"
Seems to have solved itself after a couple of reboots... thanks for your help!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#106
19.1 Legacy Series / Re: Firewall logging stopped, live view shows outdated entries only
March 16, 2019, 10:48:47 PM #107
19.1 Legacy Series / [SOLVED] PlugIn FreeRADIUS: wrong certifcates are generated
March 14, 2019, 12:12:15 AM
We have the following setup:
- root ca
- intermediate ca for services
- intermediate ca for users
If we configure EAP-TTLS in the FreeRADIUS plugin we link the radius server cert (issued by intermediate ca for services) and the root ca which is supposed to validate trusted users (intermediate ca for users).
However, the plugin always puts the server cert chain in the file ca_opn instead of the linked ca file. Probably a bug in the script.
- root ca
- intermediate ca for services
- intermediate ca for users
If we configure EAP-TTLS in the FreeRADIUS plugin we link the radius server cert (issued by intermediate ca for services) and the root ca which is supposed to validate trusted users (intermediate ca for users).
However, the plugin always puts the server cert chain in the file ca_opn instead of the linked ca file. Probably a bug in the script.
#108
19.1 Legacy Series / Re: Firewall logging stopped, live view shows outdated entries only
March 13, 2019, 05:35:06 PM
All other logging works just fine. Where would I enable/disable just the firewall logging? Couldn't find an option for that.
#109
19.1 Legacy Series / Re: Firewall logging stopped, live view shows outdated entries only
March 13, 2019, 04:18:32 PM
No my log file is of course empty. But no new messages arrive.
#110
19.1 Legacy Series / [SOLVED] Firewall logging stopped, live view shows outdated entries only
March 12, 2019, 09:40:26 PM
Since yesterday and the upgrade to 19.1.3 my filter.log is not updated anymore. How can I get the firewall logging going again? All other logs run fine.
#111
19.1 Legacy Series / Re: No routing since upgrade to 19.1.3
March 12, 2019, 09:15:32 PM
OK, routing works again (colleague) defined overlapping ranges on one LAN interface. Sorry for the noise.
However, firewall logging is still down. I'll open another topic for this.
However, firewall logging is still down. I'll open another topic for this.
#112
19.1 Legacy Series / Re: No routing since upgrade to 19.1.3
March 12, 2019, 08:44:21 PM
I also noticed that the firewall logs seem to have stopped yesterday just before midnight (when we upgraded).
#113
19.1 Legacy Series / Re: No routing since upgrade to 19.1.3
March 12, 2019, 08:39:19 PM
19.1.2 but then LDAPS did not work for us. So we upgraded to 19.1.3 to fix that... since then the troubles got bigger...
#114
19.1 Legacy Series / [SOLVED] No routing since upgrade to 19.1.3
March 12, 2019, 07:26:10 PM
We upgraded to 19.1.3 yesterday and since then routing does not seem to work any more. LAN clients cannot access the Internet anymore despite of proper NAT-Outbound and Firewall-Rules. Also I cannot ping any LAN client anymore from my VPN connection (OpenVPN, all connections allowed to all networks).
What can I do to track down the cause of this? We upgraded just now to 19.1.4 but to no avail. Also all automatically generated WAN NATs seem to have disappeared.
What can I do to track down the cause of this? We upgraded just now to 19.1.4 but to no avail. Also all automatically generated WAN NATs seem to have disappeared.
#115
19.1 Legacy Series / Re: Adding LDAP Users?
March 12, 2019, 04:34:15 AM
Oh well, in the source I see that you are stripping off the @domain part. So nevermind.
#116
19.1 Legacy Series / Re: Adding LDAP Users?
March 12, 2019, 04:23:41 AM
However, it seems to ignore the user name setting defined, e. g. for AD it always picks sAMAccountName. I would like to use userPrincipalName instead...
#117
19.1 Legacy Series / Re: Adding LDAP Users?
March 12, 2019, 04:20:15 AM
OK, found it. Contrary to the docs, you need to first enable the ldap server under System > Settings > Administration > Authentication > Server. Only then the import icon will show.
#118
19.1 Legacy Series / Re: Adding LDAP Users?
March 12, 2019, 04:13:58 AM
I have exactly this use case: I would like to link client certificates to ldap users. But the cloud import icon mentioned in the docs is not visible! Am I missing something here?
#119
19.1 Legacy Series / Re: Network: Intel 10Gbe interfaces of Xeon D-1500 do not show
March 07, 2019, 02:06:40 PM
No, there was nothing odd. We solved it by deleting the inet config using ifconfig from the interface. After that everything worked as expected. Thanks for your reply and time.
#120
19.1 Legacy Series / Re: Network: Intel 10Gbe interfaces of Xeon D-1500 do not show
March 03, 2019, 02:06:31 PM
The joy was pretty short lived, we now have the following problem, when we try to add the 10G interfaces:
Interface > Assignments > New Interface > ix0 > +
Everything fine but if we additionally add the second one
Interface > Assignments > New Interface > ix1 > +
Then the firewall becomes unresponsive on all interfaces. We cannot ping, ssh or access the WebGUI anymore. Only a complete reset helps.
Please notice that the interfaces are not connected. The machine is in the lab and we are trying to preconfigure it.
Interface > Assignments > New Interface > ix0 > +
Everything fine but if we additionally add the second one
Interface > Assignments > New Interface > ix1 > +
Then the firewall becomes unresponsive on all interfaces. We cannot ping, ssh or access the WebGUI anymore. Only a complete reset helps.
Please notice that the interfaces are not connected. The machine is in the lab and we are trying to preconfigure it.
