From: Jonathan E. <jr...@gm...> - 2012-06-29 15:56:10
|
Upon further analysis, I performed a tcpdump on PFZen, and ran a wireshark capture from the machine sitting on the 192 network. I assumed that Packetfence's IP tables were the problem, so I temporarily turned it off and allowed all connections. Apparently, any computer attempting to connect to the UI from the 192 network does send packets to Packetfence. Packetfence then receives these packets and sents ACK packets. From there, the computer on the 192 side sends a RST packet, and they repeat this cycle until the connection times out. Does anyone know what could possibly be going on here? More info: Packetfence is set up to have two NICs, one on the 192 side, which runs the captive portal and snort, and one on the 10 side, which runs the web UI. My firewall between the two networks is PFSense 2.0.1. Packetfence's web ui port is set to the default of 1443, but the firewall is set to forward to that from 1445. This configuration is operating correctly. Packetfence's snort sensor is setup to be on the 192 network, but doesn't appear to be generating any logs. This is another issue I would like assistance with. |