21.1.7 "The backup firewall is not accessible (check user credentials)." SOLVED

[clarknova]

I'm getting this error while trying to perform an initial synchronisation between two OPNsense boxes. I have confirmed that

• target IP is correct (pfsync interface)
  
• user is root
  
• password is correct
  
• pass rule in place for TCP/443 on pfsync interface
  
• firewall log on target shows pass rule working
  
• tcpdump on target shows S>A>P>F packets between both hosts on pfsync interface
  
• another pair of OPNsense firewalls with apparently same config (but different passwords) syncing just fine

In System: Log Files: General on the target host after attempting to sync I see

2021-06-22T10:57:45   api[21532]   [2021-06-22T10:57:45-04:00][error] no active session, user not found   
2021-06-22T10:57:45   api[21532]   [2021-06-22T10:57:45-04:00][error] no active session, user not found

What am I missing?

[clarknova]

I changed the password and now it works. The old password had a colon ( in it, maybe that was a problem for XMLRPC.

[random1104]

I'm having the same issue. I wonder if there's a list of supported characters for the password for that usecase. My current password works for Web GUI & SSH, but seems to brake synchronization.

Just took out "&", still not working, have to take out each symbol one by one :/

Edit: it was a colon

[franco]

Thanks for reporting... This should fix it: https://github.com/opnsense/core/commit/376ee793c9

# opnsense-patch 376ee793c9


Cheers,
Franco