@guntery said in Captive portal manual logout page address:

uh? It logs out the user who goes to that page not all users.

I stand corrected.
Had to review the script and true, the caller gets logged out.
Sorry for the noise ^^

Thanks for the reply Gertjan, I appreciate the help. I ended up just looking through the PFSense source and using their passthrumac functions. I saved the following in /etc/phpshellsessions/myscript and call it with pfSsh.php remotely. It's working for me so far, at some point I'll need to write a second script for removing macs as well.

# Playback script to add a passthrumac # Usage: playback [this_script_name] [mac_address] [description] # Note: description can't have spaces in it. # Setup require("captiveportal.inc"); global $cpzone, $argv; $cpzone = 'guest'; $mac = array(); $mac['action'] = 'pass'; $mac['mac'] = $argv[3]; $mac['descr'] = $argv[4]; # Add MAC to config file $config['captiveportal'][$cpzone]['passthrumac'][] = $mac; # Unlock for editing unlock($cpdblck); # Generate firewall rules, write firewall rules from lines in temp file $macrules = captiveportal_passthrumac_configure_entry($mac); file_put_contents("{$g['tmp_path']}/macentry_{$cpzone}.rules.tmp", $macrules); mwexec("/sbin/ipfw -q {$g['tmp_path']}/macentry_{$cpzone}.rules.tmp"); # Update config file $writecfg = true; write_config(gettext("Captive Portal passthrumac configuration changed"));

I found some help in this thread. If I was writing this script from scratch I'd probably make some changes but I left it as close to the original PFSense source as possible.

@Gertjan when I select an interface, and try to save, I get an error: "you need to select at least one authentication server"

Edit: I had to click on "Local Database"to select, and then was able to save. I will try if the Captive portal is working now

@guntery said in Captive portal redirect pointless on Android system browser:

Does Apple do the same?

Now way. 'They' have the portal thing working well for many years now.
As does Microsoft with it's "Windows" OS's.

When you set up this :

da9a2fcd-f01a-4eab-b902-b6dd6ff772e9-image.png

then after a successfully identification the visitor is ones more redirect to that URL.
Or, by default, to the URL which the browser initially wanted to load.

@jaspras
Can you help me with the settings for accounting with MySQL database?

Oops sorry about the false alarm - it turned out being a browser cache issue .. amateur hour :)

@stephenw10
fantastic it works perfectly!
then ... in CP ALLOWED HOSTNAMES I added the destination www.salini-impregilo.com
in freeradius I removed the e.tomei user
in / var / log / radacct / datacounter / daily I have eliminated max-octets-e.tomei and used-octets-e.tomei
in freeradius the user was recreated with a 10IMG_2362_resize.JPG Mb quota

I am attaching some screenshots they are not well ordered but they serve the purpose

first test with a virgin phone
access to wifi-koysha OFFICE without entering credentials
the salini-impregilo.com website is perfectly accessible and accessible

second test with the same phone
I opened the android alert and completed logging into the SSID
I opened youtube and started a video ... which after 61 seconds stopped ... with 3Mb of share quite difficult
I reopened www.salini-impregilo.com and I can consult it and open the links within the domain!IMG_2356_resize.JPG IMG_2357_resize.JPG IMG_2358_resize.JPG IMG_2359_resize.JPG IMG_2365_resize.JPG IMG_2366_resize.JPG IMG_2364_resize.JPG

Yes you can still use Stripe payments, however, it has changed and you will have to click a box in your Stripe account to make it work. The tick box is you agreeing to be fully liable legally and financially for the unencrypted untokenized credit card details that you are passing to them, and thus you are taking on the full force of the compliance regulations.

If you are setup to do this, or are happy to pay a lot of money to make it happen, it will work.

Both Paypal and Stripe give you options that allow you to send the user to put credit card details directly on their sites thus removing any handling of credit card information by you. Unfortunately the Unifi system has not been updated for a long time and I wouldn't hold my breath on it.

I have looked at combinations of pfsense, coovachilli, freeRadius, with openwrt firmware and openwisp for management, but this time round I am now too short of time. Maybe work towards the next one . . .

@kiokoman said in Missing 29 February:

with squid and captive portal installed

Some how, it was pretty sure that @ilarioQ isn't using the captive portal.
He is probably ( ;) ) using DNS, so he could have post it's question also in the DNS sub forum ... or DHCP or ....
Anyway, not an issue.

It's squid that handles the name of its files.

@roundcube222 said in captive portal and no internet after authentication.:

I am using VMware with 2 NIC

Ah.
That just doubles the list with possible issues. And isn't something you should not omit to mention when asking question.
It , a VM, can works of cours,I use a pfSense from a Hyper-V VM, build into Windows Pro right out of the box. I had some virtual NIC issues at first (sound familiar ?), though, at first, mostly because I didn't RTFM first.
If you have a spare drive - some small 10+ Gbytes disk size will do, take the actual disk out of your PC, install the spare (to be emptied) disk into your system, and install pfSense bare-bone, from scratch.
It's worth a try.

Because you know it : it's not pfSEnse, your issue.

And which VoIP provider do you use? I would recommend Hottelecom to you, they have excellent customer support and will help you in all matters.

@newmem11 said in Check duplicate mac function!:

duplicate mac address is detected

The problem isn't "Voucher" in that case.
You've got someone on your network trying to mess things up.

Set the time-out to a higher value. People tend to disconnect / shut down their device every day or so. This will enable OS support to kick in when re activating the connection.

Hi,

Indeed, the captive portal is not compatible with transparent proxy

The reason why all traffic is allowed, is that all incoming traffic is redirected through squid before reaching ipfw

The best way to resolve this issue would be to have to pfsense

One hosting the captive portal and open acting as transparent proxy

Well, for some reason that I can't understand, there was a MAC address on the MAC's bypass list. It was a MAC unrelated to anything but a client device on our network.

All I know is that once that MAC was removed, CP started to work again. The problem is solved, but I'm not fully convinced I about the reasons that generated this problem.

Sir @Gertjan my bad it supposed to posted in in routing and multi wan. Anyway thanks.

@kiokoman thank you sir it works. Re-installed done. Thumbs up sir 👊