Unable to sign in google services using Ubuntu/Centos OS behind OPNSense

[peterwkc]

Dear all forumers, I had opnsense serve as gateway router and firewall. My ubuntu and Centos OS cannot signin to youtube services and gmail services but my Window 11 OS function with no problem. May I know hwat is the problem? security-Certificate?

Please help. Thanks in advance.

[bartjsmit]

Do you run a squid proxy on OPNsense? If you're worried about the cert as seen by your Linux clients, run this:

echo Q | openssl s_client -showcerts -connect youtube.com:443 | less

Bart...

[peterwkc]

I don't have squid proxy configured with OPNSense. When i running the command, i see the google.com certs seems valid.

[bartjsmit]

Run packet captures for your Windows Google session and for Linux. Compare them in Wireshark. https://www.wireshark.org/

[peterwkc]

How to caputure the google session only since there is others program using the network interface?

[bartjsmit]

Interfaces: Diagnostics: Packet Capture

Filter on the source workstation by putting its IP address in the Host Address field

You can pick out the Google sessions by following each TCP connection in Wireshark

Bart...