@sdtelecom: Try to set the Maximum Concurrent Connections to 1. hope this helps This didnt helps. Minimum of value is 4, max 100.

Ok, Anyway it works now, that's the important thing.. ;D

Theoretically it's the same handling, but it works with 2.1 In 2.0.2 and 2.0.3 the last activity date isn't reseted nor updated always. So pfsense logouts useres just after login. I use an external Radius server for authorization.

Got it, thanks wallabybob is working  ;D

Replying to my own post: Turned out that indeed the layer 2 filtering was turned off! The culprit is: net.link.ether.ipfw!!! Once turned on:                         sysctl net.link.ether.ipfw=1 Everything just started working! The question is: Do I need to put this is /etc/sysctl.conf? /wai-sun

@rhy7s: Have you considered Gargoyle Router instead? You could set up a fairly hands-off quota and throttle system. No, I need a captive portal to control and log access by user account, regardless of what computer or device they're using. Right now Zeroshell seems to be working, so I don't want to upset things.  If Zeroshell's rudimentary logging becomes a problem then I'll revisit other solutions like pfSense.

The place I used one, it was attached directly to a windows PC. It could not attach to pfSense. What you'd normally do is export a roll of vouchers from pfSense to a CSV file and them import it into windows somehow (e.g. LO Calc, Excel, etc) and then print them to the printer from there in a batch, and then have them hand out the slips as needed. If you want "on demand" printing where the vouchers are not printed until they're requested, that's a lot harder. It would involve a program on the front desk PC that could trigger the printing of just one voucher at a time from the roll. Possible, but not as simple as pre-printing them. Someone else here may have better advice for that.

I had the same problem here. output of pkg_info | grep mysql is: mysql-client-5.5.21 Multithreaded SQL database (client) mysql-server-5.5.21 Multithreaded SQL database (server) After running: touch /etc/php_dynamodules/mysql /etc/rc.php_ini_setupphp -m | grep mysql mysql mysqlnd /etc/rc.restart_webgui No result. But when I restart the webconfigurator bij the menu (option 11)  phpinfo() gives me a positive I guess a bug

An alternative to this is to use an IP address of the NTP server instead of its hostname :) or Make sure that your NTP server hostname is resolvable by your DNS server. it should boot faster.

@Nachtfalke: Or adjust the DHCP lease times. But the lease time should not be lower than the hard timeout set on CP. Ok I will try this. My hard time is 30 minutes. I gave lease time 2000 seconds.

I'm not sure what the relation is between both code dumps? Can you give us some more information? Can you see that the actual post request is done``` ($.post('captiveportal-x.php', $("#testform").serialize());) To see this you need to change the return of function 'mycall' instead of 'false'

ok, ipfw is used to manipulate the stateful firewall, found that.  so when I executed the ipfw command to delete two rules concerning a test mac, the firewall did indeed deny outbound and inbound access to the machine without logging into the captive portal. Now, one would think that the passthrough mac address page would, when refreshed, show that this mac has been deleted, but no.  so obviously the information is being cached somewhere.  Even though it showed as a pass through mac, ipfw had successfully (of course) deleted the rule.  When I edited the mac entry, and saved it, it went back into the ruleset for ipfw. Question remains:  where is this information cached?  is it encrypted?  Standing by…...  :)

I just tested voucher codes from roll0 and roll1 which I generated nearly two years ago.  None of the voucher codes were reported invalid. I wonder what is different about your test.

NO. That you can enforce with proxy servers like squid etc…. You can install the squid proxy and have that done but ssl traffic still cannot be modified like that.