OPNsense Forum
Archive => 15.7 Legacy Series => Topic started by: Dean E. Weimer on October 06, 2015, 08:50:34 pm
-
I have 3 VLANs setup on my LAN interface, native VLAN 1, for normal LAN traffic, a VLAN 2 for a GUEST Interface, and VLAN 3 for another, limited interface (same as guest minus captive portal). When I enable the Captive Portal service on the GUEST interface the OPNsense stops forwarding traffic from the OpenVPN tunnel to the LAN interface. I have to disable the Captive Portal and reboot the OPNsense Firewall before it begins forwarding traffic again.
It appears as if the captive portal settings are getting applied to the OpenVPN tunnel interface in addition to the GUEST interface. But of course I don't get an authentication prompt.
The OpenVPN tunnel is a client to another OPNsense firewall which is functioning as the server, I can use the packet capture utility in diagnostics to verify that traffic is passing through the tunnel from the remote end, and hitting the OpenVPN interface of the local OPNsense firewall. But is never forwarded outbound on the LAN interface.
Has anyone else tried to use a captive portal on an OPNsense firewall that also had an OpenVPN client tunnel connection, and or VLANs on the LAN interface to verify whether or not they have seen this issue as well?
-
Hi Dean,
it sounds like a problem with ipfw not forwarding the traffic correctly. Ad should look at it if it's easily fixable, if not he is already working on a captive portal replacement with a fully compartmentalised ipfw workflow that will likely fix the issue or will at least make it easier to pin the problem down.
I'll report back soon. :)
Franco