Hello good people. I have an issue with the new release.
Grouping clients on blue by editing the ‘Devices on blue’ list from Firewall>Blue access in WUI is not possible anymore. The IPs assigned automatically don’t refresh/ change after rebooting IPF or deleting the wifi and reconnecting on clients devices. The IPF is oblivion to the manually edited IPs from that list.
I checked wireless/config MAC-IP entries and they are correct, they are the same as in WUI. It was not a problem on previous 199 version. Grouping is required not only for allowing access to GREEN by IP, but to have clients orderly herded in blue by some criteria.
Right now, the Blue Access in WUI shows two lists - Devices on blue and Curent DHCP leases with the same clients having distinct IPs.
Anybody? Thank you.
I think you need to show some screen shots to explain what you mean. I am not 100% sure I am understanding your issue.
I just entered 4 entries into the Blue Access WUI page and they all were entered without any problem. I was also then able to edit entries and the contents that were displayed also changed in line with my edits.
It may be that I am not understanding the problem you are experiencing.
I also checked and the last change to the code for that WUI page was in 2021.
Thanks Albert. You are the heart of the party here as always.
Before upgrade I had all clients in blue grouped by IP to fit the local network strategy. But after upgrade (clean install, no back up) I hit this issue. Clients don’t refresh the IPs - once I had them added from ‘Curent dhcp lease’ list to the ‘Devices on blue’ and gave them the IPs in the old structure. They seem to stick with the IPs they received randomly when landed in blue. As I recall a disconnect/ reconnect from/ to the wifi would be enough to refresh the IPs. But that doesn’t happen. After several days and various intents to force refresh including rebooting. It’s not the WUI I found the Devices on blue list at /var/ipfire/wireless/config and the IPs coincide, are the ones I gave to have clients grouped. What do I miss?
To be more clear. In Blue access page there are two lists. Curent DHCP leases and Devices on BLUE. Once the clients connect via wifi you add them from the lower one (Leases) to the upper one (Devices). And once there (in Devices) as far as I recall you can change their IPs and have them more ordered. I remember that in 199 I added a rule to kill the restrictions and then one by one manually all clients in Devices list. And they all connected without sweat. Not with fixed IP, outside the assigned range via DHCP menu, but in Blue access menu in the range assigned for DHCP. Am I wrong? Do I miss something?
I am sorry to insist, i don’t want to criticise or something, but I think it’s better to clear this things as they remain as future references for users having same issues… not to say might be swallowed by a speedy AI and served as god knows what.
This is what wiki says>
What I understand is that once a client is adopted in BLUE devices list “you can choose the IP”. It’s what I am trying to achieve with no luck. '“Choosing” a different IP from the one a client receives when first lands on BLUE is not possible, the device stick with the first IP it gets.
The second phrase from wiki is terribly vague. Disabling the DHCP for BLUE and adding manually the client IP to the Devices on Blue List, does’t serve, client never gets IP and connection fails.
This is a knot I found after upgrade. And there’s more, the wpad issue on DHCP>Advanced options is alive. I guess there IS a glitch in the WUI… I would like to discuss it - its not the order of entrances, WUI does’t recognise the value (wpad) from field. And adding the values through bash leads to ghost entries.
I really don’t want to be a pain in the butt and I apreciate a lot your effort and dedication to your project from which we all benefit, it’s very noble and generous what you are doing.
I am sorry but I was busy doing other things over the weekend and so did not have the time to respond back.
Secondly, I can’t really help you with any actual experience on this as I disable the mac checking in the Blue Access WUI page as per the documentation.
https://www.ipfire.org/docs/configuration/firewall/accesstoblue#disable-mac-address-filtering-for-all-clients
However generally if you are using dynamically provided IP’s via your dhcp for your blue clients then the IP can be different for the same mac address, depending on how many clients you have and the order in which they connect and whether the previous lease has run out or not. The blue access then is just ensuring that only allowed mac addresses are allowed to get an dynamic IP from the dhcp.
If you want to have a fixed IP provided for each client then you can do that in the dhcp by specifying a fixed ip for each mac address. In that case you no longer need to also filter for the mac address in the blue access page.
No you can’t change the IP in the blue access page.
You can specify an IP instead of a mac address if you have specified fixed leases in the dhcp, but the IP has to then be the one that is specified for a certain mac address in the dhcp fixed leases list.
You can not use the blue access page to change the IP address for a specific client with a specific mac address. That is done only in the dhcp page.
Thanks Adolf. And sorry for being pushy.