ah. THANK YOU! I couldn't find it.

It was set to 1 minute

I am not sure if its broken or crazy, but I am having the webgui timeout in sometimes as little as 1 minute or less.
Is this configurable? I could not find any timeout setting for the webgui.

Its very annoying to have it time out sometimes _during_ the creation of a firewall rule, forcing me to redo it all over again. Has been happening for a month or more but I have been too busy to ask about it. Any ideas on increasing the timeout? Ideally it would be 10-20 minutes at minimum.

the problem is easily reproducible for me.
1) log in, and go to firewall rules
2) let it sit for 1 minute and 5 seconds or so
3) click any other control or tab on the PFSENSE webgui
4) the timeout occurs, forcing me to log in again.


2.0.2-RELEASE (amd64)
built on Fri Dec 7 22:39:43 EST 2012
FreeBSD 8.1-RELEASE-p13

I have the same issue and will post if i find a solution. Scenario:

Local site (connected through other PFsense to internet):
1 PC with 1:1 nat connection - can connect fine to pptp vpn
1 PC without 1:1 NAT (just normal nat, shared IP) - Cannot connect to pptp vpn

Remote site:
pfsense 2.0.1 firewall with pptp running

VPN log follows with both connection attempts. I am going to try using starbucks wifi to verify that it is a problem with all NATs and probably its my remote pfsense thats the problem, or whether its a firewall rule or something on the local site pfsense (also 2.0.1).

Successful attempt

Code:

Aug 14 13:36:24 pptps: [pt0] IFACE: Up event
Aug 14 13:36:24 pptps: 192.168.1.48 -> 192.168.1.49
Aug 14 13:36:24 pptps: [pt0] IPCP: LayerUp
Aug 14 13:36:24 pptps: [pt0] IPCP: state change Ack-Rcvd --> Opened
Aug 14 13:36:24 pptps: PRIDNS 192.168.1.240
Aug 14 13:36:24 pptps: IPADDR 192.168.1.49
Aug 14 13:36:24 pptps: [pt0] IPCP: SendConfigAck #9
Aug 14 13:36:24 pptps: PRIDNS 192.168.1.240
Aug 14 13:36:24 pptps: 192.168.1.49 is OK
Aug 14 13:36:24 pptps: IPADDR 192.168.1.49
Aug 14 13:36:24 pptps: [pt0] IPCP: rec'd Configure Request #9 (Ack-Rcvd)
Aug 14 13:36:24 pptps: [pt0] IPCP: state change Req-Sent --> Ack-Rcvd
Aug 14 13:36:24 pptps: IPADDR 192.168.1.48
Aug 14 13:36:24 pptps: [pt0] IPCP: rec'd Configure Ack #5 (Req-Sent)
Aug 14 13:36:24 pptps: PRIDNS 192.168.1.240
Aug 14 13:36:24 pptps: IPADDR 192.168.1.49
Aug 14 13:36:24 pptps: [pt0] IPCP: SendConfigNak #8
Aug 14 13:36:24 pptps: NAKing with 192.168.1.240
Aug 14 13:36:24 pptps: PRIDNS 0.0.0.0
Aug 14 13:36:24 pptps: NAKing with 192.168.1.49
Aug 14 13:36:24 pptps: IPADDR 0.0.0.0
Aug 14 13:36:24 pptps: [pt0] IPCP: rec'd Configure Request #8 (Req-Sent)
Aug 14 13:36:24 pptps: IPADDR 192.168.1.48
Aug 14 13:36:24 pptps: [pt0] IPCP: SendConfigReq #5
Aug 14 13:36:24 pptps: COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Aug 14 13:36:24 pptps: [pt0] IPCP: rec'd Configure Reject #4 (Req-Sent)
Aug 14 13:36:24 pptps: Decompress using: mppc (MPPE(128 bits), stateless)
Aug 14 13:36:24 pptps: Compress using: mppc (MPPE(128 bits), stateless)
Aug 14 13:36:24 pptps: [pt0] CCP: LayerUp
Aug 14 13:36:24 pptps: [pt0] CCP: state change Ack-Sent --> Opened
Aug 14 13:36:24 pptps: 0x01000040:MPPE(128 bits), stateless
Aug 14 13:36:24 pptps: MPPC
Aug 14 13:36:24 pptps: [pt0] CCP: rec'd Configure Ack #3 (Ack-Sent)
Aug 14 13:36:24 pptps: SECNBNS 0.0.0.0
Aug 14 13:36:24 pptps: SECDNS 0.0.0.0
Aug 14 13:36:24 pptps: PRINBNS 0.0.0.0
Aug 14 13:36:24 pptps: [pt0] IPCP: SendConfigRej #7
Aug 14 13:36:24 pptps: SECNBNS 0.0.0.0
Aug 14 13:36:24 pptps: SECDNS 0.0.0.0
Aug 14 13:36:24 pptps: PRINBNS 0.0.0.0
Aug 14 13:36:24 pptps: NAKing with 192.168.1.240
Aug 14 13:36:24 pptps: PRIDNS 0.0.0.0
Aug 14 13:36:24 pptps: NAKing with 192.168.1.49
Aug 14 13:36:24 pptps: IPADDR 0.0.0.0
Aug 14 13:36:24 pptps: [pt0] IPCP: rec'd Configure Request #7 (Req-Sent)
Aug 14 13:36:24 pptps: [pt0] CCP: state change Req-Sent --> Ack-Sent
Aug 14 13:36:24 pptps: 0x01000040:MPPE(128 bits), stateless
Aug 14 13:36:24 pptps: MPPC
Aug 14 13:36:24 pptps: [pt0] CCP: SendConfigAck #6
Aug 14 13:36:24 pptps: 0x01000040:MPPE(128 bits), stateless
Aug 14 13:36:24 pptps: MPPC
Aug 14 13:36:24 pptps: [pt0] CCP: rec'd Configure Request #6 (Req-Sent)
Aug 14 13:36:24 pptps: [pt0] rec'd unexpected protocol IPV6CP, rejecting
Aug 14 13:36:24 pptps: 0x01000040:MPPE(128 bits), stateless
Aug 14 13:36:24 pptps: MPPC
Aug 14 13:36:24 pptps: [pt0] CCP: SendConfigReq #3
Aug 14 13:36:24 pptps: [pt0] CCP: state change Starting --> Req-Sent
Aug 14 13:36:24 pptps: [pt0] CCP: Up event
Aug 14 13:36:24 pptps: COMPPROTO VJCOMP, 16 comp. channels, no comp-cid
Aug 14 13:36:24 pptps: IPADDR 192.168.1.48
Aug 14 13:36:24 pptps: [pt0] IPCP: SendConfigReq #4
Aug 14 13:36:24 pptps: [pt0] IPCP: state change Starting --> Req-Sent
Aug 14 13:36:24 pptps: [pt0] IPCP: Up event
Aug 14 13:36:24 pptps: [pt0] CCP: LayerStart
Aug 14 13:36:24 pptps: [pt0] CCP: state change Initial --> Starting
Aug 14 13:36:24 pptps: [pt0] CCP: Open event
Aug 14 13:36:24 pptps: [pt0] IPCP: LayerStart
Aug 14 13:36:24 pptps: [pt0] IPCP: state change Initial --> Starting
Aug 14 13:36:24 pptps: [pt0] IPCP: Open event
Aug 14 13:36:24 pptps: [pt0] Bundle up: 1 link, total bandwidth 64000 bps
Aug 14 13:36:24 pptps: [pt0] LCP: authorization successful
Aug 14 13:36:24 pptps: [pt0] CHAP: sending SUCCESS len:42
Aug 14 13:36:24 pptps: Reply message: S= ???AUTHSTRING???
Aug 14 13:36:24 pptps: Response is valid
Aug 14 13:36:24 pptps: [pt0] CHAP: ChapInputFinish: status undefined
Aug 14 13:36:24 pptps: [pt0] AUTH: Auth-Thread finished normally
Aug 14 13:36:24 pptps: [pt0] AUTH: INTERNAL returned undefined
Aug 14 13:36:24 pptps: [pt0] AUTH: Trying INTERNAL
Aug 14 13:36:24 pptps: [pt0] AUTH: Auth-Thread started
Aug 14 13:36:24 pptps: Name: "XXXXXXXXXXXXXX"
Aug 14 13:36:24 pptps: [pt0] CHAP: rec'd RESPONSE #1
Aug 14 13:36:24 pptps: MESG: ????AUTHSTRING???
Aug 14 13:36:24 pptps: [pt0] LCP: rec'd Ident #4 (Opened)
Aug 14 13:36:24 pptps: MESG: MSRAS-0-HOSTNAME
Aug 14 13:36:24 pptps: [pt0] LCP: rec'd Ident #3 (Opened)
Aug 14 13:36:24 pptps: MESG: MSRASV5.20
Aug 14 13:36:24 pptps: [pt0] LCP: rec'd Ident #2 (Opened)
Aug 14 13:36:24 pptps: [pt0] LCP: LayerUp
Aug 14 13:36:24 pptps: [pt0] CHAP: sending CHALLENGE len:17
Aug 14 13:36:24 pptps: [pt0] LCP: auth: peer wants nothing, I want CHAP
Aug 14 13:36:24 pptps: [pt0] LCP: state change Ack-Sent --> Opened
Aug 14 13:36:24 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:36:24 pptps: MAGICNUM 8561b840
Aug 14 13:36:24 pptps: MRU 1500
Aug 14 13:36:24 pptps: PROTOCOMP
Aug 14 13:36:24 pptps: ACFCOMP
Aug 14 13:36:24 pptps: [pt0] LCP: rec'd Configure Ack #8 (Ack-Sent)
Aug 14 13:36:24 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:36:24 pptps: MAGICNUM 8561b840
Aug 14 13:36:24 pptps: MRU 1500
Aug 14 13:36:24 pptps: PROTOCOMP
Aug 14 13:36:24 pptps: ACFCOMP
Aug 14 13:36:24 pptps: [pt0] LCP: SendConfigReq #8
Aug 14 13:36:24 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:36:24 pptps: MP SHORTSEQ
Aug 14 13:36:24 pptps: MP MRRU 1600
Aug 14 13:36:24 pptps: [pt0] LCP: rec'd Configure Reject #7 (Ack-Sent)
Aug 14 13:36:24 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:36:24 pptps: MP SHORTSEQ
Aug 14 13:36:24 pptps: MP MRRU 1600
Aug 14 13:36:24 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:36:24 pptps: MAGICNUM 8561b840
Aug 14 13:36:24 pptps: MRU 1500
Aug 14 13:36:24 pptps: PROTOCOMP
Aug 14 13:36:24 pptps: ACFCOMP
Aug 14 13:36:24 pptps: [pt0] LCP: SendConfigReq #7
Aug 14 13:36:22 pptps: [pt0] LCP: state change Req-Sent --> Ack-Sent
Aug 14 13:36:22 pptps: ACFCOMP
Aug 14 13:36:22 pptps: PROTOCOMP
Aug 14 13:36:22 pptps: MAGICNUM 7f437860
Aug 14 13:36:22 pptps: MRU 1400
Aug 14 13:36:22 pptps: [pt0] LCP: SendConfigAck #1
Aug 14 13:36:22 pptps: ACFCOMP
Aug 14 13:36:22 pptps: PROTOCOMP
Aug 14 13:36:22 pptps: MAGICNUM 7f437860
Aug 14 13:36:22 pptps: MRU 1400
Aug 14 13:36:22 pptps: [pt0] LCP: rec'd Configure Request #1 (Req-Sent)
Aug 14 13:36:22 pptps: CALLBACK 6
Aug 14 13:36:22 pptps: [pt0] LCP: SendConfigRej #0
Aug 14 13:36:22 pptps: CALLBACK 6
Aug 14 13:36:22 pptps: ACFCOMP
Aug 14 13:36:22 pptps: PROTOCOMP
Aug 14 13:36:22 pptps: MAGICNUM 7f437860
Aug 14 13:36:22 pptps: MRU 1400
Aug 14 13:36:22 pptps: [pt0] LCP: rec'd Configure Request #0 (Req-Sent)
Aug 14 13:36:22 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:36:22 pptps: MP SHORTSEQ
Aug 14 13:36:22 pptps: MP MRRU 1600
Aug 14 13:36:22 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:36:22 pptps: MAGICNUM 8561b840
Aug 14 13:36:22 pptps: MRU 1500
Aug 14 13:36:22 pptps: PROTOCOMP
Aug 14 13:36:22 pptps: ACFCOMP
Aug 14 13:36:22 pptps: [pt0] LCP: SendConfigReq #6
Aug 14 13:36:22 pptps: [pt0] LCP: state change Starting --> Req-Sent
Aug 14 13:36:22 pptps: [pt0] LCP: Up event
Aug 14 13:36:22 pptps: [pt0] link: origination is remote
Aug 14 13:36:22 pptps: [pt0] link: UP event
Aug 14 13:36:22 pptps: [pt0] PPTP: attaching to peer's outgoing call
Aug 14 13:36:22 pptps: [pt0] LCP: LayerStart
Aug 14 13:36:22 pptps: [pt0] LCP: state change Initial --> Starting
Aug 14 13:36:22 pptps: [pt0] LCP: Open event
Aug 14 13:36:22 pptps: [pt0] link: OPEN event
Aug 14 13:36:22 pptps: [pt0] opening link "pt0"...
Aug 14 13:36:22 pptps: [pt0] Accepting PPTP connection
Aug 14 13:36:22 pptps: pptp0: attached to connection with X.X.X.205 62626
Aug 14 13:36:22 pptps: PPTP: Incoming control connection from X.X.X.205 62626 to X.X.X.94 1723

Unsuccessful attempt

Code:

Aug 14 13:40:51 pptps: pptp1: killing connection with X.X.X.150 57849
Aug 14 13:40:51 pptps: pptp1: closing connection with X.X.X.150 57849
Aug 14 13:40:51 pptps: [pt1] LCP: state change Closed --> Initial
Aug 14 13:40:51 pptps: [pt1] LCP: Down event
Aug 14 13:40:51 pptps: [pt1] LCP: state change Stopped --> Closed
Aug 14 13:40:51 pptps: [pt1] LCP: Close event
Aug 14 13:40:51 pptps: [pt1] link: DOWN event
Aug 14 13:40:51 pptps: [pt1] PPTP call terminated
Aug 14 13:40:51 pptps: pptp1-0: killing channel
Aug 14 13:40:51 pptps: pptp1-0: clearing call
Aug 14 13:40:51 pptps: [pt1] LCP: LayerFinish
Aug 14 13:40:51 pptps: [pt1] LCP: state change Req-Sent --> Stopped
Aug 14 13:40:51 pptps: [pt1] LCP: parameter negotiation failed
Aug 14 13:40:49 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:49 pptps: MP SHORTSEQ
Aug 14 13:40:49 pptps: MP MRRU 1600
Aug 14 13:40:49 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:49 pptps: MAGICNUM 98a19a78
Aug 14 13:40:49 pptps: MRU 1500
Aug 14 13:40:49 pptps: PROTOCOMP
Aug 14 13:40:49 pptps: ACFCOMP
Aug 14 13:40:49 pptps: [pt1] LCP: SendConfigReq #30
Aug 14 13:40:47 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:47 pptps: MP SHORTSEQ
Aug 14 13:40:47 pptps: MP MRRU 1600
Aug 14 13:40:47 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:47 pptps: MAGICNUM 98a19a78
Aug 14 13:40:47 pptps: MRU 1500
Aug 14 13:40:47 pptps: PROTOCOMP
Aug 14 13:40:47 pptps: ACFCOMP
Aug 14 13:40:47 pptps: [pt1] LCP: SendConfigReq #29
Aug 14 13:40:45 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:45 pptps: MP SHORTSEQ
Aug 14 13:40:45 pptps: MP MRRU 1600
Aug 14 13:40:45 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:45 pptps: MAGICNUM 98a19a78
Aug 14 13:40:45 pptps: MRU 1500
Aug 14 13:40:45 pptps: PROTOCOMP
Aug 14 13:40:45 pptps: ACFCOMP
Aug 14 13:40:45 pptps: [pt1] LCP: SendConfigReq #28
Aug 14 13:40:43 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:43 pptps: MP SHORTSEQ
Aug 14 13:40:43 pptps: MP MRRU 1600
Aug 14 13:40:43 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:43 pptps: MAGICNUM 98a19a78
Aug 14 13:40:43 pptps: MRU 1500
Aug 14 13:40:43 pptps: PROTOCOMP
Aug 14 13:40:43 pptps: ACFCOMP
Aug 14 13:40:43 pptps: [pt1] LCP: SendConfigReq #27
Aug 14 13:40:41 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:41 pptps: MP SHORTSEQ
Aug 14 13:40:41 pptps: MP MRRU 1600
Aug 14 13:40:41 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:41 pptps: MAGICNUM 98a19a78
Aug 14 13:40:41 pptps: MRU 1500
Aug 14 13:40:41 pptps: PROTOCOMP
Aug 14 13:40:41 pptps: ACFCOMP
Aug 14 13:40:41 pptps: [pt1] LCP: SendConfigReq #26
Aug 14 13:40:39 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:39 pptps: MP SHORTSEQ
Aug 14 13:40:39 pptps: MP MRRU 1600
Aug 14 13:40:39 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:39 pptps: MAGICNUM 98a19a78
Aug 14 13:40:39 pptps: MRU 1500
Aug 14 13:40:39 pptps: PROTOCOMP
Aug 14 13:40:39 pptps: ACFCOMP
Aug 14 13:40:39 pptps: [pt1] LCP: SendConfigReq #25
Aug 14 13:40:37 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:37 pptps: MP SHORTSEQ
Aug 14 13:40:37 pptps: MP MRRU 1600
Aug 14 13:40:37 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:37 pptps: MAGICNUM 98a19a78
Aug 14 13:40:37 pptps: MRU 1500
Aug 14 13:40:37 pptps: PROTOCOMP
Aug 14 13:40:37 pptps: ACFCOMP
Aug 14 13:40:37 pptps: [pt1] LCP: SendConfigReq #24
Aug 14 13:40:35 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:35 pptps: MP SHORTSEQ
Aug 14 13:40:35 pptps: MP MRRU 1600
Aug 14 13:40:35 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:35 pptps: MAGICNUM 98a19a78
Aug 14 13:40:35 pptps: MRU 1500
Aug 14 13:40:35 pptps: PROTOCOMP
Aug 14 13:40:35 pptps: ACFCOMP
Aug 14 13:40:35 pptps: [pt1] LCP: SendConfigReq #23
Aug 14 13:40:33 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:33 pptps: MP SHORTSEQ
Aug 14 13:40:33 pptps: MP MRRU 1600
Aug 14 13:40:33 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:33 pptps: MAGICNUM 98a19a78
Aug 14 13:40:33 pptps: MRU 1500
Aug 14 13:40:33 pptps: PROTOCOMP
Aug 14 13:40:33 pptps: ACFCOMP
Aug 14 13:40:33 pptps: [pt1] LCP: SendConfigReq #22
Aug 14 13:40:31 pptps: ENDPOINTDISC [802.1] 00 e0 29 83 33 8e
Aug 14 13:40:31 pptps: MP SHORTSEQ
Aug 14 13:40:31 pptps: MP MRRU 1600
Aug 14 13:40:31 pptps: AUTHPROTO CHAP MSOFTv2
Aug 14 13:40:31 pptps: MAGICNUM 98a19a78
Aug 14 13:40:31 pptps: MRU 1500
Aug 14 13:40:31 pptps: PROTOCOMP
Aug 14 13:40:31 pptps: ACFCOMP
Aug 14 13:40:31 pptps: [pt1] LCP: SendConfigReq #21
Aug 14 13:40:31 pptps: [pt1] LCP: state change Starting --> Req-Sent
Aug 14 13:40:31 pptps: [pt1] LCP: Up event
Aug 14 13:40:31 pptps: [pt1] link: origination is remote
Aug 14 13:40:31 pptps: [pt1] link: UP event
Aug 14 13:40:31 pptps: [pt1] PPTP: attaching to peer's outgoing call
Aug 14 13:40:31 pptps: [pt1] LCP: LayerStart
Aug 14 13:40:31 pptps: [pt1] LCP: state change Initial --> Starting
Aug 14 13:40:31 pptps: [pt1] LCP: Open event
Aug 14 13:40:31 pptps: [pt1] link: OPEN event
Aug 14 13:40:31 pptps: [pt1] opening link "pt1"...
Aug 14 13:40:31 pptps: [pt1] Accepting PPTP connection
Aug 14 13:40:31 pptps: pptp1: attached to connection with X.X.X.150 57849
Aug 14 13:40:31 pptps: PPTP: Incoming control connection from X.X.X.150 57849 to X.X.X.94 1723

I replaced the ip addresses that matter with X's. The first host x.x.x.205 is 1:1 nat, and the second host x.x.x.150 is just plain old nat. The remote vpn is x.x.x.94.

I also removed the authorization strings as I am not sure if they are private or not. Mostly just random characters.

Like i said, i will try from another remote internet connection now and report back. This will hopefully determine if its the remote site or the local site which is the problem.

EDIT: Starbucks connection working fine. So looks like a configuration issue on our local PF sense. Remote seems to be OK as a non pfsense natted connection seems to handle it fine. I am going to look over firewall rules and see if i can puzzle it out.

Radius server in pptp config was set to ip address 1 subnet 1 , everything all 1's, etc.. you could not delete the radius settings as it said the new settings were invalid.

I got the following when trying to unset the radius server (i never had a radius server before upgrade):

Fatal error: Cannot unset string offsets in /usr/local/www/vpn_pptp.php on line 166

it is the exact same as this issue: http://forum.pfsense.org/index.php/topic,41338.0.html
however i cannot reply to that issue for some reason.


I have now fixed this issue. What worked for me was making a backup of my current config, looking for the pptpd section in notepad++, and simply deleting the entire section.

I then re uploaded the config and recreated the pptp stuff in the gui.

Ended up using a PCI dual nic card (2 interfaces on one card) that i had lying around. I am just going to disable onboard.

maybe they will fix in 2.0.2 if there is s snapshot. oh well!

So heres a weird problem that has kept me on 1.2.3 release for the last few years.


I have a machine and the onboard nic (LAN) is Re0. When i try and access the web gui, the interface stops responding to pings for aprox 5 - 15 pings. it then bounces back and works fine and normal. The interface works fine and normal, unless i go to the web gui. I unfortunately cannot swap out the onboard card.

turning off https seems to have helped, but it still does it sometimes. Seems random. but usually when i am clicking around things in the webgui. (for instance dhcp log caused this one).
Here is an excerpt from system log.

Code:

Jul 14 14:43:13 apinger: Starting Alarm Pinger, apinger(1595)
Jul 14 14:43:13 check_reload_status: Reloading filter
Jul 14 14:43:12 apinger: Exiting on signal 15.
Jul 14 14:43:12 php: : The command '/sbin/ifconfig bridge0 addm re0' returned exit code '1', the output was 'ifconfig: BRDGADD re0: File exists'
Jul 14 14:43:12 php: : rc.newwanip: on (IP address: 192.168.1.250) (interface: lan) (real interface: re0).
Jul 14 14:43:12 php: : rc.newwanip: Informational is starting re0.
Jul 14 14:43:07 check_reload_status: rc.newwanip starting re0
Jul 14 14:43:07 php: : Hotplug event detected for lan but ignoring since interface is configured with static IP (192.168.1.250)
Jul 14 14:43:05 php: : Hotplug event detected for lan but ignoring since interface is configured with static IP (192.168.1.250)
Jul 14 14:43:01 kernel: re0: link state changed to UP
Jul 14 14:43:01 check_reload_status: Linkup starting re0
Jul 14 14:42:59 check_reload_status: Linkup starting re0
Jul 14 14:42:59 kernel: re0: link state changed to DOWN
Jul 14 14:42:59 kernel: re0: watchdog timeout
Jul 14 14:42:55 sshd[50580]: Timeout, client not responding.
Jul 14 14:38:45 sshd[50580]: Accepted keyboard-interactive/pam for root from IPADDRESS port 51657 ssh2

What is printed to the console is "re0: watchdog timeout" when the failure occurs.

machine is    Intel(R) Pentium(R) 4 CPU 2.80GHz 1gb ram. p4p800 i believe

I should also say that the problem did not occur on PFSENSE 1.2.3 which I am doing a upgrade install from. Current version is 2.0.1-RELEASE (i386)

I can repeatedly make the problem occur by going to PFtop. So its something about heavy usage by the webgui i think... Wereas just watching the graphs on the pfsense dashboard page is fine for hours.

Anyone heard of anything like this? any tweak I could make the the web gui? its nice to be able to use it!!

I know this doesn't make as neat of installation for you, but honestly, the best solution is to use a separate AP.

I am leaning toward this as well. I have had nothing but problems with wireless cards. USB wireless cards, i tried 3 or 4 makes/models and none were supported /detected. Even PCI cards are really flaky.. A friend told me its because most cards are not designed to work as an AP. With cheap access points available sometimes on craigslist, its a nice option to just go with the tried and true wired ap. As an aside, pfsense as a wireless AP use to work with an old nic card i had, but that card died. Was generic no name funny enough.

I am using 1.2.3 though so perhaps usb nics are now supported and or work.

right now my personal card has an annoying problem where every 15 minutes or so it starts into this "auth" "deauth" cycle and pretty much just doesnt connect till an interface disable /reenable.  annoying to say the least. So for 40$ you cant go wrong with an old cisco ap is what im beginning to think. as fun as screwing around with my wireless interfaces are....

I was talking to someone recently about their keypair regeneration time settings on a crappy ddwrt (no offence, but its NO pfsense). He seemed to set them intentionally very low, and I was concerned as the pfsense defaults are set to several orders of magnitude more time than his recommendations. I suppose there is a speed hit with more negotiation, so i was wondering what pfsense peoples thought about optimal wireless settings. Specifically, settings that can be changed on pfsense to increase wireless security from cracking and the various brute forces that are our there.


any input appreciated! I am posting the relevant sections from pfsense 1.2.3

thanks!

I cant seem to get this working. Probably the issue is my phone, because it works flawlessly from other clients that i have tried (for example windows 7 builtin vpn).

It seems to try and connect but then just reports that it has been disconnected.

Just wondering basically if anyone has been able to get their windows mobile phone to talk to pfsense on pptp. Just want to see if its my fault its not working or some pfsense bug.

thanks!

so,

Code:

http://forum.pfsense.org/index.php?action=search
keywords: "block Mac adresses"

Is a circular query which brings me back to the same message, even if i spell "addresses" correctly.

I fail to see your point. A whole lot of not answering the question when you could just be straight.
The only way i found so far was to make dhcp assign an address specifically by mac address and then block pakcets based on that address which i force it to have. hardly ideal.

Hey, I searched around and cant believe i cannot find information how to do this, so i will just ask.

How do i block a connection on the firewall by MAC (hardware) address as opposed to blocking by IP address?


is it possible? must be!

It appears that it was a simple permission and ownership problem.

I just had to do

Code:

#chmod -R 755 /var/db/ntop
#chown -R nobody:nobody /var/db/ntop

This worked for me as well. I have just fixed our ntop which was not working for a month or so after upgrading to 1.2.3. It also starts and stops from the gui now so i would assume that its completely fixed.

Thanks!

Weird! seems to be symantec endpoint protection talking to a bunch of FTP sites... 69.22.137.48 is what i gather to be a symantec ip. Very strange as we are all locally managed for symantec updates.

I am getting lots and lots of these in a sort of a storm today.

Code:

Sep 29 10:26:55 pftpx[558]: #251 server timeout
Sep 29 10:26:55 pftpx[558]: #251 server timeout
Sep 29 10:26:51 pftpx[558]: #250 server timeout
Sep 29 10:26:51 pftpx[558]: #250 server timeout
Sep 29 10:26:44 pftpx[558]: #249 server timeout
Sep 29 10:26:44 pftpx[558]: #249 server timeout
Sep 29 10:26:21 pftpx[558]: #247 server timeout
Sep 29 10:26:21 pftpx[558]: #247 server timeout
Sep 29 10:26:19 pftpx[558]: #246 server timeout
Sep 29 10:26:19 pftpx[558]: #246 server timeout
Sep 29 10:26:04 pftpx[558]: #245 server timeout
Sep 29 10:26:04 pftpx[558]: #245 server timeout
Sep 29 10:25:57 pftpx[558]: #244 client reset connection
Sep 29 10:25:57 pftpx[558]: #244 client reset connection
Sep 29 10:25:51 pftpx[558]: #243 server timeout
Sep 29 10:25:51 pftpx[558]: #243 server timeout
Sep 29 10:25:49 pftpx[558]: #242 server timeout
Sep 29 10:25:49 pftpx[558]: #242 server timeout

etc.. etc..

My question is, how do i find out which client is causing these errors? If you use the Diagnostic -> States -> Filter by ":21", i come up with all sorts of random internet IPs and the IP of the firewall. eg: Firewall -> Random internet IP

I have turned off the FTP helper on all the interfaces and now the FILTER reports correctly as: INTERNAL MACHINE -> Firewall -> Random Internet IP

So now i can find the user and "discipline" them.

I guess my problem is solved, i was just wondering if there is a way to see connections which are being made by pftpx and where they are originating from.

I have recently discovered the "filter logs" functionality when you ssh into the pfsense console.

Its really nice to see on a secondary monitor, and replicates something that I have not been able to do since using an old dubbelle net bsd firewall. I was just wondering how, or if it is possible (feature request?) to have not just the blocked connections, but all the connections and ideally their state. I realize that this exsists in pftop, but i would like a scrolling display, just for when the connections are established and also when they are torn down.

It seems as if it is reporting the blocks, it could also easily report the allows. I understand that there are alot more allows than there are blocks, but for a small site or troubleshooting specific issues, it would be usefull. Not to mention looking super cool having a scrolling list of connections on a secondary monitor

anyone know if pfsense stock, or with an addon can do this?