I have a project with a looming deadline that involves installing 15
pfSense firewalls at hotels to provide firewall and Captive portal
services. I'm using the PFW201 hardware from Tranquilnet with the Intel
NIC's (the first unit was from Tranquilnet, but when they stopped selling
the units with the Intel NIC's I found the supplier and ordered direct
from them. Here's what features the units are configured for (apologies
for miswordings -- I don't have access to a device in front of me):

Firewall rules to allow remote maintenance from specific IP addresses
Gateway Groups
Captive Portal

After what I thought was thorough testing, I tried to deploy a unit last
night at 4am. Here's what happened:

At first I had a bad connection to one of my WAN connections and so
Internet was slow. I fixed the cabling issue and rebooted, so far so good.

Then I replaced a switch that was defective. Now things started getting
strange. First the Captive Gateway stopped redirecting users. In other
words if you knew the gateway's address and browsed to http://a.b.c.d:8000
and entered the password you could access the Internet

So I turned off the Captive Portal. Now I later realized this deleted the
captive gateway redirect page and the incorrect password page. I don't
know if this is the design or not, but it seems strange. Anyway, I

For twenty minutes Internet access worked, then it stopped working
entirely. I tried browsing to the admin page. I logged in and got to the
main page, but it took forever to get to another page. I was accessing
wirelessly, so this could have been part of the issue.

Anyway, given that Internet access stopped working after 20 minutes under
very light load (there were four users on the Captive gateway when I
disabled it), I bailed on the install and put the old gateway back in

Now my question is, what is going wrong? I've tried the same config on
multiple devices, so I don't think it's hardware. Could my config have
become corrupted? Or could there be some issue with my config and 2.1.4 (I
tested things extensively with 2.0.3 and then upgraded to 2.1.3. But when
2.1.4 came around I didn't test.

Also, when I started to duplicate flash cards on Tuesday I experienced the
same issue with the captive gateway (redirects not working, browsing to
http://a.b.c.d:8000 and authenticating allowed access to the Internet). I
hadn't gotten much sleep, and when I got back to this on Thursday the
problem went away.

Final crazy thought. One of the last changes I made after testing the
gateway but before deployment was to change the name and the domain name.
Any chance changing the domain name could have anything to do this?

Please let me know if there's any information I can add. Also, thanks in
advance for any insight provided.

Jason M.
List mailing list

Reply via email to