Pfsense, No internet when it is said "You are connected".
-
We have over 100 pfsense deployments in the field and are encountering this issue as well.
-
Really you have 100 installs of pfsense in the field and the most you can add to the information about the problem is
+1
WTF??????
Sorry but BS!!!
-
Um, yeah, waaay more info required.
I assume you mean you log into the captive portal and it reports you are connected but you are still unable to reach external sites?
And you have tried the suggestions here?:
https://docs.netgate.com/pfsense/en/latest/book/captiveportal/troubleshooting-captive-portal.htmlSteve
-
@johnpoz this is the whole problem with pf now. Unfortunately we do indeed have many of these. We do use these for CP. Users Macs/iPhones/androids all get the error that indeed says just that. Now we have another revision that feels like we are beta testing software and troubleshooting.
I indeed have more information about this is related to users that have logged in before and try again. The only difference on these boxes is the firmware update.
Instead of believing customers and helping solve their issues. Just saying BS. Why would we login to lie about an issue? This is an unfortunate turn.
-
@MTNet and the browers says you are connected but never by passes it and no internet if you close it. It’s the same problem detailed above..
-
But what problem are you actually seeing? Which post above are you saying you have the same problem as?
We can only guess at this point.Edit: Ah,OK I see your second reply there now.
Did you try the patch suggested above?
Does it fail when the connection is lost or seemingly at random?
Steve
-
Once the user gets the page they always get the page. Reboot of the device and pfsense don’t clear it.
Honestly we have been migrating CP off of pfsense. So we didn’t spend much time troubleshooting. We’ve tried deleting it and recreating it all of the above short of downgrading.
We had some short term success upgrading and then the user reauthed the first time then later the issue can back.
-
The point is anyone running 100 sites should be able to provide actual troubleshooting information instead of just saying "mine doesn't work either."
It takes time to build out a duplicate network that might (might) imitate the issue you are having.
If you are experiencing the problem then you already have an environment (or 100 of them, apparently) Where is the break down? Is it DNS? DHCP? Is it ipfw? Is it pf? does the captive portal entry still exist? Is the IP address/MAC address pair changing from the pair that was logged in? Anyone running 100 captive portals ought to know exactly what the pieces are necessary for the user experience. Which one is breaking?
Lots of possibilities there. At this point what is wrong is a mystery for lack of specific troubleshooting information provided.
-
Did you read this forum? If you are familiar with these at all you would have most of the questions you just asked answered.
-
- we have over 100 so it’s not isolated
2 they stopped working with a recent update.
3 you’re getting dhcp because you are getting redirected to the page that says your connected
4 if it’s the first time logging in you connect fine. Not dhcp/ipfw/dns
5 users are reporting that downgrading fixed their issue.
Seems like a ton of technical information right there to me.
- we have over 100 so it’s not isolated
-
Still nothing actionable. What did you contribute to a better understanding of the issue?
-
@MTNet said in Pfsense, No internet when it is said "You are connected".:
Seems like a ton of technical information right there to me.
Actually ZERO of it!!
-
Well, we're talking about the "You are connected" bug, so, the why and what is known for months now.
There was a solution, actually two solutions available as patches, one was abandoned and the remaining one isn't compatible with 2.4.4-p3 at the moment.
https://github.com/pfsense/pfsense/pull/4042 - see the bottom.A initial work around works well, though :
Do not edit portal settings when users are connected.
Or
If you have to edit portal settings , just hit this button after the edit :
-
That wouldn't be fixed by downgrading pfsense.. According to the redmine all version are affected by this bug.
So he is saying he is editing the CP settings at 100 sites? To cause this?
There is zero "technical" information provided by him..
-
Mmm, editing the captive portal at every site seem unlikely at best.
If that is the case though a better post would have been 'We are seeing the same symptoms described here: https://redmine.pfsense.org/issues/8616'.
You say you have tried 'all of the above', does that mean you tried that patch and it didn't work for you?
Steve
-
^ exactly zero useful info..
If you read his first post from another thread he is running "2.3.4 p1" and can not update, etc..
So he has 100 sites all running 2.3.4 - WTF???
-
@stephenw10 said in Pfsense, No internet when it is said "You are connected".:
you tried that patch and it didn't work for you?
I used one of the patches, the now retired version of @free4, on 2.4.4-p2.
That solved the issue that wasn't really an issue for me. I stopped editing the captive portal config years ago. -
That’s fine then. If you are from Netgate you know who we are and we are not lying about the number of units. If you would like to ASK questions that would help solve this feel free. I’m not going to argue with if enough information was provided.
As said the only difference is updating. And they are updated to the latest.
We are not editing CP.
-
@Gertjan that helped initially then we had users report it again.
-
My point was not that you were lying about the number of units.. Not trying to argue with you... My point is that you have provided ZERO info in trying to help you that is worth anything..
So you updated all of your 2.3.4p1 boxes to 2.4.4p3 and now they have a connected but no internet problem... And you are not editing any captive portal settings when this happens?
And then you roll back to what 2.4.4p1? And your saying you have no issues? Or you rolling them back to 2.3.4?
If your not editing the captive portal then your issue is not related to the current redmine issue being discussed..
I find it difficult to comprehend that someone that has 100 some deployments has no clue how too provide actual useful info the problem they are experiencing.
