Messages

Thank you for your response.

I found a workaround for this issue, I capped the mss of packets to/from webgui via IPsec at the minimal size which made the transmissions more reliable and the webgui operable via IPsec.

I have two DEC695 running everything stock with the business subscription

Almost everything works fine on both.
On one of them although WebGUI is working fine ONLY from the LAN using HTTPS and a self-signed certificate chain
WebGUI will not properly work from IPSec, from IPSec it will log this error on the OPNSide WebGUI Logs:
Error lighttpd (/usr/obj/usr/ports/www/lighttpd/work/lighttpd-1.4.76/src/mod_openssl.c.3674) SSL (error): 5 -1: Permission denied

On the client side the WebGUI loads broken with missing or incomplete resources
The web browser logs Failed to load resource: net::ERR_CONNECTION_CLOSED

If WebGUI is switched to HTTP then on the client side then
the web browser instead logs Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH 200 (OK)

This does not happen on the my other DEC695

Both have nearly identical configurations and both running:
OPNsense 24.10.1-amd64
FreeBSD 14.1-RELEASE-p6
OpenSSL 3.0.15
Licensed until 2025-04-30

Any suggestions would be appreciated.