.962383 IP 192.168.0.4.1390 > 192.168.1.1.443: tcp 0
    16:42:38.984207 IP 192.168.1.1.443 > 192.168.0.4.1390: tcp 0
    
    

    Just tried accessing VIA a linux (ubuntu 10.10) box (vs my windows 7), and no problems. Now I'm very confused. Just going to tack this on to more reasons to hate windows.


Log in to reply