Pfsense is not connecting to internet



  • Hello,

    So I just installed pfsense 2.1.5-RELEASE (amd64) which supports 2 LAN and 1 WAN interface and I am currently facing an issue.

    I've the proxy settings up and running and I see the "You are on the latest version" message on the dashboard but when I am trying to install / download packages and click on "Available Packages", I get the following error - "Unable to communicate with http://packages.pfsense.org. Please verify the DNS and Interface configuration, and that pfSense has functional internet connectivity.

    Also I am unable to ping any site such as google.com while I have the DNS routed to 8.8.8.8 and 8.8.4.4.

    I have tried downloading a local copy of the packages and copying them over to the pfsense box but I am also unable to do that as the scp client doesn't let me login to the pfsense box for more than 15 seconds.

    Any help will be highly appreciated

    Thank You



  • Short answer: edit your /etc/inc/globals.inc, change the xmlrpcbaseurl from https to http.

    "xmlrpcbaseurl" => "http://packages.pfsense.org/",
    

    Long answer:
    In order to retrieve package updates for pfsense from behind an upstream web proxy, you may need to change the base URL used by the package manager.  The pfsense updater and the package manager work differently, so system updates may work fine.

    Your upstream proxy probably doesn't support the mechanism that the package manager's XML_RPC client is trying to use.

    The package manager connects to your upstream web proxy and says something like:

    
    POST https://packages.pfsense.org:443/xmlrpc.php HTTP/1.0
    User-Agent: PEAR XML_RPC
    Host: packages.pfsense.org
    Content-Type: text/xml
    ...
    
    

    Most clients would usually start their request out like this:

    
    CONNECT https://packages.pfsense.org:443/xmlrpc.php HTTP/1.0
    ...
    
    

    Many proxies choke on the type of request that the XML_RPC client uses, but disabling the HTTPS gets around it.  The xmlrpc_client checks the URL from globals.inc, and changes it from port 443/SSL to 80 in its xmlrpc_client.inc logic.