@cmb: most likely the fastcgi crashing problem in 2.0.2. We're about to release 2.0.3, you can get the pre-release here. http://forum.pfsense.org/index.php/topic,58203.0.html which will likely fix the issue. Thank you very much for the fast response.  I'll get it updated as soon as possible.

That's a bug in 2.0.2, fixed in 2.0.3. You can get 2.0.3-PRERELEASE here: http://forum.pfsense.org/index.php/topic,58203.0.html

Thanks, will try to upgrade.

ok, thanks.

Hello ! Throwing pfSense_interface_listget in Google gives you this: http://forum.pfsense.org/index.php?topic=47304.0 Tried that ?

Hi there. Stop wondering. All wifi-hotspots have mostly Microsoft Windows system-based users** You're actually stating that the Captive Portal doesn't work for you. There is good news, and bad: you're wrong  ;) ** The exception might be: Apple's main headquarters.

What about using the freeradius2 package and then using the ldap option within that package?

ou'll need to buy a SSL cert issued by a CA that is included in all the popular browsers, or the user will get a big scary warning. check out 'startssl' . free ssl certs supported by major browser vendors. The free one is only valid for 1 year, the paid certs are cheap and last longer. i'm using this with pf CP atm

Perhaps the question is very elaborate, the simple question is: is there anyway to change the Hard Timeout, ie that at any time you can add more time to "hard timeout" per user? thanks

Pass-through users are only found in the ARP table, when they're seen at all. Being passed through means they do not hit the portal at all, so there is no concept of being "logged in".

https://github.com/pfsense/pfsense/blob/master/etc/inc/captiveportal.inc#L277

It syncs the rolls when they are made, and it also syncs the usage when a user logs in and starts using a voucher, iirc. So there wouldn't be a need to periodically resync the whole DB when it happens as they are used.

@wallabybob: In pfSense version 2.1 snapshot builds the User Manager (System -> User Manager in web GUI) allows users to be assigned to groups and there is a group permission for "Login to captive portal". So it would appear you can accomplish what you describe by using "local authentication" in captive portal. I haven't tried this and I haven't checked availability in pfSense 2.0.x builds. I try this method (local authentication) and also Radius server (internal and external), it worked very well BUT there is NO WAY to disable a group of users to access internet at the same time. It appears that it must be done one-by-one, and for my needs it's a mess. I wish to disable/enable internet access to a group of 20/30 users at the same time… It seems no possible with pfsense. [UPDATE]: I realize that this function is added in pfsense v. 2.1 beta. You can choose at group (or user) level if the user/group can authenticate to Captive Portal.

One answer useful for all: in order to have it back, backup configuration, remove everything between the tags named logouttext and restore the file. Ciao

Thanks for pointing me in the right direction.  However my knowledge of this area is not sufficient to be able to work how to do it.  The reason the links mentioned earlier do not work is, apparently, the post was taken down by the user. If anyone has a saved copy of the Tutorial I would appreciate it if they reposted it. Also where does the CP store user credentials? Jodel