Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't log in to websites

    Scheduled Pinned Locked Moved General pfSense Questions
    14 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jamerson
      last edited by

      Dear all,
      after the update to 2.4.2 we noticed logging to couple of website log us directly off.
      before the update everything was working fine.

      on the Pfsense box we have 1 Virtual IP on the WAN side.
      we have another Pfsense hardware with one WAN IP and no Virtual IP and everything seems to works fine.
      i hope someone can point me to the right direction to check if this a Pfsense issue is or ISP or a virtual IP

      Thank you

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Are you using squid, snort, suricata?

        1 Reply Last reply Reply Quote 0
        • J
          Jamerson
          last edited by

          @KOM:

          Are you using squid, snort, suricata?

          Suricata,
          but we have it disabled now.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            And you've done the usual steps of trying different browsers, clearing your cache?  Do you have any policy routing going on?  Is this VIP being used as another gateway or is it just for inbound NAT?

            Any time I have something weird going on, I do a packet capture and take a look in Wireshark.

            1 Reply Last reply Reply Quote 0
            • J
              Jamerson
              last edited by

              @KOM:

              And you've done the usual steps of trying different browsers, clearing your cache?  Do you have any policy routing going on?  Is this VIP being used as another gateway or is it just for inbound NAT?

              Any time I have something weird going on, I do a packet capture and take a look in Wireshark.

              the VIP is using the same gateway and just for inbouwnd NAT.
              yes different browsers , google chrome, edge, internet explorer, firefox…..
              when we log on a different location the with the same setting and IPS is on, stuff works fine.

              I am not familiar with wireshark but I can do a capture.
              can I share the capture with you on a private if it not containing a private information ?

              Thank you

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                can I share the capture with you on a private if it not containing a private information ?

                You're better off posting it here for everyone to help with, assuming you can scrub any public address details out.  I can't guarantee I'll get a chance to look at it since I'm at work at the moment.

                we noticed logging to couple of website log us directly off.

                What exactly do you mean here?  Any error messages?  Or does it just instantly return you to the login page?

                1 Reply Last reply Reply Quote 0
                • J
                  Jamerson
                  last edited by

                  @KOM:

                  can I share the capture with you on a private if it not containing a private information ?

                  You're better off posting it here for everyone to help with, assuming you can scrub any public address details out.  I can't guarantee I'll get a chance to look at it since I'm at work at the moment.

                  we noticed logging to couple of website log us directly off.

                  What exactly do you mean here?  Any error messages?  Or does it just instantly return you to the login page?

                  yes is exactly what I mean, it return to the login page after we log in.

                  1 Reply Last reply Reply Quote 0
                  • KOMK
                    KOM
                    last edited by

                    Packet capture.  Now is your chance to learn something new.  Start checking out some short tutorials on how to use Wireshark, which is a free packet analysis tool available for many platforms.  Anyone who is in charge of maintaining a network should have at least a basic understanding of Wireshark and packet analysis.

                    1 Reply Last reply Reply Quote 0
                    • johnpozJ
                      johnpoz LAYER 8 Global Moderator
                      last edited by

                      My money is on RST from their server ;)

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      1 Reply Last reply Reply Quote 0
                      • J
                        Jamerson
                        last edited by

                        We have contacted our ISP they said it appear something to happen with Layer 7.
                        we don't know yet for sure if they meant switch layer 7 which we don't have .
                        so tomorrow will have to ring them.

                        1 Reply Last reply Reply Quote 0
                        • KOMK
                          KOM
                          last edited by

                          https://en.wikipedia.org/wiki/OSI_model#Layer_7:_Application_Layer

                          1 Reply Last reply Reply Quote 0
                          • J
                            Jamerson
                            last edited by

                            We have managed to get this fixed,
                            it was the sticky connection option which is needed to be enabled.
                            after enabling this option stuff start working.

                            1 Reply Last reply Reply Quote 0
                            • KOMK
                              KOM
                              last edited by

                              it was the sticky connection option which is needed to be enabled.

                              Huh?  What 'sticky connection' option?  Where?

                              1 Reply Last reply Reply Quote 0
                              • GertjanG
                                Gertjan
                                last edited by

                                Here : System => Advanced => Miscellaneous => Load Balancing => Use sticky connections
                                Wonder why … Jamerson never spoke abound load balancing.

                                No "help me" PM's please. Use the forum, the community will thank you.
                                Edit : and where are the logs ??

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.