Upgrade to 2.6.0 causes voip to no longer work and I can't ping the internet
-
Start a ping to 8.8.8.8. Then check Diag > States to make sure the correct states are being opened. You should see a state on the internal interface and a state with NAT on the WAN.
Steve
-
@stephenw10 the states relating to 8.8.8.8 all say 0.0
I have no idea what this means though :)
-
@keithunder I don't see where you answered my question about having any limiters configured...? In that other thread limiters seem fine for some but problematic for others.
-
@steveits I don't think I have any limiters configured.. How would I find out if I had?
-
@keithunder Firewall/Traffic Shaper/Limiters, and there would be firewall rules and/or floating rules configured to use them. (in the rule, Advanced Options, In / Out pipe)
-
@steveits Oh yess I don't have any limiters set up and I have disabled all firewall rules except the default ones on the lan the anti lockout one and the allow all are the only ones I have
-
@keithunder You do have captive portal though, and there is at least one comment about disabling that fixing connectivity:
https://forum.netgate.com/topic/170084/upgrade-21-05-2-to-22-01-no-vlan-internet-conection/10
-
@steveits I have disabled the captive portal
-
@keithunder said in Upgrade to 2.6.0 causes voip to no longer work and I can't ping the internet:
the states relating to 8.8.8.8 all say 0.0
They exist on both interfaces though and have NAT correctly on WAN? Can we see them?
Steve
-
Hello
I am also having this issue.
I can confirm that Captive Portal is the cause, and that using "Allowed IP Addresses" or disabling Captive Portal restores SIP calling.I am not sure if this is caused by VLAN interfaces conbined with Captive Portal because both of my pfsense systems use VLAN for Wireless, and both are affected.
Please let me know if I can provide more information to get this fixed.
Thanks -
@pieter_sa said in Upgrade to 2.6.0 causes voip to no longer work and I can't ping the internet:
VLAN interfaces conbined with Captive Portal because both of my pfsense systems use VLAN for Wireless, and both are affected.
VLAN's or not. using Wireless devices, or devices using "cables", the issue stays.
Only TCP passes, no ICMP, no UDP. It looks like it's an ipfw issue, or worse, related so 'something' in FreeBSD 12.3, which means a simple 'patch' can't repair this. These are my thought of course.
If you need a working captive portal, consider going back to 2.5.2. -
We have discovered the root cause of this now. It should be possible to patch the ipfw ruleset to allow it. https://redmine.pfsense.org/issues/12834
Steve
-
@stephenw10 Wow that is brilliant how do I patch? or should I wait till the next version?
I am currently using the backup computer for live
-
https://redmine.pfsense.org/issues/12834 doesn't contain "patch" info, just the issue itself and a the related forum thread " UDP/ICMP is not working after upgrade to 2.6.0 ".
I'm logged into redmine, but that doesn't show more info.
Is it 'not ready yet' ?
I have a captive portal up and running with several connected clients that are willing to test drive. -
Indeed it's not ready yet. We had a basic patch that worked past the issue for most situations but was still broken for the allow MAC table. However further testing showed other issues with more complex setups. Now that we know the root cause though we should be able to patch the ruleset to allow for it. We are testing patches now.
Steve
