Unable to Sync Rules without XMLRPC Code 2 error
-
Before you send and just for grins, reboot the secondary CARP cluster member and try to sync again.
-
I've rebooted both of them multiple times whilst making changes and verifying the situation to no effect :-\
However this morning I have had a breakthrough! In reconfiguring the firewall in preparation for sending you the config.xml, I found that it worked if I set the protocol on both firewalls to HTTP. Just to verify I changed the protocol on both firewally back to HTTPS and sure enough got the "communications error" again when trying to sync.
I'll reset the password to a more cryptic one and re-enable device-polling in HTTP mode to see if it still works.
At least we've managed to narrow it down a bit further… did you still want a copy of my config.xml?
-
Did you change the admin username?
http://wiki.pfsense.com/wikka.php?wakka=CARPConfigurationSyncTroubleShooting
-
No, I didn't even know you could change the admin username :o
-
I got the same problem. Running 1.2-RC2. Did you guys ever figure out what was wrong?
-
i recently updated 2 carp-firewalls from 1.0.1 to 1.2-rc2 (because of the failover-pool-feature) and am now stuck with the same problem:
php: : An error code was received while attempting XMLRPC sync with username admin https://10.10.11.252:8443 - Code 2: Invalid return payload: enable debugging to examine incoming payloadas long as there are no changes on node1 the sync works, states get synced, carp works, but when changes are made then the error shows up. but the states sync on. so live carp works, changes in rules or aliases not.
i tried all the above to no success.
any new ideas?thanks in advance,
andy -
I too am having this problem. 1.2-RC2, recent upgrade. We have tried everything else listed above and are unable to get anything other than:
Oct 2 16:28:00 pri php: : Beginning XMLRPC sync to http://192.168.255.2:80.
Oct 2 16:28:00 pri php: : An error code was received while attempting XMLRPC sync with username admin http://192.168.255.2:80 - Code 2: Invalid return payload: enable debugging to examine incoming payload
Oct 2 16:28:00 pri php: : New alert found: An error code was received while attempting XMLRPC sync with username admin http://192.168.255.2:80 - Code 2: Invalid return payload: enable debugging to examine incoming payloadWe have tried HTTP as well as HTTPS. We have checked the user name and password. We have no luck with sync of rules turned on or off.
Our question is how do we "enable debugging to examine incoming payload"? We see know way to do this, and cannot find mention in the documentation. We have tried changing the default setting for debug in the class constructor for XML_RPC_Client and in the "new" call for XML_RPC_Server (in xmlrpc.php). We are not even sure where we should expect to see this debugging information emerge.Can anyone provide some guidance on this?
Thanks in advance,
-nic -
nic: Run this from a SSH session:
tcpdump -i fxp0 -s 1515 -tttt -w /tmp/sync.pcap src or dst 192.168.255.2
replace fxp0 with the interface you're using to sync. Then go to your CARP Settings page, verify your settings, and click Save. Wait a couple minutes, check your logs and make sure it's failed, and go back to your SSH session and hit ctrl-c.
Then go to exec.php and download /tmp/sync.pcap and email (cmb at pfsense dot org) it to me.
superwutze, I'd ask you to do the same but you're using HTTPS so examining the network traffic to find the underlying cause isn't possible.
-
http://devwiki.pfsense.org/CARPConfigurationSyncTroubleShooting
-
i tried http/https, various ports and passwords, various carp-configurations (what to sync) and so on.
the link to the wiki was already posted above and i considered it carefully but to no success.a note to special characters: the default generated rules already contain '-' in their description, also the aliases get comments added with timestamps in them containing ':'. so i guess those characters are ok (but i have non other than [[:alnum:]] in my own rules and descriptions, not even blanks).