Interface assignment / VLAN problems
-
On a 6100 with pretty basic configuration, following errors can easily be discovered:
- Interfaces / VLANs: you can show the configured VLANs already on the device but creating a new one gives
invalid interface
as error. Deleting is fine but creating is bugged right now (RC). In Beta I had another failed state that only allowed one VLAN per interface, adding another was "invalid". - VLAN Priority can't be 0. pfSense itself creates it with 0 when no prio is given but the controller doesn't allow that.
- Assigning an interface results in error
- Naming an interface like
V123_name
is totally OK in GUI but controller strips the underscore every time and createsV123name
instead. Shouldn't be the case as "_" is allowed as a descriptor.
That's just about 30min of looking into the RC currently.
Cheers
- Interfaces / VLANs: you can show the configured VLANs already on the device but creating a new one gives
-
What error are you seeing assigning an interface?
-
This should be fixed in the release.
-
My bad it should read "unassigning" or deleting an assignment. I can assign it OK, but (after I add a VLAN through the normal GUI as it won't work in MIM) when I assign a VLAN, apply that and then want to delete it, I get a "request handler" error again.
Also adding/assigning the interface and typing "v123_guest" in the description just removes the underscore without any message. It just gets dropped for no reason.
Funny: if you check the normal WebGUI it's already gone and the MiM just doesn't read/refresh correctly and doesn't see it's gone already.
-
Hmm, yeah something up here. Digging...
-
@stephenw10
I'd guess it is something related to missing config variables in the MIM endpoint. I got to create a server on the WebUI that actually showed up in MIM (the client,not so much). That and perhaps problems loading the certificates and auth methods (none defined besides the local database default)But: the config is pretty mangled and botched if I open it up via edit in MIM. DCO is missing, certificates are empty, crypto only partially correct, the DEA list is wrong (I disabled all ciphers and only had AES256GCM as DEA and fallback configured) and shows the default (AES256,128,CHACHA).
Also a bit further down, toggles are randomly enabled like route everything v4/v6 via GW, TOS, InterClient Comm & NETBIOS, that are definetly OFF in the WebUI).So something shakes the config up pretty badly.
-
Mmm, work to be done!
-
@stephenw10
If you need more info, fire away as I'm in prep mode for next week for a workshop with new pfsense features and stuff, so anything I can get to you to get fixed for 24.11 release or afterwards would nice as I can show it and tell people "it's getting fixed as we speak" :)