Upgrade 21.05.2 to 22.01 - no VLAN internet conection
-
Those errors shown are expected, nothing that will cause an issue.
If you can ping the WAN side gateway but nothing beyond that it's probably an outbound NAT issue. I wouldn't have expected anything to change between 21.05.2 and 22.01 there though.
Do you have Outbound NAT in automatic mode?Steve
-
@stephenw10 NAT is set to manual mode. I also tried Hybrid after the upgrade but saw no change.
-
Is there a rule being generated for the subnet you were testing from?
-
In Hybrid, automatic rules were created which were redundant with my manually created rules to the WAN. The non working VLANs had mappings in place to WAN in either mode (manual or hybrid).
-
Hmm, is your VPN set as the default system gateway?
-
Default gateway is the WAN
-
Hmm, that's.... weird!
Are the failing connections policy routed to WAN or just using the default route?
Is there a valid default route shown? That would also prevent connecting to anything beyond the gateway, which is in a directly connected subnet.
Steve
-
Have you limiters on that VLAN? Try to turn them off. This was my case. Seems like bug here, or config change needed.
-
OK after much gnashing of teeth last night I have determined the root cause - Captive portal.
I have one Zone setup with multiple interfaces and MAC addresses allowed. I have triple checked the MAC addresses (including packet capture) to verify but some are still blocked. Those blocked reside on the same VLAN(s). Only a few VLANs are affected (strange). If I IP allow them I have connectivity. If I disable Captive Portal on the interface, connectivity is restored. -
S SteveITS referenced this topic on
-
S SteveITS referenced this topic on
-
Do you have bandwidth limits set on the affected captive portal zones?
-
No bandwidth limits set now or previously.
-
OK thanks. There's definitely some issue there. We are trying to pin it down.
