request handler failed
-
Ok I think I've replicated that. Digging....
-
If it's the same issue we saw, there's likely an alias in config.xml with an invalid description (e.g.
||). There is a fix, but it won't be included in the release. -
@marcosm AFAIS there are 5 Aliases in the demo box, none has a pipe in the description. But the character should be fine though we've used them at work quite much as a separator. In this case, descriptions are only alphanum.
BUT: I have aliases with an underscore "_" and have seen other stuff like VLAN descriptions that omit that character, so perhaps it's the same one here?
Other idea: I have a Host alias, that has many MANY entries and those entry descriptions have slashes or german umlauts in them. So that could also add to it?AddOn Problem:
Besides that, I get no error e.g. calling the OpenVPN Server/Client tabs but no content shown there besides a VPN client configured. Any ideas why here? -
Hmm, you mean you can't add a new client/server there?
What do you actually see?
-
@stephenw10 Nothing at all:
In the WebUI:
So it's there, it get's connected and is up but won't show up in MIM at all. No strange descriptions or special characters there, too and MIM doesn't throw any messages or errors.
Don't forget to upvote ๐ those who kindly offered their time and brainpower to help you!
If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.
-
Ah just had a thought and wanted to create a quick RAS server to see if it would work but there I saw, that MIM has no option for DCO implemented. As the client tunnel mentioned above is a pretty new tunnel to my work lab, it's built with DCO enabled so perhaps MIM has no clue about a few options used in the client and therefore won't show it? Just wondering why though because other problematic menus gave an error at least?
Just an idea though.
Also: "local database" won't show up as authentication provider when trying to create a new RAS server, so not sure it would even work to set one up in the normal webui to display when MIM has problems with this.
And the certificates and CAs showing up in the webui (and actually created on pfsense originally) also won't show up. -
@JeGr I was able to replicate that OpenVPN issue (NG#18014). Thanks!
As for the aliases, would you be able to share the config that triggers the issue?
-
@marcosm If it could be send to you directly or via TAC/partner contacts (we are partners), that would work. Posting on the forums not so much, as the alias in question is a pretty long one that also has descriptions that may expose clients etc.
But I can try removing the aliases one by one and check which one triggers the problem and try to recreate a similar scenario that's safe to share if that would be easier?
Would have to be tomorrow though as it's nearly 1am here already and I'm way past overtime ;) -
@JeGr Try to narrow down which one is causing the issue. Indeed it could be the international character one(s). If you don't have any luck narrowing it down, I can provide a file-drop link.
-
@marcosm I've Lab time scheduled tomorrow for preparing a workshop next week so will definetly play it through first thing in the morning, just need a few hours sleep in between.
Will have the results by the morning your time :)
-
@marcosm OK here we go. I think I have found a few things with aliases and where the problem with not showing up in my case came from:
- old alias from a <24.03 era. Created with multiple entries but the entry description empty. That was valid, now an empty entry automagically gets the date/time created as a description so it isn't empty. But it was valid to be empty before and apparently MIM doesn't like aliases with empty entry descriptions:
Writing some comment like "10/8" etc. behind the entry makes all aliases appear back!
- Not a bug but: having a really big alias I created for policy routing (e.g. multiple host/network IPs that should be routed through a specific VPN connection via policy based rules). That gets displayed OK'ish in MIM, but ALL entries are shown. In my case, that alias is frickin' HUGE. So I have an alias list page that scrolls for 2 pages for a single alias ;) Should be cut short or at least only shown the first 5-10 entries and then have a sort-of "..." overflow toggle to show/hide the content?
It's a bit excessive
- The dreaded umlaut/special char problem seems fine :) I checked most characters in description or entry desc's and it seems to handle just fine:
-
After creating the test Alias I can't rename it. That seems like a bug? as renaming an alias is something quite essential that works in WebUI and quite crucial for our daily work.
-
creating an alias with an unsupported character denies its creation - sure - but it never says WHY or which characters are allowed:
That mask gives just
That is quite nondescriptive. If I wouldn't have known that dashes are not allowed in aliases I'd be stumped as to why I'm not allowed. Error message should show why / which field is the culprit and the field the allowed chars as description or mouse over.
That's as far as I have come up until now :)
Cheers,
\jens -
Great feedback. Thanks!
Yeah I have some configs with deliberately huge aliases and it gets....interesting!
-
@stephenw10 said in request handler failed:
Great feedback. Thanks!
Yeah I have some configs with deliberately huge aliases and it gets....interesting!
Pleasure.
I think the biggest problem that results in no aliases/rules shown will be the empty descriptions that are/were allowed in the past, many configs will spout them,
