I eventually sorted it out. The problem was for a remote registration network and something on the network had changed causing the return path to be different in the routing. ________________________________ From: Eric Rolleman Sent: Friday, January 14, 2022 9:50 AM To: packetfence-users@lists.sourceforge.net <packetfence-users@lists.sourceforge.net> Subject: Cannot connect to the captive portal
I am having issues connecting to the captive portal. I checked to see if haproxy-portal is running and it is: # /usr/local/pf/bin/pfcmd service haproxy-portal status Service Status PID packetfence-haproxy-portal.service started 127989 I used curl from a computer on the registration Vlan to try and get a little more detail: $ curl -v -L https://packetence.domain.com:443/captive-portal * Trying 10.242.21.1:443... * TCP_NODELAY set * Connected to packetence.domain.com (10.242.21.1) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to packetence.domain.com:443 * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to packetence.domain.com:443 This made me think it is a certificate issue, so I copied /usr/local/pf/conf/ssl/server.pem to a test server and setup apache to use the certificate with success, so there isn't an issue with the certificate so far as I can tell. The packetfence admin WebUI reports the certificate as valid. I tried manually re-entering the certificates in just in case at " Configuration > System Configuration > SSL Certificates " and restarted haproxy-portal, but I still have this problem. I'm running out of idea as far as what to investigate.
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users