thanks!

It apparently waits quite a long time for something to happen (blue progress bar loads to about a third) but then presents me an ERR_CONNECTION_TIMED_OUT.

I clicked around in status and found the services running like seen on the picture below. Don't know if that helps.


@asistio04:

@mendilli:

for the username and ip;open captiveportal_logout.html which is in "/var/etc"

add this line anywhere you want to display the client username and client ip

LogoutWin.document.write('USERNAME =

');
LogoutWin.document.write('YOUR IP =

');

you are very welcome

Thank you for this ,,,tested and working

Captive portal is not compatible with squid (at least transparent) on the same node. You could have an upstream caching/filtering node with the portal node behind it though.

@ThePirat:

Thank you very much Derelict, I'll try and let you know if it works

Best,
Cristian

ps…yes, I have configured my pfsense two vlan yet

such could you solve your problem.? If you've been able to solve what was the solution if you would be so kind. Regards.

@Gertjan:

Your image shows that you used a Gateway ("GLOBAandPLDT") in one of your rules.
Why ?

There is something far more easier as vlan-tagging : use a separate interface (a second internal interface, also called OPT1) for your non trusted clients (the captive portal).
Office devices go on the LAN interface.

Thank you for the concern's we have a one interface for two service provider to prevent our server downtime, for the disconnect

@asistio04:

is it possible to bypass the captive portal using a vpn on the phone or pc?

VPN trafic is just a TCP or UDP stream, coming from an IP, going to another IP.
Without the pfsense firewall (captive portal) being instructed to let it out, the IP of you device will be blocked.
So, short answer : No.

@yaman.amin:

I also intersted to know is there any special Firewall rules can I configure to get the best security features , in my acptive portal WLAN Network
I decided to deploy Snort , kindly ask you if there is other packages or rules can man use to enhance security?
thanks for feed back

Snort will prevent this kind of event?

Hi,
I tried to download the files from those links you provided, they are counted correctly.
I am using 2.2.4.

It works great !! I thank you  :)

1111111111111111111111111111111111111111

@Gertjan
thank for your long explanation. And I'm glad to hear that our neighbor has the same shitty law.

In our case the third member are renter in our house (Student flat). Normally we can trust them. But confidence is good, control is better.  ;)

VPN was the first idea. I saw the all the problems from configuration to compatibility and our user don't have much experience in computing. So VPN is to complex. Setting up an VPN server is no option, because we are glad to have a stable server now. So never change a running system. ( I keep thin option in mind, but my primary aim is to login via the web interface)

I noticed your judicial aspect. The pf-Sense should only protect the internet access owner. If a user get hacked, give the password to a friend or something else, than it is the problem of the user. We need to lists internal IP <-> web IP (collected by the firewall) and internal IP <-> user (collected by the CP).
BTW to get access to the pf sense you have to login in our intranet over some AccessPoints which are protected by WPA2 password.

– back to the problem
My aim is to login via web interface to send an POST request via command line to server.

@Gertjan

PS : try using curl.

That is what I had tried. (see the quote of my first post). But this doesn't work.

Response is nothing, no request, no login.

The response is an new login form. no login. The POST-URL is copied in the redirect field.

I think there is another security feature, which reject my POST requests.

Captive portal doesn't care. Physical, virtual, doesn't matter.

Hi, Magura,
Please test the settings as described in this link:

https://forum.pfsense.org/index.php?topic=106119.0

thank you very much!

??