PFSense causes problem Exchange / Outlook Certificate



  • Hi,

    Last thursday we installed PFsense protecting a local LAN. The local LAN also contains a Exchange 2010 server. Today all users within the LAN experience certificate errors (mail.domain.com). The certificate is oke, but it looks like the problem is caused by PFSense. Does this sounds familiar to anyone ?

    Thanks all!


  • Banned

    Yeah, sounds like a zillionth case of "your DNS should point to LAN when you are on LAN"…



  • we have pfsense behind exchange 2007/2010/2013 everything works fine no error.
    as doktor said check your dns , and also port forwarding and nat
    its certificate over https also need to be checked



  • Thanks a lot, these answer were very helpful!

    Mail.domain.com for the internal systems resolved to the outside (!) WANIP. That has been changed. Also, there was a second problem. We set PFSense management interface to HTTPS instead of HTTP. Seems like this caused a problem for certificate authentication from the outside interface.

    So, changed my DNS settings on the server, mail.domain.com resolves to the internal server IP. And changed PFSense management interface to HTTP. Everthing works fine now!


  • Banned

    That wasn't really needed, you could have just moved the pfSense webGUI to a different port, plus… uhm... that WebGUI thing shouldn't normally be accessible from WAN at all.


Log in to reply