[prev in list] [next in list] [prev in thread] [next in thread]
List: pfsense-discussion
Subject: [pfSense] =?utf-8?q?captive_portal_doesn=C2=B4t_work_after_upgrad?= =?utf-8?q?e_to_2=2E2?=
From: daniel soto <daxocam () gmail ! com>
Date: 2015-03-24 8:22:02
Message-ID: CAEnkwuW5xiPJQu5CjhVguinpsdDk4bGeZFtnoE7sN4+feBFEKw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
hi.
first of all to thank for the fabulous work that the team pfsense .
My problem is this , after upgrading to version 2.2 from 2.1.5 .
access to captive portal does not work.
My configuration is as follows .
the captive portal runs on a dedicated interface with a virtual ip carp ,
which use as gateway users.
I have seen that the ip virutal carp is not added to ipfw rules that
facilitate access to the login page
this are the ipfw rules that actually i can see
65310 allow ip from any to { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 }
in
65311 allow ip from { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 } to any
out
65312 allow icmp from { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 } to
any out icmptypes 0
65313 allow icmp from any to { 255.255.255.255 or 10.128.0.7 or 10.128.0.7
} in icmptypes 8
the first ip 10.128.0.7 should be 10.128.0.2 wich is the ip virtual carp
10.128.0.2 ---> ip virtual carp
10.128.0.7 ---> phisycal ip interface
I tried to manually put the rules and it works perfectly , but of course,
this process should be automatic.
also I have seen that:
before in version 2.1.5
em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether xx:xx:xx:xx:xx:xx
inet 10.128.0.7 netmask 0xffff0000 broadcast 10.128.0.255
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lan_vip15: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 10.128.0.2 netmask 0xffff0000
carp: MASTER vhid 15 advbase 1 advskew 200
now in version 2.2
em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether xx:xx:xx:xx:xx:xx
inet 10.128.0.7 netmask 0xffffff00 broadcast 10.128.0.255
inet 10.128.0.2 netmask 0xffffff00 broadcast 10.128.0.255 vhid 15
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
carp: BACKUP vhid 15 advbase 1 advskew 0
this is a possible cause of this issue.
before in ipfw_context
captive: em3,lan_vip15,
now in ipfw zone list
captive: em3,
any comment would be fantastic.
[Attachment #5 (text/html)]
<div dir="ltr"><br>hi.<br>first of all to thank for the fabulous work that the team \
pfsense .<br><br><br>My problem is this , after upgrading to version 2.2 from 2.1.5 \
.<br>access to captive portal does not work.<br><br>My configuration is as follows \
.<br><br>the captive portal runs on a dedicated interface with a virtual ip carp , \
which use as gateway users.<br><br>I have seen that the ip virutal carp is not added \
to ipfw rules that facilitate access to the login page<br><br>this are the ipfw rules \
that actually i can see <br><br>65310 allow ip from any to { 255.255.255.255 or \
10.128.0.7 or 10.128.0.7 } in<br>65311 allow ip from { 255.255.255.255 or 10.128.0.7 \
or 10.128.0.7 } to any out<br>65312 allow icmp from { 255.255.255.255 or 10.128.0.7 \
or 10.128.0.7 } to any out icmptypes 0<br>65313 allow icmp from any to { \
255.255.255.255 or 10.128.0.7 or 10.128.0.7 } in icmptypes 8<br><br>the first ip \
10.128.0.7 should be 10.128.0.2 wich is the ip virtual carp<br><br>10.128.0.2 ---> \
ip virtual carp<br><br>10.128.0.7 ---> phisycal ip interface<br><br>I tried to \
manually put the rules and it works perfectly , but of course, this process should be \
automatic.<br><br><br>also I have seen that:<br><br><br><br>before in version \
2.1.5<br><br>em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> \
metric 0 mtu 1500<br> \
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM><br> \
ether xx:xx:xx:xx:xx:xx<br> inet 10.128.0.7 netmask 0xffff0000 \
broadcast 10.128.0.255<br> media: Ethernet autoselect (1000baseT \
<full-duplex>)<br> status: active<br><br>lan_vip15: \
flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500<br> inet \
10.128.0.2 netmask 0xffff0000<br> carp: MASTER vhid 15 advbase 1 \
advskew 200<br><br><br>now in version 2.2<br><br>em3: \
flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu \
1500<br> \
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM><br> \
ether xx:xx:xx:xx:xx:xx<br> inet 10.128.0.7 netmask 0xffffff00 \
broadcast 10.128.0.255<br> inet 10.128.0.2 netmask 0xffffff00 broadcast \
10.128.0.255 vhid 15<br> nd6 \
options=21<PERFORMNUD,AUTO_LINKLOCAL><br> media: Ethernet \
autoselect (1000baseT <full-duplex>)<br> status: active<br> \
carp: BACKUP vhid 15 advbase 1 advskew 0<br><br><br>this is a possible cause of this \
issue.<br><br>before in ipfw_context<br><br>captive: em3,lan_vip15,<br><br><br>now in \
ipfw zone list<br><br>captive: em3,<br><br><br>any comment would be fantastic.</div>
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic