Hello Thanks for your  answer. In the first case we was just transfering our old 2.03 configuration into  a new machine with 2.1 installed. It is one Wan net and three subnets  ( 4 network cards in total ) Immidiately the day after we got messages from the users that the AIRBUS maintenance site could not be properly loaded. When we looked at it was like bits and pieces were left out. When we put his computers MAC in pass list everything works fine. But we do not want to open full internet access to these people as they dont need it. I tested this on our second 2.1 pfsense site and got the same result. After that i tested www.aftonbladet.se this one gets totally broken on 2.1 but loads ok in my 2.03 site. However this morning i did the same test with www.yahoo.com and this one does not work neither in 2.03 or in 2.1. These sites may load other additional pages i suppose but as it works in 2.03 with aftonbladet. se ( who also loads tons of other pages ) it should normally work in 2.1 as well. best regards Toby

I pushed a fix that might possibly help this in case it was not a config issue.

It will be replaced.

Just adding this thread here [image: loopthread.PNG] [image: loopthread.PNG_thumb]

You could always redirect them to something other than your main page.  Maybe a "You are now connected to the Internet" page or something. Also seems like your eMarketing team is being sort of whiny.  They could always just discard the hits from the DHCP scope in question.

Are you using "per user bandwidth restrictions"? And/Or "Bandwidth Up" / "Bandwidth Down" values on the allow hostname?

An Update…. I've now been running using allowed IP rather than allowed host for some time without any problems at all. So there is an issue with the DNS lookup process that updates the ipfw tables.

:(i need some help with my CP templates..im suck on web design..can u help me check my templates coding  ? :(

you'd have to use radius accounting for that. i'm sure there are numerous posts on this forum about accounting

Portal interface are meant to accessed by humans who use web navigator devices. xbox's shouldn't be on a network with such an interface. Take down the portal interface or be ready to type son MAC's. Better yet, slide in another NIC in yout pfSEnse box and make a OPTx 'xbox-only' network segment. And before you ask: no, sorry, a filter like "Are you an xbox, then go ahead" doesn't exists.

tnx for answer :D

I'm using a remote syslog-ng server configured with a mysql backend.  From there, I have cron triggered scripts that e-mail me statistics on all captive portal events.

Solved the problem by connecting the LAN by OpenVPN and checking the option  'Disable MAC filtering' Thank you