{"id":1195,"date":"2014-09-19T00:14:46","date_gmt":"2014-09-19T00:14:46","guid":{"rendered":"http:\/\/www.omniweb.com\/wordpress\/?p=1195"},"modified":"2014-09-19T00:14:46","modified_gmt":"2014-09-19T00:14:46","slug":"troubleshoot-stunnel-on-pfsense","status":"publish","type":"post","link":"https:\/\/www.omniweb.com\/wordpress\/?p=1195","title":{"rendered":"Troubleshoot Stunnel on PFSense"},"content":{"rendered":"

Replaced a linux router with pfsense to handle NAT. Before stunnel worked from a remote site to a port on the linux router that forwarded to an internal mysql server. Now I haven’t been able to get it working with PFSense, I added the Stunnel package, added the certificate from the remote side into pfsense, and set up the listening port. But when the remote side tries to connect, it just gets: <\/p>\n

“ERROR 2013 (HY000): Lost connection to MySQL server at ‘reading initial communication packet’, system error: 104” <\/p><\/blockquote>\n

and there doesn’t seem to be any logging in PFsense to show whether the connection happened or not. Is there any way to see that logged? how can i troubleshoot this further?<\/p>\n

Well I just found in the ‘system’ log messages such as the following: <\/p>\n

\n connect_blocking: s_poll_wait 192.168.0.2:3306: TIMEOUTconnect exceeded\n<\/p><\/blockquote>\n

but wonder why it’s timing out? This worked from the linux router on the same internal ip…<\/p>\n

Resolved: the source address in pfsense Stunnel needs to be the internal LAN address, but I had the WAN address in there. Obvious in retrospect!<\/p>\n","protected":false},"excerpt":{"rendered":"

Replaced a linux router with pfsense to handle NAT. Before stunnel worked from a remote site to a port on the linux router that forwarded to an internal mysql server. Now I haven’t been able to get it working with … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/1195"}],"collection":[{"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1195"}],"version-history":[{"count":1,"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/1195\/revisions"}],"predecessor-version":[{"id":1196,"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/1195\/revisions\/1196"}],"wp:attachment":[{"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1195"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1195"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.omniweb.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1195"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}