hi.
first of all to thank for the fabulous work that the team pfsense .
My problem is this , after upgrading to version 2.2 from 2.1.5 .
access to captive portal does not work.
My configuration is as follows .
the captive portal runs on a dedicated interface with a virtual ip
carp ,
which use as gateway users.
I have seen that the ip virutal carp is not added to ipfw rules that
facilitate access to the login page
this are the ipfw rules that actually i can see
65310 allow ip from any to { 255.255.255.255 or 10.128.0.7 or
10.128.0.7 }
in
65311 allow ip from { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 }
to any
out
65312 allow icmp from { 255.255.255.255 or 10.128.0.7 or 10.128.0.7 } to
any out icmptypes 0
65313 allow icmp from any to { 255.255.255.255 or 10.128.0.7 or
10.128.0.7
} in icmptypes 8
the first ip 10.128.0.7 should be 10.128.0.2 wich is the ip virtual carp
10.128.0.2 ---> ip virtual carp
10.128.0.7 ---> phisycal ip interface
I tried to manually put the rules and it works perfectly , but of
course,
this process should be automatic.
also I have seen that:
before in version 2.1.5
em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether xx:xx:xx:xx:xx:xx
inet 10.128.0.7 netmask 0xffff0000 broadcast 10.128.0.255
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lan_vip15: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 10.128.0.2 netmask 0xffff0000
carp: MASTER vhid 15 advbase 1 advskew 200
now in version 2.2
em3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether xx:xx:xx:xx:xx:xx
inet 10.128.0.7 netmask 0xffffff00 broadcast 10.128.0.255
inet 10.128.0.2 netmask 0xffffff00 broadcast 10.128.0.255
vhid 15
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
carp: BACKUP vhid 15 advbase 1 advskew 0
this is a possible cause of this issue.
before in ipfw_context
captive: em3,lan_vip15,
now in ipfw zone list
captive: em3,
any comment would be fantastic.
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold