That option was checked. I unchecked it. Thanks.

Robert

I have not seen Homeseer 3 update itself in Linux.

I have seen in the Homeseer 3 Windows versions the check of an update and a manual request to update or not.



The manage update page too automagically would check for updates. Lately it would just stop if one update of plugins was inaccessible where as the old updates would time out on inaccessible plugins and continue. You would see this in the logs.

I believe that Rich has fixed this issue with V.367. That and a new change of methodology for having a common Internet resource for new plugins rather than having a unique per plugin base.

A Windows 10 rant here which has nothing much to do with Homeseer core.

============================================

The above noted one of the first issues with Windows 10 relating to updating and the share of a update from one computer to many Windows 10 computers on the same network. This caused many issues with folks on metered Internet connections globally. Windows 10 does not ask anymore. Here updated a test Homeseer Touch client initially running Windows 8.1 then updated for free to Windows 10 modifying the OS such that it would not do this and then over time with updates loss the ability to tweak it such that it would untweak itself with the next update. The new Windows 10 embedded is almost purely cloud driven such that I have regressed here to using only Windows 7 and Windows XP embedded for my Homeseer Touch screens.

============================================

That and the dynamic DNS stuff of myhs dot com while disabled is still calling home. This is documented here on the forum. It was the same for Homeseer 2.

For a while I was blocking the call home stuff on PFSense. A check is see it working in vivo is to just look at the Help menu. There you will see your WAN address ==>WAN IP Address: www.xxx.yyy.zzz whether you have myhs enabled or not. Then look at your firewall logs to see it working in vivo.

Such that all this stuff on a metered connected will cause issues.

PFSense has a network packet capture tool. You could enable a capture with your HS3 server's ip as the source or destination. Then run an update from HS3


Sent from my iPhone using Tapatalk

Easy pass is another option.

Just look at your dynamic firewall logs and pick an item you want to pass and create an easy rule for it.

[ATTACH]63522[/ATTACH]

I have a web site running here on port 80 on a LAN address here.
I have forwarded pfsense so that external traffic can get to it - that works fine

The problem I am having is when I try to go to the WAN ip address on port 80 on the actual machine where it is running I get to the pfsense login instead of my site.

I am not sure why this is happening. Any ideas?

So you have PFSense enabled as your firewall.

Inside of you network you have a webserver running using port 80.

You have configured PFSense to port forward 80 to your web server from the internet.

Are you trying to get to the WAN IP address port 80 from the inside of your LAN or outside of your LAN on the internet?

Not totally sure about your issue and found this here:

Why does enabling NAT Reflection break web surfing

If an improperly specified NAT Port Forward exists it can cause problems when NAT Reflection is enabled.

The most common way this issue arises is when there is a local web server, and port 80 on the WAN is forwarded there. When NAT Reflection is enabled, any connection made to an external web site comes up as the internal web site instead.

To fix this, edit the NAT Port Forward for the offending port, and change External Address to Interface Address instead of any.

If an external address of "any" is absolutely required, then NAT Reflection will not be possible on this firewall and Split DNS must be used instead.

PFSense Firewall Group purchase interest

I had a problem when I first stood up my reverse proxy on my firewall using port 443. On my LAN I had set my firewall webUI to only allow HTTPS connections on port 443 to LAN users. Internal users were not able to access the reverse proxy and instead hit the firewall webui login screen. I ended up having to move my PFsense firewall secure webui to port 444.

Is your PFSENSE firewall insecure webui hosted on port 80 to your LAN?


Sent from my iPhone using Tapatalk

Yes it is - that could be why I guess.
I will try a different port and see if that helps

I tried a different port but no success

My LAN machines cannot access the URL for my web site. A computer on my network that is connected to a VPN works fine accessing my site

I should note that I can access the site using the internal ip address from my machines on my LAN but I cannot use the external URL or ip address. pfsense must be blocking it somehow.

Are you trying to access the WAN IP via the internal lan?

Try enabling NAT reflection. It is optional. Some routers do this by default and others do not.

Another thing is that you should not be able to see the PFSense GUI from the WAN interface.

Do a copy and past of your firewall rules here. I am curious why you are seeing the GUI from an external interface.

I will do this once I am home from work. Thanks Pete

Here is a step by step to be able to access your Web server via PFSense.

1. Under ‘System -> Advanced’, change the TCP port to anything but 80 or blank. If your website is using SSL (HTTPS) then do not use 443 like I have. If your web server does not use HTTPS use 443, if it does use 444 for pfSense from now on. This will change how you access pfSense from now onwards e.g. https://10.0.0.1:444.

Save and Apply this setting and wait for pfSense to redirect you or you can redirect yourself to the new web interface URL.

[ATTACH]63602[/ATTACH]

2. Once in the new URL, return to ‘System -> Advanced’ and check the ‘WebGUI redirect’ option to prevent pfSense from redirecting your web server to itself. Save and Apply this setting.

[ATTACH]63603[/ATTACH]

3. While still in ‘Advanced’, navigate to the ‘Firewall/NAT’ tab and scroll down to ‘Network Address Translation’. Change the ‘NAT Reflection’ mode for port forwards’ to ‘Enable’. Choose the option which suits you more. I found ‘NAT + Proxy’ works for me but ‘Pure NAT’ does not.

[ATTACH]63604[/ATTACH]

Choose (NAT + Proxy) Reflection mode.

Optional Step: On the top menu, click ‘Firewall -> Aliases’. Here you can set an alias for a Machines, Ports and URLs, saving you having to change the IP address in a lot of different places if it does change. Create a new ‘IP Alias’ with the information of the web server. You can now just reference the Alias instead of the IP address.

[ATTACH]63605[/ATTACH]

4. Navigate to ‘Firewall -> NAT’ from the top menu bar. This is where you configure Port Forwarding, 1:1, Outbound and NPt. You want your port forward table to look like this (I used an IP instead of an Alias…bad Calvin). To do so, create a new ‘port forwarding’ rule.

[ATTACH]63606[/ATTACH]

5. Enter in the details of your web server. Any red input boxes are linked to aliases. You can select HTTP and HTTPS from the port dropdowns . If you are running server blocks on NGINX or Virtual Hosts on Apache, you will only need to port forward that one host.

[ATTACH]63607[/ATTACH]

This is for port 80

[ATTACH]63608[/ATTACH]

This is for port 443

6. Save and Apply the changes.

Congratulations, you should be able to access your web server from the Internet!

The NAT reflection mode fixed it for me Pete. Thank you sir