Buenos días:  he experimentado este mismo problema, lo único que resuelve temporalmente es resetear la configuración por defecto del ie 11.  Al hacerlo la página de autenticación del portal cautivo carga correctamente y permite el ingreso dar click en continuar.

@cnd.fflv:

ok, thanks.

2 questions:

1. what should be in $my_redirurl?
2. what URL will this page have? I want that users be able manually to get to this page when they need to logout…

PfSense fills the $my_redirurl variable
The user can't access this URL directly. Search the forum, you have to do a bit more to get that working

@paoloc:

In this case, is it possibile to set the time delay on captive portal to force it to waiting the response

Check the Max Request Timeout Value in the FreeRADIUS Settings ;-)

@albegior:

I need to create one System User that can ONLY ADD, EDIT or REMOVE captive portal users and don't access anymore to all other pfsense system pages, is it possible?

Hi,

how about FreeRadius with a LDAP or MySQL Backend?
There are nice tools to manage Radius Users via scripts or handy web interfaces.

That's not an error, it's just what gets logged when ipfw is loaded, which is a normal part of captive portal.

Always use an opt interface to your users side . You can use LAN but not recommened

Just curious: Does adding a trailing / make a difference?

If you disconnect the user via the CP Status (or Widget), your pfSense will handle it for you.
The Radius will get a disconnect and it will store it on your SQL Backend.

Just delete the accounting Table has no effect (works as designed). The DB can't send a Access Stop to the radius, it has to be the other way around :)

@tsudenoconsigliere:

i was using the Max-Daily-Session on my CP with FreeRadius2 and MySQL and made an a username and password on table radcheck
with a Max-Daily-Session of 2hours per day of 7200 seconds per day, i was wondering if i could display the remaining time left on the logout page?

Hi,

two options:

Native PHP with the Info of pfSense (Search the Forum, but you need to patch pfSense to get this info for non voucher users)

Use PHP and Query your Database. You will need to use the radacct Table and do some math ;-)

Have fun.

@MacandraNet:

So my question is, what is the simplest way to receive messages if somebody fills the form in the captive portal?

Why not using PHPMailer? https://github.com/PHPMailer/PHPMailer/
Works fine for me…
I use an Smarthost (with authentication) to sent my mails if special events happens.

Works fine, even if you use Google as Relay.

P.S.: You will find great howto's for PHPMailer ;-)

Thanks for both replies, that was what I was looking for (I know, next time look harder - lol).

Thank you very much for your suggestions. I'm going to take a close look onto your ideas.

But first I have to give you my recent observation: As you can see in my logs, I logged every time onto the Pfsense-Server. I logged by klicking on the CP-Login-Page 192.168.123.1:8000 (using a SSH-tunnel to the Server). It resulted in a login in the auth.log. As you see, I was thrown out within 60 Sec. This was also mentioned in the log. Today I used the local computers.
Result:

Oct 28 08:00:02 pfsense logportalauth[723]: LOGIN: gd, 02:0f:b5:c8:2f:1f, 192.168.123.106 Oct 28 08:32:01 pfsense logportalauth[55266]: TIMEOUT: gd, 02:0f:b5:c8:2f:1f, 192.168.123.106 Oct 28 08:54:31 pfsense logportalauth[723]: Voucher login good for 269240 min.: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 10:08:49 pfsense logportalauth[68280]: xyxyxy invalid: TYPO illegal character (U) found in 4U2RG8 !! Oct 28 10:08:49 pfsense logportalauth[68280]: FAILURE: xyxyxy, 5c:8d:4e:3b:c3:9d, 192.168.123.173 Oct 28 10:09:18 pfsense logportalauth[68280]: Voucher login good for 269165 min.: xyxyxy, 5c:8d:4e:3b:c3:9d, 192.168.123.173 Oct 28 10:20:36 pfsense logportalauth[7555]: Reconfiguring captive portal(Seminar). Oct 28 10:21:37 pfsense logportalauth[91985]: TIMEOUT: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 10:54:43 pfsense logportalauth[81922]: TIMEOUT: xyxyxy, 5c:8d:4e:3b:c3:9d, 192.168.123.173 Oct 28 11:19:44 pfsense logportalauth[23891]: Voucher login good for 269094 min.: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 11:19:59 pfsense logportalauth[23891]: CONCURRENT LOGIN - REUSING OLD SESSION: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 11:19:59 pfsense logportalauth[23891]: Voucher login good for 269094 min.: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 12:04:56 pfsense logportalauth[80944]: TIMEOUT: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 12:37:36 pfsense logportalauth[97699]: Voucher login good for 269017 min.: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 13:23:11 pfsense logportalauth[43792]: TIMEOUT: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 13:28:47 pfsense logportalauth[43520]: Reconfiguring captive portal(Seminar). Oct 28 14:12:04 pfsense logportalauth[43039]: Voucher login good for 268922 min.: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 14:13:46 pfsense logportalauth[43039]: Voucher login good for 268920 min.: xyxyxy, 5c:8d:4e:3b:c3:9d, 192.168.123.173 Oct 28 15:05:51 pfsense logportalauth[43039]: DISCONNECT: xyxyxy, 84:a6:c8:38:26:ba, 192.168.123.147 Oct 28 15:34:11 pfsense logportalauth[27574]: TIMEOUT: xyxyxy, 5c:8d:4e:3b:c3:9d, 192.168.123.173 Oct 28 15:34:44 pfsense logportalauth[43301]: LOGIN: gd, f0:de:f1:be:6f:f1, 192.168.123.108 Oct 28 16:24:20 pfsense logportalauth[44795]: TIMEOUT: gd, f0:de:f1:be:6f:f1, 192.168.123.108

Unbelievable, isn't it? It seems to work! Everywhere - except on the Pf-machine! Well, I searched the responsible inc-File to learn, why it is so. But this is goint to take longer. In the moment I'm just happy, that it works (and possibly worked before).

Michael

I want a voucher to be used by only one user and no one else.
Is it Possible?

Rogério
Campinas, São Paulo, Brazil.

on my part.

I'm using a 6 to 7 length in voucher

using my mac terminal

1. openssl genrsa 31 > key.private
2. openssl rsa -pubout < key.private >key.public
3. cat key.private
3.1 copy the keys
4. cat key.public
4.1 copy the keys

hope it helps,

He is probably using my software using his NAS as webspace and had difficulties finding the user frontend to request a code via SMS (which was my fault, I forgot to include it in the latest revision). I just realized that I answered his (quite more specific) question on administrator.de (or the same question from a user with the same username  ;) ).