Though 1.2 is the primary development focus right now, some work is still being done for future releases. One of the coolest changes, in my opinion, upcoming in 1.3 will be changing the front status page into a customizable dashboard.
This feature is still in its early stages, but here is a screenshot to give you an idea of what is being worked on. Aside from the SVG graphs, this is all AJAX so the information, log viewer, etc. all update dynamically without refreshing the entire page.
** Source from http://pfsense.blogsport.com/
Thursday, May 10, 2007
Wednesday, May 09, 2007
.:: Pfsense : How To Setup VPN (OpenVPN) : Part 3 ::.
Configuring Remote Access OpenVPN
You already install the OpenVPN client on your PC. Previously, we have create Site To Site Tunnelling between Pfsense. Now we will create the tunnel between Pfsense and the users.
We will use Pfsense2 as our Server to allow VPN user accessing the Pfsense. Remember, we can’t use the port 80 because it already used for Site To Site Tunnelling between Pfsense.
1. Login to Pfsense2
2. Go to VPN (OpenVPN)
3. Click On Server Tab
4. Click the little + sign to create a new VPN tunnel
Now we have some setting like this :
Pfsense2
Protocol : UDP
Dynamic IP : Tick This Option
Local Port : 81
Address Pool : 10.20.200.0/24
Local Network : 10.20.20.0/24
Client-to-client VPN : Tick This Option
Cryptography : BF-CBC (128 bit)
Authentication Method : PKI (Public Key Infrastructure)
CA Certificate : (Paste Your CA certificate That You Already Create It Before)
Server Certificate : (Paste Your Server certificate That You Already Create It Before)
Server Key : (Paste Your Server key That You Already Create It Before)
DH Parameters : (Paste Your DH Parameters That You Already Create It Before)
LZO Compression : Tick This Option
Description : (Put Some Description Here)
5. Click Save to finish configure Pfsense2 as a Server.
After we create the tunneling between Pfsense and users, we have to create a new network interface and named it as “ovpn”
1. Change to C:\Program Files\OpenVPN\bin directory
2. Type “addtap.bat” command
Example Output
C:\Program Files\OpenVPN\bin>addtap.bat
C:\Program Files\OpenVPN\bin>rem Add a new TAP-Win32 virtual ethernet adapter
C:\Program Files\OpenVPN\bin>"C:\Program Files\OpenVPN\bin\tapinstall.exe" install "C:\Program Files\OpenVPN\driver\OemWin2k.inf" tap0801
Device node created. Install is complete when drivers are updated...
Updating drivers for tap0801 from C:\Program Files\OpenVPN\driver\OemWin2k.inf.
Drivers updated successfully.
C:\Program Files\OpenVPN\bin>pause
Press any key to continue . . .
3. Rename a new connection that you just created it as “ovpn”
Figure3 : Creating a New Connection For OpenVPN Client
Now, create a new text file in “c:\program files\openvpn\config folder” (or wherever you installed it) named it as “pfsense.ovpn” (you may change pfsense to whatever you like to describe the tunnel, but keep the ending). Copy and paste the following configuration:
float
port 81
dev tun
dev-node ovpn
proto tcp-client
remote pfsense2 81
ping 10
persist-tun
persist-key
tls-client
ca ca.crt
cert aslahuddin.crt
key aslahuddin.key
ns-cert-type server
comp-lzo
pull
verb 4
** dev-node ovpn must match the name of the renamed new interface,
** pfsense2 is the ip-address of your pfsense box
Remember the client certificates. We need to copy some them over to the “c:\program files\openvpn\config folder”.
In this example we will copy “ca.crt”, “aslahuddin.crt” and “aslahuddin.key” in that folder. You always need “ca.crt” and the proper client files.
Now we are finish configure the remote access for the client. Try this remote access by right click the OpenVPN GUI icon at the right bottom on your PC. The client will try connecting to your pfsense box.
Remote access OpenVPN will show connected if everything perfect. Now the tunnel should now be ready to serve.
Figure4 : Copy the Certificates and Keys at The Folder
Figure5 : Connect Remote Access OpenVPN
Figure6 : Remote Access OpenVPN Connected
You already install the OpenVPN client on your PC. Previously, we have create Site To Site Tunnelling between Pfsense. Now we will create the tunnel between Pfsense and the users.
We will use Pfsense2 as our Server to allow VPN user accessing the Pfsense. Remember, we can’t use the port 80 because it already used for Site To Site Tunnelling between Pfsense.
1. Login to Pfsense2
2. Go to VPN (OpenVPN)
3. Click On Server Tab
4. Click the little + sign to create a new VPN tunnel
Now we have some setting like this :
Pfsense2
Protocol : UDP
Dynamic IP : Tick This Option
Local Port : 81
Address Pool : 10.20.200.0/24
Local Network : 10.20.20.0/24
Client-to-client VPN : Tick This Option
Cryptography : BF-CBC (128 bit)
Authentication Method : PKI (Public Key Infrastructure)
CA Certificate : (Paste Your CA certificate That You Already Create It Before)
Server Certificate : (Paste Your Server certificate That You Already Create It Before)
Server Key : (Paste Your Server key That You Already Create It Before)
DH Parameters : (Paste Your DH Parameters That You Already Create It Before)
LZO Compression : Tick This Option
Description : (Put Some Description Here)
5. Click Save to finish configure Pfsense2 as a Server.
After we create the tunneling between Pfsense and users, we have to create a new network interface and named it as “ovpn”
1. Change to C:\Program Files\OpenVPN\bin directory
2. Type “addtap.bat” command
Example Output
C:\Program Files\OpenVPN\bin>addtap.bat
C:\Program Files\OpenVPN\bin>rem Add a new TAP-Win32 virtual ethernet adapter
C:\Program Files\OpenVPN\bin>"C:\Program Files\OpenVPN\bin\tapinstall.exe" install "C:\Program Files\OpenVPN\driver\OemWin2k.inf" tap0801
Device node created. Install is complete when drivers are updated...
Updating drivers for tap0801 from C:\Program Files\OpenVPN\driver\OemWin2k.inf.
Drivers updated successfully.
C:\Program Files\OpenVPN\bin>pause
Press any key to continue . . .
3. Rename a new connection that you just created it as “ovpn”
Figure3 : Creating a New Connection For OpenVPN Client
Now, create a new text file in “c:\program files\openvpn\config folder” (or wherever you installed it) named it as “pfsense.ovpn” (you may change pfsense to whatever you like to describe the tunnel, but keep the ending). Copy and paste the following configuration:
float
port 81
dev tun
dev-node ovpn
proto tcp-client
remote pfsense2 81
ping 10
persist-tun
persist-key
tls-client
ca ca.crt
cert aslahuddin.crt
key aslahuddin.key
ns-cert-type server
comp-lzo
pull
verb 4
** dev-node ovpn must match the name of the renamed new interface,
** pfsense2 is the ip-address of your pfsense box
Remember the client certificates. We need to copy some them over to the “c:\program files\openvpn\config folder”.
In this example we will copy “ca.crt”, “aslahuddin.crt” and “aslahuddin.key” in that folder. You always need “ca.crt” and the proper client files.
Now we are finish configure the remote access for the client. Try this remote access by right click the OpenVPN GUI icon at the right bottom on your PC. The client will try connecting to your pfsense box.
Remote access OpenVPN will show connected if everything perfect. Now the tunnel should now be ready to serve.
Figure4 : Copy the Certificates and Keys at The Folder
Figure5 : Connect Remote Access OpenVPN
Figure6 : Remote Access OpenVPN Connected
Tuesday, May 08, 2007
.:: Pfsense : How To Setup VPN (OpenVPN) : Part 2 ::.
Configuring the VPN Tunnel Between Pfsense (OpenVPN)
After finish creating the certificates and keys for server and clients, now we will setup the VPN tunnel on each pfsense. We will configure Pfsense2 as a Server and Pfsense1 as a client side of the tunnel.
1. Login to Pfsense2
2. Go to VPN (OpenVPN)
3. Click On Server Tab
4. Click the little + sign to create a new VPN tunnel
Now we have some setting like this :
Pfsense2
Protocol : UDP
Dynamic IP : Tick This Option
Local Port : 80
Address Pool : 10.20.100.0/24
Remote Network : 10.0.0.0/16
Cryptography : BF-CBC (128 bit)
Authentication Method : Shared Key
Shared Key : (Paste Your Shared Key That You Already Create It Before. Must Be Same For Both Pfsense)
Description : (Put Some Description Here)
5. Click Save to finish configure Pfsense2 as a Server.
Figure1 : Tunnels Configuration For Pfsense2
Now we will setup Pfsense1 as a client side of the tunnel.
1. Login to Pfsense1
2. Go to VPN (OpenVPN)
3. Click On Client Tab
4. Click the little + sign to create a new VPN tunnel
Now we have some setting like this :
Pfsense1
Protocol : UDP
Server Address : 10.10.100.223
Local Port : 80
Interface IP : 10.0.100.0/24
Remote Network : 10.20.20.0/24
Cryptography : BF-CBC (128 bit)
Authentication Method: Shared Key
Shared Key : (Paste Your Shared Key That You Already Create It Before. Must Be Same For Both Pfsense)
Description : (Put Some Description Here)
5. Click Save to finish configure Pfsense1 as client side of the tunnel.
Figure2 : Tunnels Configuration For Pfsense1
After finish creating the certificates and keys for server and clients, now we will setup the VPN tunnel on each pfsense. We will configure Pfsense2 as a Server and Pfsense1 as a client side of the tunnel.
1. Login to Pfsense2
2. Go to VPN (OpenVPN)
3. Click On Server Tab
4. Click the little + sign to create a new VPN tunnel
Now we have some setting like this :
Pfsense2
Protocol : UDP
Dynamic IP : Tick This Option
Local Port : 80
Address Pool : 10.20.100.0/24
Remote Network : 10.0.0.0/16
Cryptography : BF-CBC (128 bit)
Authentication Method : Shared Key
Shared Key : (Paste Your Shared Key That You Already Create It Before. Must Be Same For Both Pfsense)
Description : (Put Some Description Here)
5. Click Save to finish configure Pfsense2 as a Server.
Figure1 : Tunnels Configuration For Pfsense2
Now we will setup Pfsense1 as a client side of the tunnel.
1. Login to Pfsense1
2. Go to VPN (OpenVPN)
3. Click On Client Tab
4. Click the little + sign to create a new VPN tunnel
Now we have some setting like this :
Pfsense1
Protocol : UDP
Server Address : 10.10.100.223
Local Port : 80
Interface IP : 10.0.100.0/24
Remote Network : 10.20.20.0/24
Cryptography : BF-CBC (128 bit)
Authentication Method: Shared Key
Shared Key : (Paste Your Shared Key That You Already Create It Before. Must Be Same For Both Pfsense)
Description : (Put Some Description Here)
5. Click Save to finish configure Pfsense1 as client side of the tunnel.
Figure2 : Tunnels Configuration For Pfsense1
Monday, May 07, 2007
.:: Pfsense : How To Setup VPN (OpenVPN) : Part 1 ::.
Previously, i'm already show you all on how to create IPSec between 2 Pfsense. Now, i will describe on how to create VPN using OpenVPN.
Setting Up VPN On Pfsense (OpenVPN and OpenVPN Client)
Requirements :
• 2 unit of Soekris or pc install with Pfsense
Network Diagram :
Network Setting On Pfsense
Pfsense1 :
WAN IP : 10.10.100.222
LAN IP : 10.0.0.1
Gateway IP : 10.10.100.221
Pfsense2 :
WAN IP : 10.10.100.223
LAN IP : 10.20.20.1
Gateway IP : 10.10.100.221
Creating The Certificates and Keys
Before we can proceed to configure the tunnel and remote access for OpenVPN, we have to create some certificates and keys for the servers and for a few clients.
I will create certificates and keys using windows. Download the latest release of OpenVPN from :
http://www.openvpn.se/download.html
Or u can download it here :
OpenVPN :
http://www.sharebigfile.com/file/162426/openvpn-2-0-9-gui-1-0-3-install-exe.html
Once u download it, install it on your pc and follow the instruction to finish the installation. After finish the installation, you have to follow some step to in order to create the certificates and keys.
First use the command prompt and change to
C:\Program Files\OpenVPN\easy-rsa directory. Run init-config.bat command.
Next, edit vars.bat to adapt it to your environment, and create the directory that will hold your key files.
To generate TLS keys:
Create new empty index and serial files (once only)
1. Type “vars.bat” command
2. Type “clean-all.bat” command
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>clean-all.bat
1 file(s) copied.
1 file(s) copied.
To build a CA key (once only)
1. Type “vars.bat” command
2. Type “build-ca.bat” command
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-ca.bat
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
.......++++++.....................................................++++++
writing new private key to 'keys\ca.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:MY
State or Province Name (full name) [CA]:KL
Locality Name (eg, city) [SanFrancisco]:Kuala Lumpur
Organization Name (eg, company) [FortFunston]:MCSB
Organizational Unit Name (eg, section) [ ]:VOIP
Common Name (eg, your name or your server's hostname) [ ]:pfkl2
Email Address [mail@host.domain]:aslah@mcsb.com
To build a DH file (for server side, once only)
1. Type “vars.bat” command
2. Type “build-dh.bat” command
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-dh.bat
Loading 'screen' into random state - done
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
...........................................+................................
.......................................................+....................
...+.......................................+................................
.................+..........................................................
..........................................++*++*++*
To build a private key/certificate for the OpenVPN server
1. Type “vars.bat” command
2. Type “build-key-server.bat” command
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-key-server.bat pfkl2
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
..............................++++++................++++++
writing new private key to 'keys\pfkl2.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:MY
State or Province Name (full name) [CA]:KL
Locality Name (eg, city) [SanFrancisco]:Kuala Lumpur
Organization Name (eg, company) [FortFunston]:MCSB
Organizational Unit Name (eg, section) [ ]:VOIP
Common Name (eg, your name or your server's hostname) [ ]:pfkl2
Email Address [mail@host.domain]:aslah@mcsb.com
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password [ ]:password
An optional company name [ ]:MCSB
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'MY'
stateOrProvinceName :PRINTABLE:'KL'
localityName :PRINTABLE:'Kuala Lumpur'
organizationName :PRINTABLE:'MCSB'
organizationalUnitName :PRINTABLE:'VOIP'
commonName :PRINTABLE:'pfkl2'
emailAddress :IA5STRING:'aslah@mcsb.com'
Certificate is to be certified until May 1 07:06:50 2017 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
To build key files in PEM format (for each client machine)
1. Type “vars.bat” command
2. Type “build-key.bat” command
(use for specific name within script)
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-key.bat aslahuddin
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
......................++++++......++++++
writing new private key to 'keys\aslahuddin.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:MY
State or Province Name (full name) [CA]:KL
Locality Name (eg, city) [SanFrancisco]:Kuala Lumpur
Organization Name (eg, company) [FortFunston]:MCSB
Organizational Unit Name (eg, section) [ ]:VOIP
Common Name (eg, your name or your server's hostname) [ ]:aslahuddin
Email Address [mail@host.domain]:aslah@mcsb.com
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password [ ]:password
An optional company name [ ]:MCSB
Using configuration from openssl.cnf
Loading 'screen' into random state - done
DEBUG[load_index]: unique_subject = "yes"
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'MY'
stateOrProvinceName :PRINTABLE:'KL'
localityName :PRINTABLE:'Kuala Lumpur'
organizationName :PRINTABLE:'MCSB'
organizationalUnitName : PRINTABLE:'VOIP'
commonName :PRINTABLE:'aslahuddin'
emailAddress :IA5STRING:'aslah@mcsb.com'
Certificate is to be certified until May 1 07:10:59 2017 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Build shared key for the OpenVPN server (we will used this for Site To Site OpenVPN).
1. Change to C:\Program Files\OpenVPN\bin directory.
2. Type “build openvpn.exe --genkey --secret shared.key” command
Setting Up VPN On Pfsense (OpenVPN and OpenVPN Client)
Requirements :
• 2 unit of Soekris or pc install with Pfsense
Network Diagram :
Network Setting On Pfsense
Pfsense1 :
WAN IP : 10.10.100.222
LAN IP : 10.0.0.1
Gateway IP : 10.10.100.221
Pfsense2 :
WAN IP : 10.10.100.223
LAN IP : 10.20.20.1
Gateway IP : 10.10.100.221
Creating The Certificates and Keys
Before we can proceed to configure the tunnel and remote access for OpenVPN, we have to create some certificates and keys for the servers and for a few clients.
I will create certificates and keys using windows. Download the latest release of OpenVPN from :
http://www.openvpn.se/download.html
Or u can download it here :
OpenVPN :
http://www.sharebigfile.com/file/162426/openvpn-2-0-9-gui-1-0-3-install-exe.html
Once u download it, install it on your pc and follow the instruction to finish the installation. After finish the installation, you have to follow some step to in order to create the certificates and keys.
First use the command prompt and change to
C:\Program Files\OpenVPN\easy-rsa directory. Run init-config.bat command.
Next, edit vars.bat to adapt it to your environment, and create the directory that will hold your key files.
To generate TLS keys:
Create new empty index and serial files (once only)
1. Type “vars.bat” command
2. Type “clean-all.bat” command
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>clean-all.bat
1 file(s) copied.
1 file(s) copied.
To build a CA key (once only)
1. Type “vars.bat” command
2. Type “build-ca.bat” command
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-ca.bat
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
.......++++++.....................................................++++++
writing new private key to 'keys\ca.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:MY
State or Province Name (full name) [CA]:KL
Locality Name (eg, city) [SanFrancisco]:Kuala Lumpur
Organization Name (eg, company) [FortFunston]:MCSB
Organizational Unit Name (eg, section) [ ]:VOIP
Common Name (eg, your name or your server's hostname) [ ]:pfkl2
Email Address [mail@host.domain]:aslah@mcsb.com
To build a DH file (for server side, once only)
1. Type “vars.bat” command
2. Type “build-dh.bat” command
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-dh.bat
Loading 'screen' into random state - done
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
...........................................+................................
.......................................................+....................
...+.......................................+................................
.................+..........................................................
..........................................++*++*++*
To build a private key/certificate for the OpenVPN server
1. Type “vars.bat” command
2. Type “build-key-server.bat
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-key-server.bat pfkl2
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
..............................++++++................++++++
writing new private key to 'keys\pfkl2.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:MY
State or Province Name (full name) [CA]:KL
Locality Name (eg, city) [SanFrancisco]:Kuala Lumpur
Organization Name (eg, company) [FortFunston]:MCSB
Organizational Unit Name (eg, section) [ ]:VOIP
Common Name (eg, your name or your server's hostname) [ ]:pfkl2
Email Address [mail@host.domain]:aslah@mcsb.com
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password [ ]:password
An optional company name [ ]:MCSB
Using configuration from openssl.cnf
Loading 'screen' into random state - done
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'MY'
stateOrProvinceName :PRINTABLE:'KL'
localityName :PRINTABLE:'Kuala Lumpur'
organizationName :PRINTABLE:'MCSB'
organizationalUnitName :PRINTABLE:'VOIP'
commonName :PRINTABLE:'pfkl2'
emailAddress :IA5STRING:'aslah@mcsb.com'
Certificate is to be certified until May 1 07:06:50 2017 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
To build key files in PEM format (for each client machine)
1. Type “vars.bat” command
2. Type “build-key.bat
(use
Example Output
C:\Program Files\OpenVPN\easy-rsa>vars.bat
C:\Program Files\OpenVPN\easy-rsa>build-key.bat aslahuddin
Loading 'screen' into random state - done
Generating a 1024 bit RSA private key
......................++++++......++++++
writing new private key to 'keys\aslahuddin.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [US]:MY
State or Province Name (full name) [CA]:KL
Locality Name (eg, city) [SanFrancisco]:Kuala Lumpur
Organization Name (eg, company) [FortFunston]:MCSB
Organizational Unit Name (eg, section) [ ]:VOIP
Common Name (eg, your name or your server's hostname) [ ]:aslahuddin
Email Address [mail@host.domain]:aslah@mcsb.com
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password [ ]:password
An optional company name [ ]:MCSB
Using configuration from openssl.cnf
Loading 'screen' into random state - done
DEBUG[load_index]: unique_subject = "yes"
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'MY'
stateOrProvinceName :PRINTABLE:'KL'
localityName :PRINTABLE:'Kuala Lumpur'
organizationName :PRINTABLE:'MCSB'
organizationalUnitName : PRINTABLE:'VOIP'
commonName :PRINTABLE:'aslahuddin'
emailAddress :IA5STRING:'aslah@mcsb.com'
Certificate is to be certified until May 1 07:10:59 2017 GMT (3650 days)
Sign the certificate? [y/n]:y
1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Build shared key for the OpenVPN server (we will used this for Site To Site OpenVPN).
1. Change to C:\Program Files\OpenVPN\bin directory.
2. Type “build openvpn.exe --genkey --secret shared.key” command
Friday, May 04, 2007
.:: Pfsense : 1.2-BETA-1 Released ::.
1.2-BETA-1 has been released! Here are just a few of the new improvements and features that have made their way into this new version:
•FreeBSD updated to 6.2
•Reworked load balancing pools which allow for round robin or failover
•miniupnpd has proven to work so well that it is now in the base install but deactivated by default (uninstall the miniupnpd package before upgrading to avoid duplicate menu items)
•Much enhanced RRD graphs
•Numerous Squid Package fixes
•PPTP Server includes WINS server settings correctly now
•General OpenVPN stability improvements
•"Nervecenter" theme added as default
•Status -> DHCP leases now 1500% faster
•Captive portal now allows traffic to port 8000 and 8001 behind the scenes
•Multiple miscellaneous pf rule fixes to prevent broken rulesets
•DNS server with active failover will show up when 1.2 releases
•dnsmasq updated to 2.36
•olsrd updated to 0.4.10
•Alias line item descriptions backported from -HEAD
•Enhanced cron handling backported from -HEAD
•dhclient changes backported from FreeBSD 7
•miniupnpd updated
•Speed NAT apply page up 100%
•PPPoE auto disconnect (for our German users)
•Soekris/WRAP error light usage now when a problem or alert occurs
•TCPDump interface
•VLAN assign interface improvements
•LBD/load balancing ping times increased to a timeout of 2 seconds
•Package infrastructure to safely sync package data between CARP nodes added
•Miscellaneous DHCP Server OPT interface fixes
•1:1 NAT outgoing FTP fixes
•OpenVPN stability fixes
•Traffic shaper wizard now displays errors correctly
•BandwidthD package added
•Pinger framework improved
•Dynamic filter log viewer added
•IPSec filtering is now possible. You need to create rules before traffic will pass!!
•Individual kill state feature back ported from HEAD on Diagnostics, Show States screen
•Fix for DHCP Load balancing edge case where monitor IP's would be mapped through the wrong gateway.
•Option added to turn off TX and RX hardware checksums. We are finding more and more hardware that this feature just simply doesn't work very well.
•OpenVPN PPPoE fixes
•Reload VLAN interfaces correctly after adding a new one
•Multiple client OpenVPN fixes
•PHP upgraded to 4.4.6
•Synchronized captive portal with m0n0wall
•CARP IP addresses can be used on IPSec VPN connections and multi-WAN IPSec now works correctly
•config.xml stability improvements to drastically reduce chances of corruption
•Packages auto-fix themselves if a problem arises in the installation
•Lighttpd upgraded to 1.4.15
•PPPoE server subnet fixes
•OpenVPN outgoing bandwidth limits added
•Firewall schedules feature added
•Server load balancing pool page added
•Multi-WAN NAT configuration now correct in non-Advanced Outbound NAT mode
•Load balancing ping now uses fping
** Source from http://pfsense.blogsport.com/
•FreeBSD updated to 6.2
•Reworked load balancing pools which allow for round robin or failover
•miniupnpd has proven to work so well that it is now in the base install but deactivated by default (uninstall the miniupnpd package before upgrading to avoid duplicate menu items)
•Much enhanced RRD graphs
•Numerous Squid Package fixes
•PPTP Server includes WINS server settings correctly now
•General OpenVPN stability improvements
•"Nervecenter" theme added as default
•Status -> DHCP leases now 1500% faster
•Captive portal now allows traffic to port 8000 and 8001 behind the scenes
•Multiple miscellaneous pf rule fixes to prevent broken rulesets
•DNS server with active failover will show up when 1.2 releases
•dnsmasq updated to 2.36
•olsrd updated to 0.4.10
•Alias line item descriptions backported from -HEAD
•Enhanced cron handling backported from -HEAD
•dhclient changes backported from FreeBSD 7
•miniupnpd updated
•Speed NAT apply page up 100%
•PPPoE auto disconnect (for our German users)
•Soekris/WRAP error light usage now when a problem or alert occurs
•TCPDump interface
•VLAN assign interface improvements
•LBD/load balancing ping times increased to a timeout of 2 seconds
•Package infrastructure to safely sync package data between CARP nodes added
•Miscellaneous DHCP Server OPT interface fixes
•1:1 NAT outgoing FTP fixes
•OpenVPN stability fixes
•Traffic shaper wizard now displays errors correctly
•BandwidthD package added
•Pinger framework improved
•Dynamic filter log viewer added
•IPSec filtering is now possible. You need to create rules before traffic will pass!!
•Individual kill state feature back ported from HEAD on Diagnostics, Show States screen
•Fix for DHCP Load balancing edge case where monitor IP's would be mapped through the wrong gateway.
•Option added to turn off TX and RX hardware checksums. We are finding more and more hardware that this feature just simply doesn't work very well.
•OpenVPN PPPoE fixes
•Reload VLAN interfaces correctly after adding a new one
•Multiple client OpenVPN fixes
•PHP upgraded to 4.4.6
•Synchronized captive portal with m0n0wall
•CARP IP addresses can be used on IPSec VPN connections and multi-WAN IPSec now works correctly
•config.xml stability improvements to drastically reduce chances of corruption
•Packages auto-fix themselves if a problem arises in the installation
•Lighttpd upgraded to 1.4.15
•PPPoE server subnet fixes
•OpenVPN outgoing bandwidth limits added
•Firewall schedules feature added
•Server load balancing pool page added
•Multi-WAN NAT configuration now correct in non-Advanced Outbound NAT mode
•Load balancing ping now uses fping
** Source from http://pfsense.blogsport.com/
Subscribe to:
Posts (Atom)