Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allowed hostnames/ip addresses for paypal sloooooow

    Scheduled Pinned Locked Moved Captive Portal
    2 Posts 1 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      islandwifibill
      last edited by

      Hi ev1,

      I've noticed that connections are often incredibly slow going to paypal, even though I've added just about every ip address having anything to do with them (determined by watching the state table report connections in various states and then confirmed via nslookup on my name server).  I've also put every hostname, cname, etc I can find in our walled garden (allowed hostnames).  There are no firewall rules blocking these addresses.

      Almost every paypal IP address begins with "66.235." although anything might show up in the last two octets.  So I've fooled around with 66.235.0.0/x and found something that seems to work-ish.  My concern is that this allows some connections that may have nothing to do with paypal.  And paypalobjects.com is VERY hit and miss.  According to google, it can be caused by various wireless dongles, etc.  However, I have had no trouble connecting to paypalobjects when logged in to the captive portal wirelessly.  It's only when I try to allow it through for people to sign up that the problems arise, and this correlation alone convinces me that there is something amiss with the CP setup in pfsense.

      QUESTION:  well, it's pretty general really:  wtf is going on with the captive portal and the walled garden?

      Is this some bug in 2.0.1?  I tried an upgrade several weeks ago to 2.0.2, but ran into problems so I rolled it back.

      This is a huge pain in the ass for us, as it discourages customers from signing up.

      P.S. – if you're a socialist with a smart attitude, don't bother replying.  :)

      1 Reply Last reply Reply Quote 0
      • I
        islandwifibill
        last edited by

        bump

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.