# https ports on PF



## mug23 (Mar 3, 2011)

Hello,

I'm new to this forum and new to PF which is installed on OpenBSD 4.4. I'm currently having some issues with trying to access certain web sites that is on https. I seem to not able to load some https sites and somehow, the firewall seems to be blocking port 443 traffic. The https web site trys to load once I give it the correct username and password, but all of sudden it kicks me out. It happens on a few of the https sites I try to get to.

For testing, I connected a laptop directly on the DMZ and that https web site loaded with no problems. Also, I cannot get to my company's web mail also using https and now I'm able to access it while the laptop is still in the DMZ. 

The firewall was implemented by someone else who knows PF very well and it's working nicely in my company's network.

1). Can anyone tell me how to find out if port 443 is open?

2). If that ports is not open, how can I open it? Not sure what script to use.

3). I'm not sure what's going on. 

If anyone can help me out on how to diagnosis the problem and how to fix it, that would be great.

Thank you,


----------



## SirDice (Mar 3, 2011)

mug23 said:
			
		

> I'm new to this forum and new to PF which is installed on OpenBSD 4.4.


OpenBSD != FreeBSD.


----------



## mug23 (Mar 3, 2011)

SirDice said:
			
		

> OpenBSD != FreeBSD.



I know this is a FreeBSD forum and I also do use FreeBSD as well, but should PF work in a similar fashion either in FreeBSD or OpenBSD? I'm sure the scripts are for the firewall rules are almost the same, right?


----------



## SirDice (Mar 3, 2011)

mug23 said:
			
		

> I know this is a FreeBSD forum and I also do use FreeBSD as well, but should PF work in a similar fashion either in freebsd or openbsd?


No, it does not. FreeBSD 8.x has the same PF as OpenBSD 4.1. OpenBSD 4.4 has a completely different version of PF. So I suggest asking OpenBSD related questions on the OpenBSD forums.


----------



## gkontos (Mar 3, 2011)

@mug23
Without the pf.conf there is not much thing anyone can help you with.
I would also suggest that you use tcpdump for troubleshooting.


----------

