Look at this.  Just follow the instruction there.

http://forum.pfsense.org/index.php/topic,2966.0.html

Thank you! I know where is the mistake ? I don't register the IAS server in active directory! Thank you also!

thanks for replying.
for now, i used the method described in link above and it is working fine on 1.2RC3.
If you have time, it will be nice to have

any info on this?

/f

Did you try with full url ?

Something like : http://www.google.com

Worked for me as I can remember…

If you're refering to the pass-through lists, then yes.
I had already added all my machine's MAC addresses to the list before turning on the Captive Portal.

hi

all applications are working with my clients, my setup is as follows:

squid page general settings:
proxy interface: lan
allow users on interface: checked
transparent proxy: checked
enabled logging: checked, "useful for squid report"

squid cache management:
keep all with default values and modify as per your computer specifications
enabled offline mode: checked

captive portal:
enable captive portal checked
interface: lan
idel timeout: 10 minutes
concurrent user logins: checked
authentication: local user manger "make sure you add users

all done

all applications should be working with your clients

good luck

Captive portal bypass is either all or nothing, unfortunately this isn't possible.

it would be unsuported but you can add stuff with the command

pkg_add -r <package>eg pkg_add -r openldap</package>

search –> Captive portal multiple interfaces

--> No not possible.

Interesting I will give this a go. I changed the password to be only numbers which solved it as I guess numbers are more "universal" in character sets..

i know it can run on PC, but damn we deployed so many units of diferent equipment, not even nesesary Mono or PF … and in all location we just never had enouph extra space...

and still I dont understand why do it as separate package? The functions of per user bandwith control are quite usefull! amd user traffic monitorng are useful as well... I was trying to find why we were not able to see user bandwith but had no lack, something just does not populate the array although the accouting data is send to the radius on session terminate

use zeroshell live CD if you want to do this

I have the same problem. I have a freeradius Server which authenticates users from Active Directory using  EAP-TLS authentication. I want configure pfSense captive portal to authenticate against Freeradius server but user authentication fails.
I think  the  problem is that captive portal misses EAP-TLS authentication.
Is there any configuration ?

try this:

Disable MAC auth, as all devices from behind a router will all have the router MAC address in the TCP header. (Layer 3 networking…)

make sure the clients DHCP server has pfsense ip as the DNS server.

in the CP config I also add a dns override for the hostname of the pfsense box as configured in the cp config page, set to the lan address of the pfsense box.

also, but not likely as it works without CP:

be sure the router has only one default route, which is the pfsense lan address

make sure pfsense has a route that is the routers lan address for the client network behind the router

I have this working in 2 production networks.

-Mark

Better late than never.

http://netw3rks.com/services_captiveportalNP.htm

-M@