Can't log in to websites



  • Dear all,
    after the update to 2.4.2 we noticed logging to couple of website log us directly off.
    before the update everything was working fine.

    on the Pfsense box we have 1 Virtual IP on the WAN side.
    we have another Pfsense hardware with one WAN IP and no Virtual IP and everything seems to works fine.
    i hope someone can point me to the right direction to check if this a Pfsense issue is or ISP or a virtual IP

    Thank you



  • Are you using squid, snort, suricata?



  • @KOM:

    Are you using squid, snort, suricata?

    Suricata,
    but we have it disabled now.



  • And you've done the usual steps of trying different browsers, clearing your cache?  Do you have any policy routing going on?  Is this VIP being used as another gateway or is it just for inbound NAT?

    Any time I have something weird going on, I do a packet capture and take a look in Wireshark.



  • @KOM:

    And you've done the usual steps of trying different browsers, clearing your cache?  Do you have any policy routing going on?  Is this VIP being used as another gateway or is it just for inbound NAT?

    Any time I have something weird going on, I do a packet capture and take a look in Wireshark.

    the VIP is using the same gateway and just for inbouwnd NAT.
    yes different browsers , google chrome, edge, internet explorer, firefox…..
    when we log on a different location the with the same setting and IPS is on, stuff works fine.

    I am not familiar with wireshark but I can do a capture.
    can I share the capture with you on a private if it not containing a private information ?

    Thank you



  • can I share the capture with you on a private if it not containing a private information ?

    You're better off posting it here for everyone to help with, assuming you can scrub any public address details out.  I can't guarantee I'll get a chance to look at it since I'm at work at the moment.

    we noticed logging to couple of website log us directly off.

    What exactly do you mean here?  Any error messages?  Or does it just instantly return you to the login page?



  • @KOM:

    can I share the capture with you on a private if it not containing a private information ?

    You're better off posting it here for everyone to help with, assuming you can scrub any public address details out.  I can't guarantee I'll get a chance to look at it since I'm at work at the moment.

    we noticed logging to couple of website log us directly off.

    What exactly do you mean here?  Any error messages?  Or does it just instantly return you to the login page?

    yes is exactly what I mean, it return to the login page after we log in.



  • Packet capture.  Now is your chance to learn something new.  Start checking out some short tutorials on how to use Wireshark, which is a free packet analysis tool available for many platforms.  Anyone who is in charge of maintaining a network should have at least a basic understanding of Wireshark and packet analysis.


  • Rebel Alliance Global Moderator

    My money is on RST from their server ;)



  • We have contacted our ISP they said it appear something to happen with Layer 7.
    we don't know yet for sure if they meant switch layer 7 which we don't have .
    so tomorrow will have to ring them.





  • We have managed to get this fixed,
    it was the sticky connection option which is needed to be enabled.
    after enabling this option stuff start working.



  • it was the sticky connection option which is needed to be enabled.

    Huh?  What 'sticky connection' option?  Where?



  • Here : System => Advanced => Miscellaneous => Load Balancing => Use sticky connections
    Wonder why … Jamerson never spoke abound load balancing.