[pfSense] Fwd: captive portal doesn´t work after upgrade to 2.2

Mon, 09 Mar 2015 07:09:07 -0700 





hi. 
first of all to thank for the fabulous work that the team pfsense . 


My problem is this , after upgrading to version 2.2 from 2.1.5 . 
access to captive portal does not work. 

My configuration is as follows . 

the captive portal runs on a dedicated interface with a virtual ip carp , which 
use as gateway users. 

I have seen that the ip virutal carp is not added to ipfw rules that facilitate 
access to the login page 

this are the ipfw rules that actually i can see 

65310 allow ip from any to { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 } in 
65311 allow ip from { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 } to any out 
65312 allow icmp from { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 } to any 
out icmptypes 0 
65313 allow icmp from any to { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 } in 
icmptypes 8 

the first ip 10.128.0.7 should be 10.128.0.2 wich is the ip virtual carp 

10.128.0.2 ---> ip virtual carp 

10.128.0.7 ---> phisycal ip interface 

I tried to manually put the rules and it works perfectly , but of course, this 
process should be automatic. 


also I have seen that: 



before in version 2.1.5 

em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 
1500 
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> 
ether xx:xx:xx:xx:xx:xx 
inet 10.128.0.7 netmask 0xffff0000 broadcast 10.128.0.255 
media: Ethernet autoselect (1000baseT <full-duplex>) 
status: active 

lan_vip15: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500 
inet 10.128.0.2 netmask 0xffff0000 
carp: MASTER vhid 15 advbase 1 advskew 200 


now in version 2.2 

em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 
1500 
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> 
ether xx:xx:xx:xx:xx:xx 
inet 10.128.0.7 netmask 0xffffff00 broadcast 10.128.0.255 
inet 10.128.0.2 netmask 0xffffff00 broadcast 10.128.0.255 vhid 15 
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> 
media: Ethernet autoselect (1000baseT <full-duplex>) 
status: active 
carp: BACKUP vhid 15 advbase 1 advskew 0 


this is a possible cause of this issue. 

before in ipfw_context 

captive: em3,lan_vip15, 


now in ipfw zone list 

captive: em3, 


any comment would be fantastic. 



_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold





















					Reply via email to