@DanielSHaischt:

RTFM  ;D

http://www.freebsd.org/cgi/man.cgi?query=fetch&apropos=0&sektion=0&manpath=FreeBSD+6.2-RELEASE&format=html

He is "too lazy" to read a manual.  He wants everyone to spoon feed him so he doesn't have to "lift a finger"

:rolls eyes:

Sorry, I was wrong with my last post.

The problem still exists. After a reboot, no access from inside to outside without creating and deleting a dummy-nat-rule.

Regards,
Manue

yea i know syncing is hard…
so then I'll speak to Jonathan to find out if we can change to native php support in mono

PS: Why it takes 16sec to bring up the CP page comparing to 3 sec in mono?

This probably is best adressed at the m0n0 mailinglist. The CP is just a port of their code. Please verify this behaviour with a recent m0n0 before posting there.

@jeroen234:

user must have access to port 8000  (this is where the portal lives)

Yes, anything prior to recent snapshots needs a rule on the interface to permit traffic to port 8000.  Recent snapshots automatically install the needed rules behind the scenes.

Thanks for the clarification.

Maybe I should look into radius servers instead of pfsense. Maybe it is possible to get a radius server to pull parts of its database from a central server while using a local database at the same time…

Christian

After reading thru the thread before posting by post I had noticed that and have set it up accordingly. The DHCP server that assigns IP addresses on that interface assigns the interface as the primary DNS server.

Still NO go.  ;-(

If this works note that you will have to change it this way whenever you touch the captive portal settings and hit save.

You need to have flash installed. It's a flash tutorial movie.

It has worked for me up until now, just make sure that you don't use vi to edit the user file, for some reason it doesn't like the way it writes it.  Radius must also restart after each change to the user file to read in the new changes before the new users will be able to authenticate.

Oh, I must have accidentally left that section out.  :-[

Got it and worked. Thanks a lot.

normally when you access website the page is going to cp portal for authenicate. you can see conneting pang in under bar
(1) opening page http://192.168.1.254:8000/zzzzzzzzzzzzzzzzzzzz something like this
and the page to authen username and password. but some pc in my network can't to be process (1)
but some pc can not to be in process(1) has been opening page http://websitetogo and have error

The page cannot be displayed

i don't know what happen in my network
1 lan 192.168.1.254/24
1wan 192.168.0.254/24

No NAT

Hi,

That zip file seems to be corrupted.
New dl location is: http://www.leinonen.org/pfsense.html

Br,

Ville

hmm, I set up a fresh config like this with 1.0.1 and it worked fine.  Do all NAT entries stop working or is it something more specific?  What version of pfsense?  Normal behavior of the captive portal is to block outgoing access until credentials can be verified.  All hosts, unless specified in the passthrough, will not be able to reach the WAN until said credentials are provided and verified.  Do you get redirected to the portal page at all?

After you enable the captive portal log in and type

as well as

and post the results.

@mibo:

@ Hank

if you can change CP to use a login box like htaccess and use Internet Explorer it can be work.

IE with the default settings try to logon on local networks with the credentials of the active Domain User.
I don't know if the CP Page is recognized as a local Site?

Hi mibo

Sorry for the long absense.

Can you elaborate 'login box like htaccess' a bit?  I'm a newbie so I don't have much knowledge with these issues.  But I'd like to try this as a possible solution.  You mention specifically IE, does it ork with other browsers too, like Firefox and Opera..?

Looking forward to try this out

regards

Hanks

My (rather expensive) solution… add another wrap board with m0n0wall use pfsense as gateway only and run captive portal on the m0n0 box...
Wouldve used m0n0 as all-in-one except they dont support cards that use the ath driver...

However with both wrap boards in place... it works great!!! :)

host on an external server and allow access to that servers ip to cp users without authentication…

Also check the names of the files... u could try taking the '-' out although i dont see why that should cause any problems... and check for .jpg as opposed to .JPG that caused a problem for me once...