Thats great to hear!!

Okay I tested this again and found some minor errors…

png wasn't working.

Anything upper or mixed case wouldnt have worked:

ie: Jpg

If you are running a full installation do a cvs_sync.sh releng_1 && shutdown -r now

If not, Diagnostics, Edit file and overwrite the code with this:

http://cvs.pfsense.com/cgi-bin/cvsweb.cgi/pfSense/etc/inc/system.inc?rev=1.79.2.38;content-type=text%2Fplain;only_with_tag=RELENG_1

@clamothe:

It seems like that would be true, since I doubt the computers will be talking through the router to get to another computer on the LAN.

True.

@clamothe:

Another thing that I'd like to do is open up ports UDP 27000 to 27015 and TCP 27020 to 27050 for Steam.  Open them up so that all internal users (including non-authenticated) can access WAN servers via those ports.  Is there some way I can bypass the portal for this?

You can't open up single ports but you can specify passthrough IPs as destination that are always allowed. So add the Steam IPs there and you are fine. For everything else the clients have to authenticate then.

No.

Send it over to the m0ther too  ;D

i will try tomorrow…very good job .... :) ...i'll become after

I can't speak to the status of the package but the RADIUS auth should work fine with an external RADIUS server (except for the 16 character password limit).  I use RADIATOR personally but it's a payware perl based solution.  It should work fine with any compliant RADIUS server.

You want the radius client on the pfsense box to use the MAC as the username?  Or is it that you want the box to just allow a set of known MACs?

I agree - 'solved'. See other post concerning same mather.

@rexster:

i didnt think it's problem with wds.
coz, i just try out a friend's engenius wsr3800 wireless with built in authentication (captive portal)
and using same wds with linksys wrt54g/gs
all clients can successfully login,
even those clients connected to the furthest repeater can still login with no problems.

Checked that.

Have a [ADSL modem] <–-> [pfSense Box {=>OPT1 interface}] <–--> [switch] <–-> [WRT54GS as AP+WDS] <–--- radio link ----> [WRT54GS as AP+WDS] <–- radio link ----> [Client PC].

The Client PC can login to the captive portal on the pfSense box, and then has access to the net.

The question is: what firmware (in your AP's) are you using  ;)

Linksys routers are as PC's: depends on what software you're using to make them fly…  :D

Captive portal doesn't work on a bridged interface. It has to be a seperate subnet and the clients of this subnet have to use the pfsense dnsforwarder as dns.

@m1s1u:

Is it possible to display MAC address of the client machine on the portal login page? If so how to achieve this?

Actually, its possible - to have it on the 'Logout' box….
Add this:

To the file /usr/local/captiveportal/index.php
on line 316 (search for the other LogoutWin.document.write…. code).
Edit - save - Done

Hi again,

No comments on this..?

Can anyone running beta 3 check if they are able to successfully save changes to the captive portal gui page?

Here a http error 404 is thrown immediately after clicking the Save button.  When reloading the page no values have changed.

I cannot even use the captive portal /file manager to save my custom captive portal http pages.

Everything else from the webgui seems to work ok.

To help me out, in which folder can I manually save the custom http pages?  And where dio I assign their filenames?

Secondly, if I make changes in config.xml, how do I apply the current config.xml to the pfsense config?

Thanks a lot for comments

best regards

Tor

action accept
proto: tcp
source: LAN net
port: any
destination: RADIUS net
port: 1812-1813
gateway: default

Well, seems like the newest firmware fixed my issue.  4-06-06 firmware
Thanks,
Andy Morris

Hi,
User is still able to login to multiple pc's simultaneously with one username and password.

Captive Portal setup as follows:
Enabled
Interface: LAN
Idle timeout: 60 m
Hard timeout 240
Logout popup: checked
Disable concurrent login: tried both (checked and unchecked)
Disable Mac filtering: unchecked
Authentication: local user manager
thanks

thanks sullrich that did it, ur great.