OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: frank_p on January 30, 2018, 06:20:53 am

Title: V18 Update - SSL (Port 443) failure
Post by: frank_p on January 30, 2018, 06:20:53 am
First off all, thanks a lot for every effort you made to release V18. that's really great.
Apologize for double-posting.

I am using portforwarding (nat rules) to forward SSL traffic from  DMZ based mail-proxy or ssl-proxy to other servers in the LAN-Area.

Since updated from 17 to 18 forwarding of incoming https-traffic (443) from DMZ to LAN is not working.

1.) before i deactivated listen port in admin for web-gui from all (default) to lan, every ssl request was returned from web-gui certificate (which was the wrong one :))

2.) i changed the web-gui listen port to LAN to ensure access from internal lan. external forwarding to my mail-proxy or ssl-proxy is now not longer answered from (wrong) web-gui certificate of opnsense, BUT the mail-proxy and ssl-proxy is responding with "ERR_SSL_PROTOCOL_ERROR". Means all firewall-rules and NAT-rules working but the "ERR_SSL_PROTOCOL_ERROR" is somehow (i dont know where) in the communication of the firewall to the DMZ based proxys.