1
17.1 Legacy Series / sysctl net.pf.share_forward=0 breaks captive portal redirection
« on: February 14, 2017, 01:59:23 pm »
Hello,
I was testing multi-WAN this morning and I faced the problem reported in https://forum.opnsense.org/index.php?topic=4462.0
Once setting "net.pf.share_forward" to "0", multi-WAN works (I validated both fail-over and load-balancing), however this seems to break the captive portal redirection.
So, when "net.pf.share_forward=0", even for a client that does not have an active session in "Services -> Captive Portal -> Sessions" :
- it is possible to load an HTTP resource w/o being redirected to the CP
- it is possible to load an HTTPS resource w/o being redirected to the CP
- it is not possible to ping an external resource : this requires an active session to be enabled.
Thanks for investigating this issue.
I was testing multi-WAN this morning and I faced the problem reported in https://forum.opnsense.org/index.php?topic=4462.0
Once setting "net.pf.share_forward" to "0", multi-WAN works (I validated both fail-over and load-balancing), however this seems to break the captive portal redirection.
So, when "net.pf.share_forward=0", even for a client that does not have an active session in "Services -> Captive Portal -> Sessions" :
- it is possible to load an HTTP resource w/o being redirected to the CP
- it is possible to load an HTTPS resource w/o being redirected to the CP
- it is not possible to ping an external resource : this requires an active session to be enabled.
Thanks for investigating this issue.