Project

General

Profile

Activity

From 09/26/2021 to 10/25/2021

10/25/2021

05:24 PM Correction #12469: Automatic outbound NAT rules are applied to the WG interface
Brett Keller wrote in #note-8:
> Setting an upstream gateway includes the interface in automatic outbound NAT rule g... Brett Keller

10/22/2021

08:42 PM Correction #12471: AES-XCBC should not be recommended as PRF for IPsec
Thanks for taking this up Jim!
> Originally that was recommended as it would result in the highest performance on ... Kev Kitchens
01:11 PM Correction #12471 (Feedback): AES-XCBC should not be recommended as PRF for IPsec
Fixed in https://gitlab.netgate.com/docs/pfSense-docs/-/commit/5086c307ec3b213edcc7efbfc82eabf416053ce3 but won't be ... Jim Pingle
12:39 PM Correction #12471: AES-XCBC should not be recommended as PRF for IPsec
It's also worth noting that the native IPsec client in Android 11 and 12 does support AES-XCBC and has it listed befo... Jim Pingle
09:58 AM Correction #12471: AES-XCBC should not be recommended as PRF for IPsec
Originally that was recommended as it would result in the highest performance on systems with hardware acceleration f... Jim Pingle

10/21/2021

05:15 PM Correction #12471: AES-XCBC should not be recommended as PRF for IPsec
For some further justification, the NIST Guide to IPsec VPNs (SP 800-77) does not list AES-XCBC as an approved PRF al... Kev Kitchens

10/20/2021

05:53 PM Correction #12469: Automatic outbound NAT rules are applied to the WG interface
Christian McDonald wrote in #note-3:
> For assigned tunnel interfaces, the inverse is true...pfSense has no way of k... Brett Keller
10:25 AM Correction #12469 (Closed): Automatic outbound NAT rules are applied to the WG interface
Merged and deployed. Jim Pingle
08:28 AM Correction #12469 (Pull Request Review): Automatic outbound NAT rules are applied to the WG interface
Jim Pingle
08:54 AM Todo #12478: Feedback on Virtual Private Networks — IPsec — Mobile IPsec — Choosing a Mobile IPsec Style
There are mentions of Group auth in the IPsec docs which are still pending (waiting on 22.01 now):
http://stage-v2... Jim Pingle
08:37 AM Todo #12478 (Closed): Feedback on Virtual Private Networks — IPsec — Mobile IPsec — Choosing a Mobile IPsec Style
*Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/mobile-choices.html#ikev2-with-eap-radius
https... Viktor Gurov

10/19/2021

02:25 PM Correction #12469 (Waiting on Merge): Automatic outbound NAT rules are applied to the WG interface
Thanks for the feedback.
https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/25 Christian McDonald

10/18/2021

06:40 PM Correction #12471 (Closed): AES-XCBC should not be recommended as PRF for IPsec
The IPsec Configuration (https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configure.html) and VPN Scaling (https:... Kev Kitchens
02:48 PM Correction #12469: Automatic outbound NAT rules are applied to the WG interface
Thanks. It would probably be useful to put a note about this in the docs for the s2s instructions. Brendon Baumgartner
02:41 PM Correction #12469: Automatic outbound NAT rules are applied to the WG interface
Outbound NAT rules are not applied on unassigned tunnel interfaces. pfSense has no way of knowing these interfaces ex... Christian McDonald
01:49 PM Correction #12469 (Resolved): Automatic outbound NAT rules are applied to the WG interface
These is back in the current wireguard package.
https://forum.netgate.com/topic/165344/wireguard-site-to-site-vpn/... Brendon Baumgartner
11:23 AM Todo #12445 (Rejected): Feedback on pfSense Configuration Recipes
The ePub opens and reads fine in Calibre (Multiple operating systems), FBReader, and others I tried which support ePu... Jim Pingle
10:03 AM Correction #12450 (Closed): Typo in the Phase 2 proposal (Child SA) section.
Fixed in the new IPsec docs coming with 22.01, changing them in the current docs would cause a merge conflict with th... Jim Pingle
08:37 AM Todo #12457: Add UPS Configuration Recipes for apcupsd and nut UPS Packages with Common Brand Units
We could maybe add some generic info but we should not attempt to keep a list of settings in the docs for hardware we... Jim Pingle
07:59 AM Todo #12453 (Closed): Support for translation
It is something we have considered in the past but have not made a firm decision on. It's not just a technical proble... Jim Pingle

10/15/2021

03:47 PM Todo #12461 (Resolved): Improve macOS Serial Command Instructions
Many of the devices no longer just show "/dev/cu.usbserial" for their path in macOS. For example the SG-5100 with th... Kris Phillips

10/14/2021

12:53 PM Todo #12457 (New): Add UPS Configuration Recipes for apcupsd and nut UPS Packages with Common Brand Units
A customer requested that we add some basic "how to" recipes to the pfSense docs for basic operations in the apcupsd ... Kris Phillips

10/13/2021

06:41 PM Todo #12453 (Closed): Support for translation
Hi
Can you give translation support for pfSense docs? I take a look in Readthedocs project and a way to bring supp... Claudio Ferreira
09:17 AM Todo #12428 (Closed): Feedback on Services — DNS Resolver — Host Overrides
+ Viktor Gurov
09:08 AM Correction #12450 (Closed): Typo in the Phase 2 proposal (Child SA) section.

Here is the link:
https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/configure.html#phase-2-proposal-child-sa
... Danilo Zrenjanin
12:40 AM Todo #12418 (Closed): AutoConfigBackup Menu Structure Documentation
Viktor Gurov

10/10/2021

07:11 PM Todo #12445 (Rejected): Feedback on pfSense Configuration Recipes
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/index.html
*Feedback:*
Your ebook won't open with ei... Jerry Lumpkins

10/09/2021

06:24 PM Todo #12418: AutoConfigBackup Menu Structure Documentation
Jim,
Looks good. This can be closed out. Kris Phillips

10/08/2021

12:09 PM Todo #12418 (Feedback): AutoConfigBackup Menu Structure Documentation
Fixed (plus a few other changes):
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/160898325eff3f21fa77b9fc67... Jim Pingle
10:59 AM Todo #12418 (In Progress): AutoConfigBackup Menu Structure Documentation
Jim Pingle
11:11 AM Todo #11812 (Feedback): Feedback on pfSense Configuration Recipes — Configuring IPv6 Through A Tunnel Broker Service
Updated the doc and added the reboot advice.
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/465c63a97708665... Jim Pingle

10/07/2021

03:13 PM Todo #11743 (Feedback): Feedback on Virtual Private Networks — VPN Scaling
Done:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/54c876ea107be13ffe3fcdfad3e8e27990c1f86c Jim Pingle
02:56 PM Todo #11743 (In Progress): Feedback on Virtual Private Networks — VPN Scaling
https://docs.netgate.com/pfsense/en/latest/hardware/cryptographic-accelerators.html covers it in much more detail but... Jim Pingle
10:34 AM New Content #12432 (Feedback): Add documentation for DNS Resolver Status page
Added:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/b82cfce672ea111e49044889d08af69f47f52f86
https://git... Jim Pingle
10:10 AM New Content #12432 (Closed): Add documentation for DNS Resolver Status page
The DNS Resolver status page ( *Status > DNS Resolver* , @status_unbound.php@) is not currently documented or referen... Jim Pingle
08:16 AM Todo #12428 (Feedback): Feedback on Services — DNS Resolver — Host Overrides
Fixed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/86556c7171b5d22b3e2ce34cca2d9d98d98072b2
 Jim Pingle
12:28 AM Todo #12428 (Closed): Feedback on Services — DNS Resolver — Host Overrides
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dns/resolver-host-overrides.html
*Feedback:*
"IP Ad... Viktor Gurov
08:16 AM Todo #12429 (Feedback): Feedback on Bridging
Fixed:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/1c0e9ed82c951f12336c502ed9be7eabde30cab9
 Jim Pingle
03:10 AM Todo #12429 (Closed): Feedback on Bridging
*Page:* https://docs.netgate.com/pfsense/en/latest/bridges/index.html
*Feedback:*... Viktor Gurov
12:25 AM Correction #11121 (Resolved): Feedback on Services — DNS Resolver
OpenVPN Clients info added Viktor Gurov

10/06/2021

03:38 PM Todo #12261 (Closed): Feedback on pfSense Configuration Recipes — WireGuard VPN Client Configuration Example
Jim Pingle
03:38 PM New Content #12417 (Closed): Add section to IPsec troubleshooting for VTI tunnels not reconnecting
Jim Pingle
03:36 PM Correction #11176 (Feedback): Feedback on Services — DNS Resolver
DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle
03:36 PM Todo #11417 (Feedback): Feedback on Services — DNS Resolver — DNS Resolver Advanced Options
DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle
03:35 PM Correction #11121 (Feedback): Feedback on Services — DNS Resolver
DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle
03:35 PM Correction #9373 (Feedback): Feedback on Services — DNS — Configuring the DNS Resolver
DNS Resolver docs have been updated and now include the requested content.
https://gitlab.netgate.com/docs/pfSense... Jim Pingle

10/05/2021

12:23 PM Correction #9394 (Feedback): Feedback on Services — DNS — Configuring the DNS Resolver
Additional updates:
1. Added a new section to the DNS Lookup page which describes how it selects servers to test.
... Jim Pingle

10/04/2021

03:33 PM Correction #9394 (In Progress): Feedback on Services — DNS — Configuring the DNS Resolver
There are multiple items here that aren't directly related:
1. The DNS test page reports times for configured serv... Jim Pingle

10/01/2021

07:14 PM Todo #12418 (Closed): AutoConfigBackup Menu Structure Documentation
Documentation here states to use Diagnostics --> AutoConfigBackup to reach the service's configuration. It's actuall... Kris Phillips
10:45 AM New Content #12417 (Feedback): Add section to IPsec troubleshooting for VTI tunnels not reconnecting
Done:
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/0a4089d8298e230db7ef3c9ab146bca409521a7e
http://sta... Jim Pingle
10:37 AM New Content #12417 (Closed): Add section to IPsec troubleshooting for VTI tunnels not reconnecting
Add section to IPsec troubleshooting for VTI tunnels not reconnecting. The new periodic check keep alive option in P2... Jim Pingle
12:16 AM Todo #12415 (Rejected): Feedback on pfSense Configuration Recipes
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/index.html
*Feedback:*
https://forum.netgate.com/top... Viktor Gurov

09/30/2021

03:16 PM Todo #12412 (Closed): Feedback on Virtual Private Networks — IPsec — Routed IPsec (VTI)
Fixed (plus a bunch more that were out of date):
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/d7496cc5e09... Jim Pingle
11:41 AM Todo #12412 (Closed): Feedback on Virtual Private Networks — IPsec — Routed IPsec (VTI)
*Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/routed-vti.html
*Feedback:*
"The Hangouts Archive ... Viktor Gurov
03:16 PM Todo #12413 (Closed): Feedback on Services — SNMP
Fixed (plus a bunch more that were out of date):
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/d7496cc5e09... Jim Pingle
11:43 AM Todo #12413 (Closed): Feedback on Services — SNMP
*Page:* https://docs.netgate.com/pfsense/en/latest/services/snmp.html
*Feedback:*
"The Hangouts Archive contain... Viktor Gurov

09/29/2021

10:39 AM Todo #12411 (Resolved): Feedback on High Availability — pfSense XML-RPC Config Sync Overview
*Page:* https://docs.netgate.com/pfsense/en/latest/highavailability/xmlrpc-sync.html
*Feedback:*
A description ... Viktor Gurov

09/28/2021

09:27 AM Correction #12405 (Closed): Wireguard Docs Spelling Error
Merged & Deployed. Jim Pingle

09/27/2021

03:33 PM Correction #12405 (Waiting on Merge): Wireguard Docs Spelling Error
MR: https://gitlab.netgate.com/docs/pfSense-docs/-/merge_requests/24 Christian McDonald
03:04 PM Todo #12182 (Feedback): Update IPsec to match recent changes
Additional updates:
* https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9f424c44b6c9f95f8728e3699db4f9b47fb6e699... Jim Pingle
02:30 PM New Content #11862 (Closed): Document High Availability IPSec
I suspect mostly you were hitting bugs in IPsec that are fixed in 2.6.0/21.09. HA IPsec was covered already, at https... Jim Pingle
 

Also available in: Atom