greets, I am new to this list, afai see my issues weren't mentioned before, so I think they aren't FAQ ;-)
Both seem to be WebGUI-issues. I installed from scratch onto CF-card, running on an older ALIX board. Restored my backup pulled from the former 2.11 core 62 installation.
My DHCP-setup seemed to be there, but didn't work ... fixed leases were visible but didn't get pulled by the devices (laptop, tablet, phone).
Maybe I should have rebooted once more (I think I did anyway ...), will retest after writing this mail.
Additional: tried to re-add a fixed lease via GUI. I usually want to say "add fixed lease for this MAC currently using a dynamic lease" ... then MAC and IP are "copied" into the field "Neue Zuordnung", I normally edit the IP (and description), then ADD.
Now the dynamic lease gets added to the fixed lease before, so the MAC is already there and ADDing fails.
(minor issue aside: typo in german dhcp.gi: "Globaler Bereich oder begenze Bereich" ... should be "begrenze")
-
With IPSEC I had the case of mismatching display: connected tunnels seemed disactivated and vice versa, see attachment. Right now it looks ok. Will retest w/ other tunnels soon.
Greets, Stefan (rebooting now)
Hey Stefan,
On Wed, 2012-09-12 at 19:07 +0200, Stefan G. Weichinger wrote:
My DHCP-setup seemed to be there, but didn't work ... fixed leases were visible but didn't get pulled by the devices (laptop, tablet, phone).
Please hit the save button on the DHCP page one more time, sometimes the settings are not completely restored after a backup. That's because we need to regenerate the configuration files.
Additional: tried to re-add a fixed lease via GUI. I usually want to say "add fixed lease for this MAC currently using a dynamic lease" ... then MAC and IP are "copied" into the field "Neue Zuordnung", I normally edit the IP (and description), then ADD.
Now the dynamic lease gets added to the fixed lease before, so the MAC is already there and ADDing fails.
This should also be the same in IPFire 2.11 because dhcp.cgi has not been touched in ages.
With IPSEC I had the case of mismatching display: connected tunnels seemed disactivated and vice versa, see attachment. Right now it looks ok. Will retest w/ other tunnels soon.
Couldn't find the attachment, but I guess I know what you mean. Could you please provide the output of "ipsec status" when the display error is happening?
Also, does anything change when you refresh?
Michael
Am 12.09.2012 19:58, schrieb Michael Tremer:
Couldn't find the attachment, but I guess I know what you mean. Could you please provide the output of "ipsec status" when the display error is happening?
Also, does anything change when you refresh?
I have it right now.
One tunnel active, but shown as "GETRENNT" (should we write in german? ;-) ).
# ipsec status Security Associations (0 up, 0 connecting): none
This was after stopping another tunnel via GUI.
Refresh or clicking "IPSEC" in the GUI doesn't change things.
When I check off "Aktiviert" (-> not set, disabled) and "Speichern" ... it comes back with "Aktiviert" set -> enabled.
And now magically after another Refresh that one tunnel is GREEN again.
# ipsec status Security Associations (1 up, 0 connecting): tunnel[1]: ESTABLISHED 92 seconds ago, 213.xxx[...... *SECRET tunnel{1}: INSTALLED, TUNNEL, ESP SPIs: c68b5716_i 2c8fbcf4_o tunnel{1}: 172.31.98.0/24 === 10.1.1.0/20
S
On Wed, 2012-09-12 at 20:29 +0200, Stefan G. Weichinger wrote:
Am 12.09.2012 19:58, schrieb Michael Tremer:
Couldn't find the attachment, but I guess I know what you mean. Could you please provide the output of "ipsec status" when the display error is happening?
Also, does anything change when you refresh?
I have it right now.
One tunnel active, but shown as "GETRENNT" (should we write in german? ;-) ).
# ipsec status Security Associations (0 up, 0 connecting): none
This was after stopping another tunnel via GUI.
Refresh or clicking "IPSEC" in the GUI doesn't change things.
When I check off "Aktiviert" (-> not set, disabled) and "Speichern" ... it comes back with "Aktiviert" set -> enabled.
And now magically after another Refresh that one tunnel is GREEN again.
# ipsec status Security Associations (1 up, 0 connecting): tunnel[1]: ESTABLISHED 92 seconds ago, 213.xxx[...... *SECRET tunnel{1}: INSTALLED, TUNNEL, ESP SPIs: c68b5716_i 2c8fbcf4_o tunnel{1}: 172.31.98.0/24 === 10.1.1.0/20
It's hard to keep track of what you are doing.
So, when the connection should be disabled, it is still functioning? Or is it not functioning (as it is supposed), but the WUI is showing a wrong connection status?
Michael
Am 12.09.2012 19:58, schrieb Michael Tremer:
Please hit the save button on the DHCP page one more time, sometimes the settings are not completely restored after a backup. That's because we need to regenerate the configuration files.
I assumed something like that, yes ... seems to work now ... will monitor ...
Now the dynamic lease gets added to the fixed lease before, so the MAC is already there and ADDing fails.
This should also be the same in IPFire 2.11 because dhcp.cgi has not been touched in ages.
It was the first time I saw this issue. And I had to change my usual procedure (not a real problem).
Maybe some mismatch because of the not yet so regenerated config-files? (see above)
With IPSEC I had the case of mismatching display: connected tunnels seemed disactivated and vice versa, see attachment. Right now it looks ok. Will retest w/ other tunnels soon.
Couldn't find the attachment, but I guess I know what you mean.
Yep, forgot the pic. You saw it on twitter today.
Could you please provide the output of "ipsec status" when the display error is happening?
Will do as soon as I hit it again?
Also, does anything change when you refresh?
In the situation back then it didn't change. I will see if it happens again or if I can reproduce by starting and stopping tunnels.
Stefan
ps: regarding this mailing list:
Why do the headers of the mailing-list-mails not contain a "List-Id" ? I use that for server-based filtering with other lists. Very handy ...
-
Michael Tremer -
Stefan G. Weichinger