[pfSense] Requiring TLS 1.1 for OpenVPN
PCI scanning is now failing TLS 1.0 connections. Is it as simple as adding "tls-version-min 1.1" (or 1.2) to the OpenVPN: Server/Advanced configuration/Advanced text box? -- Steve Yates ITS, Inc. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Pfsense + Cloudflare
Seth Mos wrote on Thu, Apr 30 2015 at 10:09 am: > If you want any meaningful address information you need to look at the > headers that the proxy service provides you. I was going to point that out (CloudFlare sends the IP in HTTP request headers) but that won't help at the firewall/packet level. At that point (theoretically) I suppose CloudFlare would have to have functionality to act as a firewall? And pfSense configured to only allow traffic from it. -- Steve Yates ITS, Inc. ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] Pfsense + Cloudflare
Roy Sandbergen - Webguru schreef op 30-4-2015 om 16:02: > Hi All, > > Does anyone have his site behind pfsense and cloudflare? > > I have the problem that my pfsense only see the ipadresses of the cloudflare > servers not the original ip of the client. Does anyone have a solution for > that problem? > I cannot find a solution online for Pfsense 2.2 icm cloudflare That's how cloudflare works, it's basically a great box Varnish (proxy) box, so yes, you will only see the cloudflare servers. If you want any meaningful address information you need to look at the headers that the proxy service provides you. Regards, Seth ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
[pfSense] Pfsense + Cloudflare
Hi All, Does anyone have his site behind pfsense and cloudflare? I have the problem that my pfsense only see the ipadresses of the cloudflare servers not the original ip of the client. Does anyone have a solution for that problem? I cannot find a solution online for Pfsense 2.2 icm cloudflare I know there is a rpm for Centos " rpm -i mod_cloudflare-elX.latest.rpm" Best Regards, Roy Sandbergen ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
Re: [pfSense] net5501-70 and pfsense 2.2.x
On Tue, 28 Apr 2015 09:56:28 -0300 Nenhum_de_Nos wrote: > Hi, > > Are there any known issues in this couple ? > > Since I updated to 2.2.x (never tried 2.2, just 2.2.1 and 2.2.2) I get a > freeze when I access WebUI when uptime is past a little minutes. I was logged > in via ssh, and the console got until this: > > > Message from syslogd@cygnus at Apr 28 09:46:53 ... > cygnus php-fpm[287]: /index.php: Successful login for user 'admin' from: > 127.0.0.1 > > and after that it is dead. Seen it when at home some times, and now got it > remote (need to arrive back home to power cycle it). > > I will try to downgrade to 2.1.5 and see if it is the same behaviour. > > Has anyone seen something alike ? > > thanks, > > matheus Hi again, I have been trying all kinds of stuff on this, no good news though. I changed PSU, changed harddisk (was CF card, changed CF card, changed to harddisk), turned off an atheros pci AP, nothings seems to solve this. Today, after some hours up, I tried to access the webui and it god locked again. I will try the 2.1.5 version and then move back to vanila FreeBSD. If anyone have any hints, saw this elsewhere, please share :) this was a rock solid box, used to have 200+ days uptime. Now can't see the sun rise twice :( thanks, matheus -- "We will call you Cygnus, the God of balance you shall be." ___ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold