Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Unable to Sync Rules without XMLRPC Code 2 error

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    23 Posts 6 Posters 12.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sullrich
      last edited by

      Please send your config.xml to sullrich@gmail.com

      1 Reply Last reply Reply Quote 0
      • G Offline
        gjungle
        last edited by

        I'll send it first thing tomorrow when I get to work..

        1 Reply Last reply Reply Quote 0
        • S Offline
          sullrich
          last edited by

          Before you send and just for grins, reboot the secondary CARP cluster member and try to sync again.

          1 Reply Last reply Reply Quote 0
          • G Offline
            gjungle
            last edited by

            I've rebooted both of them multiple times whilst making changes and verifying the situation to no effect  :-\

            However this morning I have had a breakthrough!  In reconfiguring the firewall in preparation for sending you the config.xml, I found that it worked if I set the protocol on both firewalls to HTTP.  Just to verify I changed the protocol on both firewally back to HTTPS and sure enough got the "communications error" again when trying to sync.

            I'll reset the password to a more cryptic one and re-enable device-polling in HTTP mode to see if it still works.

            At least we've managed to narrow it down a bit further… did you still want a copy of my config.xml?

            1 Reply Last reply Reply Quote 0
            • S Offline
              sullrich
              last edited by

              Did you change the admin username?

              http://wiki.pfsense.com/wikka.php?wakka=CARPConfigurationSyncTroubleShooting

              1 Reply Last reply Reply Quote 0
              • G Offline
                gjungle
                last edited by

                No, I didn't even know you could change the admin username  :o

                1 Reply Last reply Reply Quote 0
                • S Offline
                  smurfb
                  last edited by

                  I got the same problem. Running 1.2-RC2. Did you guys ever figure out what was wrong?

                  1 Reply Last reply Reply Quote 0
                  • S Offline
                    superwutze
                    last edited by

                    i recently updated 2 carp-firewalls from 1.0.1 to 1.2-rc2 (because of the failover-pool-feature) and am now stuck with the same problem:

                    php: : An error code was received while attempting XMLRPC sync with username admin https://10.10.11.252:8443 - Code 2: Invalid return payload: enable debugging to examine incoming payload
                    

                    as long as there are no changes on node1 the sync works, states get synced, carp works, but when changes are made then the error shows up. but the states sync on. so live carp works, changes in rules or aliases not.

                    i tried all the above to no success.
                    any new ideas?

                    thanks in advance,
                    andy

                    1 Reply Last reply Reply Quote 0
                    • N Offline
                      nic
                      last edited by

                      I too am having this problem.  1.2-RC2, recent upgrade.  We have tried everything else listed above and are unable to get anything other than:
                      Oct  2 16:28:00 pri php: : Beginning XMLRPC sync to http://192.168.255.2:80.
                      Oct  2 16:28:00 pri php: : An error code was received while attempting XMLRPC sync with username admin http://192.168.255.2:80 - Code 2: Invalid return payload: enable debugging to examine incoming payload
                      Oct  2 16:28:00 pri php: : New alert found: An error code was received while attempting XMLRPC sync with username admin http://192.168.255.2:80 - Code 2: Invalid return payload: enable debugging to examine incoming payload

                      We have tried HTTP as well as HTTPS.  We have checked the user name and password.  We have no luck with sync of rules turned on or off.
                      Our question is how do we "enable debugging to examine incoming payload"?  We see know way to do this, and cannot find mention in the documentation.  We have tried changing the default setting for debug in the class constructor for XML_RPC_Client and in the "new" call for XML_RPC_Server (in xmlrpc.php).  We are not even sure where we should expect to see this debugging information emerge.

                      Can anyone provide some guidance on this?

                      Thanks in advance,
                          -nic

                      1 Reply Last reply Reply Quote 0
                      • C Offline
                        cmb
                        last edited by

                        nic:  Run this from a SSH session:

                        tcpdump -i fxp0 -s 1515 -tttt -w /tmp/sync.pcap src or dst 192.168.255.2

                        replace fxp0 with the interface you're using to sync. Then go to your CARP Settings page, verify your settings, and click Save. Wait a couple minutes, check your logs and make sure it's failed, and go back to your SSH session and hit ctrl-c.

                        Then go to exec.php and download /tmp/sync.pcap and email (cmb at pfsense dot org) it to me.

                        superwutze, I'd ask you to do the same but you're using HTTPS so examining the network traffic to find the underlying cause isn't possible.

                        1 Reply Last reply Reply Quote 0
                        • S Offline
                          sullrich
                          last edited by

                          http://devwiki.pfsense.org/CARPConfigurationSyncTroubleShooting

                          1 Reply Last reply Reply Quote 0
                          • S Offline
                            superwutze
                            last edited by

                            i tried http/https, various ports and passwords, various carp-configurations (what to sync) and so on.
                            the link to the wiki was already posted above and i considered it carefully but to no success.

                            a note to special characters: the default generated rules already contain '-' in their description, also the aliases get comments added with timestamps in them containing ':'. so i guess those characters are ok (but i have non other than [[:alnum:]] in my own rules and descriptions, not even blanks).

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.