Thanks for the reply Gertjan, I appreciate the help. I ended up just looking through the PFSense source and using their passthrumac functions. I saved the following in /etc/phpshellsessions/myscript and call it with pfSsh.php remotely. It's working for me so far, at some point I'll need to write a second script for removing macs as well. # Playback script to add a passthrumac # Usage: playback [this_script_name] [mac_address] [description] # Note: description can't have spaces in it. # Setup require("captiveportal.inc"); global $cpzone, $argv; $cpzone = 'guest'; $mac = array(); $mac['action'] = 'pass'; $mac['mac'] = $argv[3]; $mac['descr'] = $argv[4]; # Add MAC to config file $config['captiveportal'][$cpzone]['passthrumac'][] = $mac; # Unlock for editing unlock($cpdblck); # Generate firewall rules, write firewall rules from lines in temp file $macrules = captiveportal_passthrumac_configure_entry($mac); file_put_contents("{$g['tmp_path']}/macentry_{$cpzone}.rules.tmp", $macrules); mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry_{$cpzone}.rules.tmp"); # Update config file $writecfg = true; write_config(gettext("Captive Portal passthrumac configuration changed")); I found some help in this thread. If I was writing this script from scratch I'd probably make some changes but I left it as close to the original PFSense source as possible.

@Gertjan when I select an interface, and try to save, I get an error: "you need to select at least one authentication server" Edit: I had to click on "Local Database"to select, and then was able to save. I will try if the Captive portal is working now

@guntery said in Captive portal redirect pointless on Android system browser: Does Apple do the same? Now way. 'They' have the portal thing working well for many years now. As does Microsoft with it's "Windows" OS's. When you set up this : [image: 1583835398937-da9a2fcd-f01a-4eab-b902-b6dd6ff772e9-image.png] then after a successfully identification the visitor is ones more redirect to that URL. Or, by default, to the URL which the browser initially wanted to load.

@jaspras Can you help me with the settings for accounting with MySQL database?

Oops sorry about the false alarm - it turned out being a browser cache issue .. amateur hour :)

@stephenw10 fantastic it works perfectly! then ... in CP ALLOWED HOSTNAMES I added the destination www.salini-impregilo.com in freeradius I removed the e.tomei user in / var / log / radacct / datacounter / daily I have eliminated max-octets-e.tomei and used-octets-e.tomei in freeradius the user was recreated with a 10[image: 1583218178942-img_2362_resize.jpg] Mb quota I am attaching some screenshots they are not well ordered but they serve the purpose first test with a virgin phone access to wifi-koysha OFFICE without entering credentials the salini-impregilo.com website is perfectly accessible and accessible second test with the same phone I opened the android alert and completed logging into the SSID I opened youtube and started a video ... which after 61 seconds stopped ... with 3Mb of share quite difficult I reopened www.salini-impregilo.com and I can consult it and open the links within the domain![image: 1583218087634-img_2356_resize.jpg] [image: 1583218100655-img_2357_resize.jpg] [image: 1583218118958-img_2358_resize.jpg] [image: 1583218140747-img_2359_resize.jpg] [image: 1583218213725-img_2365_resize.jpg] [image: 1583218238253-img_2366_resize.jpg] [image: 1583218267949-img_2364_resize.jpg]

Yes you can still use Stripe payments, however, it has changed and you will have to click a box in your Stripe account to make it work. The tick box is you agreeing to be fully liable legally and financially for the unencrypted untokenized credit card details that you are passing to them, and thus you are taking on the full force of the compliance regulations. If you are setup to do this, or are happy to pay a lot of money to make it happen, it will work. Both Paypal and Stripe give you options that allow you to send the user to put credit card details directly on their sites thus removing any handling of credit card information by you. Unfortunately the Unifi system has not been updated for a long time and I wouldn't hold my breath on it. I have looked at combinations of pfsense, coovachilli, freeRadius, with openwrt firmware and openwisp for management, but this time round I am now too short of time. Maybe work towards the next one . . .

@kiokoman said in Missing 29 February: with squid and captive portal installed Some how, it was pretty sure that @ilarioQ isn't using the captive portal. He is probably ( ;) ) using DNS, so he could have post it's question also in the DNS sub forum ... or DHCP or .... Anyway, not an issue. It's squid that handles the name of its files.

@roundcube222 said in captive portal and no internet after authentication.: I am using VMware with 2 NIC Ah. That just doubles the list with possible issues. And isn't something you should not omit to mention when asking question. It , a VM, can works of cours,I use a pfSense from a Hyper-V VM, build into Windows Pro right out of the box. I had some virtual NIC issues at first (sound familiar ?), though, at first, mostly because I didn't RTFM first. If you have a spare drive - some small 10+ Gbytes disk size will do, take the actual disk out of your PC, install the spare (to be emptied) disk into your system, and install pfSense bare-bone, from scratch. It's worth a try. Because you know it : it's not pfSEnse, your issue.

And which VoIP provider do you use? I would recommend Hottelecom to you, they have excellent customer support and will help you in all matters.

@newmem11 said in Check duplicate mac function!: duplicate mac address is detected The problem isn't "Voucher" in that case. You've got someone on your network trying to mess things up.

Set the time-out to a higher value. People tend to disconnect / shut down their device every day or so. This will enable OS support to kick in when re activating the connection.

Hi, Indeed, the captive portal is not compatible with transparent proxy The reason why all traffic is allowed, is that all incoming traffic is redirected through squid before reaching ipfw The best way to resolve this issue would be to have to pfsense One hosting the captive portal and open acting as transparent proxy

Well, for some reason that I can't understand, there was a MAC address on the MAC's bypass list. It was a MAC unrelated to anything but a client device on our network. All I know is that once that MAC was removed, CP started to work again. The problem is solved, but I'm not fully convinced I about the reasons that generated this problem.

Sir @Gertjan my bad it supposed to posted in in routing and multi wan. Anyway thanks.

@kiokoman thank you sir it works. Re-installed done. Thumbs up sir

Hello, here is my version of the script : <?php require_once("/etc/inc/util.inc"); require_once("/etc/inc/functions.inc"); require_once("/etc/inc/captiveportal.inc"); /* read in captive portal db */ /* determine number of logged in users */ $count_cpusers = 0; /* Is portal activated ? */ if (is_array($config['captiveportal'])) { //only one zone if(isset($_GET["cpzone"])){ $cpzone=$_GET["cpzone"]; $count_cpusers = count(captiveportal_read_db()); } else { /* For every zone, do */ foreach ($config['captiveportal'] as $cpkey => $cp) { /* Sanity check */ if (is_array($config['captiveportal'][$cpkey])) /* Is zone enabled ? */ if (array_key_exists('enable', $config['captiveportal'][$cpkey])) { $cpzone = $cpkey; /* Zone selected -> count users and add */ $count_cpusers += count(captiveportal_read_db()); } } } } echo $count_cpusers; ?> Here is how i check it with centreon : #!/bin/bash url=$1 libelle=$2 warningvalue=$3 criticalvalue=$4 if [ $# -eq '4' ] then #get the value value=$(curl -sk $url) # UNKNOWN if [ -z "$value" ] then echo "UNKNOWN - unable to establish the value returned" exit 3 # OK elif [ $value -lt $warningvalue ] then echo "OK - $value $libelle| value=$value" exit 0 # WARNING elif [ $value -gt $warningvalue ] && [ $value -lt $criticalvalue ] then echo "WARNING - $value $libelle| value=$value" exit 1 #CRITICAL else echo "CRITICAL - $value $libelle| value=$value" exit 2 fi else echo "Usage $0 url \"description of the value\" warningvalue criticalvalue" exit 1 fi this script is used like this : check_http_value https://10.11.0.1:8005/captiveportal-count-online-users.php?cpzone=captive_portal_r "users connected" 150 200 OK - 127 users connected| value=127 maybe it is possible to improve this with using the $HOSTADRESS$... and here is the final result in centreon : [image: 1580974956995-c72b9eb7-9918-4ca8-8ebb-dc293d957f71-image.png]

@Gertjan Thank you for this! I am not at home now, but will definitely check this when I return and report in with my findings. Appreciate the assistance.