Netgate SG-1000 microFirewall

Author Topic: ntopng - unable to access..  (Read 1221 times)

0 Members and 1 Guest are viewing this topic.

Offline TomT

  • Jr. Member
  • **
  • Posts: 99
  • Karma: +1/-0
    • View Profile
ntopng - unable to access..
« on: November 11, 2016, 03:33:36 am »
Hi

I'm running  2.3.2-RELEASE-p1 (i386) on a virtualBox VM, 4GB Ram,    Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
4 CPUs: 1 package(s) x 4 core(s). This is test before I buy some real hardware..

I've installed ntopng from the packages list and everything seems to have gone well.

Quote
>>> Installing pfSense-pkg-ntopng...
Updating pfSense-core repository catalogue...
pfSense-core repository is up-to-date.
Updating pfSense repository catalogue...
pfSense repository is up-to-date.
All repositories are up-to-date.
Checking integrity... done (0 conflicting)
The following 19 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
   pfSense-pkg-ntopng: 0.8.4_4 [pfSense]
   webfonts: 0.30_11 [pfSense]
   mkfontdir: 1.0.7 [pfSense]
   mkfontscale: 1.1.2 [pfSense]
   xproto: 7.0.28 [pfSense]
   freetype2: 2.6.3 [pfSense]
   libfontenc: 1.1.3 [pfSense]
   fontconfig: 2.11.1_2,1 [pfSense]
   ntopng: 2.2.2016.05.28 [pfSense]
   ndpi: 1.8 [pfSense]
   json-c: 0.12_2 [pfSense]
   graphviz: 2.38.0_12 [pfSense]
   libgd: 2.1.0_7,1 [pfSense]
   png: 1.6.21 [pfSense]
   jpeg-turbo: 1.4.2 [pfSense]
   tiff: 4.0.6_2 [pfSense]
   jbigkit: 2.1_1 [pfSense]
   redis: 3.0.7 [pfSense]
   gdbm: 1.12 [pfSense]

Number of packages to be installed: 19

The process will require 87 MiB more space.
[1/19] Installing xproto-7.0.28...
[1/19] Extracting xproto-7.0.28: .......... done
[2/19] Installing freetype2-2.6.3...
[2/19] Extracting freetype2-2.6.3: .......... done
[3/19] Installing libfontenc-1.1.3...
[3/19] Extracting libfontenc-1.1.3: ...... done
[4/19] Installing jpeg-turbo-1.4.2...
[4/19] Extracting jpeg-turbo-1.4.2: .......... done
[5/19] Installing jbigkit-2.1_1...
[5/19] Extracting jbigkit-2.1_1: .......... done
[6/19] Installing mkfontscale-1.1.2...
[6/19] Extracting mkfontscale-1.1.2: .. done
[7/19] Installing json-c-0.12_2...
[7/19] Extracting json-c-0.12_2: .......... done
[8/19] Installing png-1.6.21...
[8/19] Extracting png-1.6.21: .......... done
[9/19] Installing tiff-4.0.6_2...
[9/19] Extracting tiff-4.0.6_2: .......... done
[10/19] Installing mkfontdir-1.0.7...
[10/19] Extracting mkfontdir-1.0.7: .. done
[11/19] Installing fontconfig-2.11.1_2,1...
[11/19] Extracting fontconfig-2.11.1_2,1: .......... done
Running fc-cache to build fontconfig cache...
/usr/local/share/fonts: skipping, no such directory
/usr/local/lib/X11/fonts: skipping, no such directory
/root/.local/share/fonts: skipping, no such directory
/root/.fonts: skipping, no such directory
/var/db/fontconfig: cleaning cache directory
/var/db/fontconfig: invalid cache file: 4c599c202bc5c08e2d34565a40eac3b2-le32d4.cache-4
/var/db/fontconfig: invalid cache file: a2bfc4e431963a28dd6df8adc7776b96-le32d4.cache-4
/root/.cache/fontconfig: not cleaning non-existent cache directory
/root/.fontconfig: not cleaning non-existent cache directory
fc-cache: succeeded
[12/19] Installing ndpi-1.8...
[12/19] Extracting ndpi-1.8: .......... done
[13/19] Installing libgd-2.1.0_7,1...
[13/19] Extracting libgd-2.1.0_7,1: .......... done
[14/19] Installing webfonts-0.30_11...
[14/19] Extracting webfonts-0.30_11: .......... done
[15/19] Installing ntopng-2.2.2016.05.28...
===> Creating groups.
Using existing group 'ntopng'.
===> Creating users
Using existing user 'ntopng'.
[15/19] Extracting ntopng-2.2.2016.05.28: .......... done
[16/19] Installing graphviz-2.38.0_12...
[16/19] Extracting graphviz-2.38.0_12: .......... done
[17/19] Installing redis-3.0.7...
===> Creating groups.
Using existing group 'redis'.
===> Creating users
Using existing user 'redis'.
[17/19] Extracting redis-3.0.7: ......... done
[18/19] Installing gdbm-1.12...
[18/19] Extracting gdbm-1.12: .......... done
[19/19] Installing pfSense-pkg-ntopng-0.8.4_4...
[19/19] Extracting pfSense-pkg-ntopng-0.8.4_4: ......... done
Saving updated package information...
done.
Loading package configuration... done.
Configuring package components...
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.
Message from webfonts-0.30_11:
IMPORTANT - READ CAREFULLY: You may not use these fonts if you do not agree to
the terms of the Microsoft End-User License Agreement ("EULA").  You will find
the EULA at /usr/local/share/doc/webfonts/LICENSE.  If you read and agree
to the EULA, you can start using the fonts by following these instructions:

Make sure that the freetype module is loaded.  If it is not, add the following
line to the "Modules" section of xorg.conf or XF86Config:

   Load "freetype"

Add the following line to the "Files" section of xorg.conf or XF86Config:

   FontPath "/usr/local/share/fonts/webfonts/"
Message from ntopng-2.2.2016.05.28:
----------------------------------------------------------------------------
WARNING:

In the past, ntop has been the subject of repeated security vulner-
abilities, particularly relating to its web interface.  It is strongly
suggested that you protect your ntop web interface via packet filters
or TCP wrappers.

Please install redis server from databases/redis or use -r to specify
a remote one.

Please use ntopng-geoipupdate.sh to update GeoIP database to the
latest.
----------------------------------------------------------------------------
Message from redis-3.0.7:
===>  CONFIGURATION NOTE:

      To setup "redis" you need to edit the configuration file:
      /usr/local/etc/redis.conf

      To run redis from startup, add redis_enable="YES"
      in your /etc/rc.conf.
>>> Cleaning up cache... done.
Success

But access to anything ntopng related results in the web page returning 'This Connection Has Timed Out'
I can remove :3000 from the URL and then have access to pfSense GUI, I can also access ntopng' settings.

Any ideas ? how to get this working ?

Thanks


Offline TomT

  • Jr. Member
  • **
  • Posts: 99
  • Karma: +1/-0
    • View Profile
Re: ntopng - unable to access..
« Reply #1 on: November 11, 2016, 04:19:52 am »
Please ignore this...  :-[

As this is a test system, I'm accessing pfSense via the WAN IP Address as that sits on the LAN I'm currently connected to.
As soon as I tried to connect from the LAN address it worked !

Whoops !!

Offline ast

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +0/-0
    • View Profile
Re: ntopng - unable to access..
« Reply #2 on: June 22, 2017, 07:45:57 pm »
Just wondering if you are able to access your ntopng remotely?  Can't seem to access it, I can only my pfsense box.

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21404
  • Karma: +1437/-26
    • View Profile
Re: ntopng - unable to access..
« Reply #3 on: June 26, 2017, 08:25:25 am »
If you allow access to the port it uses (3000) you can access it remotely, though I would not advise opening up the GUI or ntopng to the world. Use a VPN.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline ast

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +0/-0
    • View Profile
Re: ntopng - unable to access..
« Reply #4 on: June 28, 2017, 06:35:05 pm »
If you allow access to the port it uses (3000) you can access it remotely, though I would not advise opening up the GUI or ntopng to the world. Use a VPN.


Hi!

Thanks for the advice on using VPN, but I'm just a newbie, is there an easy guide on how to set up VPN between my pfsense router to a PEPLink router? 

TIA!


ast


 

Offline wf-me

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: ntopng - unable to access..
« Reply #5 on: June 29, 2017, 06:22:36 am »
You don't need to create a Site-2-Site VPN-Tunnel.
You easily can create an IPSec or OpenVPN "Roadwarrior" VPN which you just open when you need it.
There are several tutorials out there how to do this. It's not quite hard though :)


Offline ast

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +0/-0
    • View Profile
Re: ntopng - unable to access..
« Reply #6 on: June 29, 2017, 08:04:31 am »
You don't need to create a Site-2-Site VPN-Tunnel.
You easily can create an IPSec or OpenVPN "Roadwarrior" VPN which you just open when you need it.
There are several tutorials out there how to do this. It's not quite hard though :)


Hi!

Thanks for the info!  But I'm totally clueless and blank on VPN? :(  Can you help point me to a website maybe?  Step by step tutorial?

TIA!


ast


Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21404
  • Karma: +1437/-26
    • View Profile
Re: ntopng - unable to access..
« Reply #7 on: June 29, 2017, 08:09:00 am »
That's very off-topic for this thread / board, you should post a new thread on the OpenVPN board here asking for help: https://forum.pfsense.org/index.php?board=39.0

Though if you search, there are many how-to documents out there, including those on the doc wiki.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!