Solved IPSEC - HTTPS woes



  • Nevermind it all, I used Chrome/IE8, which both gave the same issue. Used linux w/ firefox, it worked. Thought why the hell not, used firefox on my win7, and it works. Seems to be an issue with the certificate.

    My current setup:
    Remote = monowall 1.33 w/ verizon fios. Ethernet from fiber box plugged directly into the firewall, firewall connects via ppoe. LAN = 192.168.1.0/24

    Local = pfsense 2.0 RC1 w/ Comcast, Modem > pfsense > LAN (192.168.0.0/24).

    I've managed to set up an IPSEC connection between pfsense 2.0 and monowall 1.33, HTTP traffic seems to work fine, however HTTPS seems a bit broken.

    It'll start off fine, then after maybe 10 seconds of use, no traffic makes it back to me. When I run netstat, it seems there are some ipv6 connections (or at least looks like), which is weird considering I've disabled ipv6 on my computer.
    NETSTAT info >>  TCP    192.168.0.4:1571       iad04s01-in-f100:http  ESTABLISHED

    This was the only other topic I found similar.
    http://forum.pfsense.org/index.php/topic,34482.0.html

    I have a wireshark dump, but it of course is much, much larger.

    This is my TCP dump, with 192.168.1.1 being the remote server.

    
    16:42:34.336896 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.358714 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 0
    16:42:34.358801 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.358916 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 412
    16:42:34.378314 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 0
    16:42:34.407976 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.409902 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.410006 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.430523 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.432150 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.432257 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.436099 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.450212 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 0
    16:42:34.455391 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.455507 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.456953 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.458546 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.458630 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.471079 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 0
    16:42:34.471146 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 0
    16:42:34.471284 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 429
    16:42:34.475337 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.476826 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.476917 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.479382 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.482814 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.482917 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.484021 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.485023 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1460
    16:42:34.485120 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.486432 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 1203
    16:42:34.486536 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.486627 IP 192.168.0.4.1382 > 192.168.1.1.80: tcp 0
    16:42:34.493759 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 0
    16:42:34.496373 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 261
    16:42:34.508693 IP 192.168.1.1.80 > 192.168.0.4.1382: tcp 0
    16:42:34.542804 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.542936 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:34.543066 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.543183 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 0
    16:42:34.543285 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 452
    16:42:34.543391 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 0
    16:42:34.563763 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 0
    16:42:34.563836 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.563892 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 0
    16:42:34.563900 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.563959 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 466
    16:42:34.564060 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:34.564093 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.564163 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 460
    16:42:34.564175 IP 192.168.1.1.80 > 192.168.0.4.1387: tcp 0
    16:42:34.564213 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 448
    16:42:34.564265 IP 192.168.1.1.80 > 192.168.0.4.1388: tcp 0
    16:42:34.564283 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 0
    16:42:34.564314 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 466
    16:42:34.564415 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 0
    16:42:34.564522 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 459
    16:42:34.567214 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 261
    16:42:34.567571 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 459
    16:42:34.585870 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 0
    16:42:34.586212 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 0
    16:42:34.586314 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.586337 IP 192.168.1.1.80 > 192.168.0.4.1387: tcp 0
    16:42:34.591162 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 261
    16:42:34.591219 IP 192.168.1.1.80 > 192.168.0.4.1388: tcp 0
    16:42:34.591583 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 466
    16:42:34.594251 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 261
    16:42:34.594566 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 460
    16:42:34.596124 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 261
    16:42:34.596429 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 466
    16:42:34.596562 IP 192.168.1.1.80 > 192.168.0.4.1383: tcp 261
    16:42:34.597130 IP 192.168.1.1.80 > 192.168.0.4.1387: tcp 261
    16:42:34.598734 IP 192.168.1.1.80 > 192.168.0.4.1388: tcp 261
    16:42:34.614283 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 261
    16:42:34.618560 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 261
    16:42:34.618916 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 261
    16:42:34.623343 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 336
    16:42:34.646668 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 384
    16:42:34.648615 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.648676 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.771966 IP 192.168.0.4.1386 > 192.168.1.1.80: tcp 0
    16:42:34.791088 IP 192.168.1.1.80 > 192.168.0.4.1386: tcp 0
    16:42:34.791958 IP 192.168.0.4.1383 > 192.168.1.1.80: tcp 0
    16:42:34.793961 IP 192.168.0.4.1387 > 192.168.1.1.80: tcp 0
    16:42:34.793995 IP 192.168.0.4.1388 > 192.168.1.1.80: tcp 0
    16:42:34.811961 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.811995 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:34.831111 IP 192.168.1.1.80 > 192.168.0.4.1384: tcp 261
    16:42:34.831178 IP 192.168.0.4.1384 > 192.168.1.1.80: tcp 0
    16:42:34.831811 IP 192.168.1.1.80 > 192.168.0.4.1385: tcp 261
    16:42:34.831869 IP 192.168.0.4.1385 > 192.168.1.1.80: tcp 0
    16:42:38.861006 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 0
    16:42:38.881983 IP 192.168.1.1.443 > 192.168.0.4.1389: tcp 0
    16:42:38.882066 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 0
    16:42:38.882223 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 154
    16:42:38.905771 IP 192.168.1.1.443 > 192.168.0.4.1389: tcp 0
    16:42:38.961724 IP 192.168.1.1.443 > 192.168.0.4.1389: tcp 796
    16:42:38.962217 IP 192.168.0.4.1389 > 192.168.1.1.443: tcp 0
    16:42:38.962383 IP 192.168.0.4.1390 > 192.168.1.1.443: tcp 0
    16:42:38.984207 IP 192.168.1.1.443 > 192.168.0.4.1390: tcp 0
    
    

    Just tried accessing VIA a linux (ubuntu 10.10) box (vs my windows 7), and no problems. Now I'm very confused. Just going to tack this on to more reasons to hate windows.


Locked