Let's go step by step, please.
1. When your user is logged in to the authpf shell, does that user receive this message, "Hello <userid>. You are authenticated from host <ip address>" ? If yes, the authpf shell is active. If not, you have a configuration problem.
2. While that user is logged in, what do you see when you issue this command on the gateway?
# pfctl -sr -a authpf/*
If you don't see rules, or, you see the wrong rules, you have a configuration problem.
3. What message do you get while that user is logged in, when you have tcpdump running on the gateway with the following command, and you try to reach your destination?
# tcpdump -neti pflog0 action block
I want to know what traffic is being blocked.
---
1. This will tell us if you have an authpf shell or not.
2. This will tell us if you have applicable rules enabled through authpf
3. This will show us what traffic got blocked. We know its blocked; we will be able to see what type of traffic it is and determine why it does not match a pass rule.
|