Whatsapp video and voice calls stopped working
-
Hi,
Ever since we upgraded to 2.6, whatsapp audio and video calls stopped working on our guest network. We're using a captive portal and I did apply the system patch (and rebooted) - still no go. I disabled the captive portal, didn't help. The guest network is on a qtagged VLAN on a separate network interface so maybe that is not covered by the patch. Any idea ? -
Did you disable all Captive Portal zones? Do you have Limiters configured?
Do you see anything blocked in the firewall log?
Steve
-
@stephenw10 Hi Steve,
I don't fully get your remark: if I disable the captive portal, the zones don't really matter I guess. The clients just get connected straight away once they select the visitor network.
No limiters configured and I see nothing related in the firewall logs. Already took a (quick) look with WireShark but so far I didn't find a root cause ... -
You might have only disabled the captive portal for the guest interface and still had it running on a different interface which would still create the issue.
Did you reboot the firewall after disabling the CP? ipfw is not loaded at boot but disabling it after boot does not unload it.
Does any UDP traffic work? The patch that addressed this allowed UDP to pass. Without it only TCP traffic passes the CP.Steve
-
@stephenw10 Hmm - didn't reboot after disabling the CP - only after applying the patch. Going to try that later today (and check other UDP traffic).
If that works, it means that the patch is not working ... -
It could be something else. The patch should allow UDP traffic to work with the CP still active.
If it works after rebooting with the CP disabled that implies some other interaction between ipfw and something. If so that's something we are not aware of. The issue with ipfw and Limiters restricts all traffic not just UDP. Also we are assuming this is a UDP issue because the previous time we saw whatsap video fail it was.
Steve
-
@stephenw10 :-( No go - disabled CP and rebooted, still no WhatsApp audio/video calls on the guest network which means it's not the captive portal UDP issue ...
-
@stephenw10 Well well
I tried a call while looking at the filter log on the console and I notice:
Jun 17 18:45:00 pfSense filterlog[49090]: 4,,,1000000103,em1.199,match,block,in,4,0xc0,,64,48162,0,DF,17,udp,240,192.168.22.174,157.240.247.62,49261,3478,220and from nslookup:
Name: edgeray-shv-01-ams2.facebook.com
Address: 157.240.247.62So now need to find out where/why it get's blocked ... em1.199 is VLAN 199 on NIC em1
-
-
@polle said in Whatsapp video and voice calls stopped working:
1000000103
Yup, that's the default deny rule. So what pass rules do you have on that interface? Have you accidentally set TCP only? A common error.
Steve
-
@stephenw10 I'm going to throw myself from a bridge ... On my personal pfSense box I had only TCP enabled (as you suggested) - how did I ever manage to overlook that - it was standing there right before my eyes.
On the other box (very similar setup) - it's most likely the same issue, will check that later -
It's very easily done. Ask me how I know!