@Gertjan thank you for yor answer .

? ?

edit : oh, I get it. Another error.

@susobaco SOLVED !!!! The captive portal does not redirect to the login page on IOS devices

Hello, SOLVED!!!!!! After trying all possible combinations, in the end, I found the error. It was my fault, when customizing the captive portal, I didn't write the code well or I don't know what I did. Putting the default design that brings pfsense, ios devices open the login window to connect to the wifi without any problem. Thank you all for your help and patience.

@romeomarco09
you could publish the php or the files you used for this case.

@Gertjan shodan.io is a service that scans the internet for known exposure and for vulnerabilities

i remember you are french, so I link you here a video in French on the subject https://youtu.be/SxjmOFBtsvk

Thanks dear for your kind reply. I solved my problem that I created another portal to handle the pfsense CP pages to the users and now everything is going perfect EXPECT I need to add a code to my logout page to get the close event from the pages with a warning message to the users that "if you close this page will be logged-out" then if the user confirm this warning message I will force the logout button before closing.
Your suggestion is highly appreciated :)

Captive portal works best with a MAC address.

The fact you receive the MAC from your AP means : your AP is works in router mode - it's not a real AP.

Disable the router mode, do not use the WAN port if it has one - disable it's DHCP server if it has one.
If your pfSense captive portal NIC has 192.168.69.1/24 - give it a static IP like 192.168.69.2 / 24 - gateway 192.168.69.1 - DNS 192.168.69.1

@free4 it's ok now, it on captive portal user group thats why i cannot print my vouchers hehehe, btw. tnx

@Derelict Thanks!

What is your question ?

pfSense and/or the captive portal has nothing to do with a 'modem'.

Great, I haven't even reached that problem yet, I just can't get redirect to work. Guess it was just a fluke that I got it working at the 1 site.

Thanks,

@Gertjan Thanks for your reply, I'll try to change the page, in case I can't write again.

Hi,

This :

@zak_coslat said in Slow redirect after successful authentication:

Database insertion is very quick

is important.
I'm quiet sure you can also check quickly ( read this so you know how to check ) that the device's MAC and IP are added to the two ipfw tables that are related to your captive portal instance.
ipfw is the firewall the captive portal portal is using for it's magic.

Which means : it's all open ...

Btw : the GUI firewall rules for the interface that the captive portal is using are ok, right ?

If you have the possibility to add a cert - one that is signed by a know and recognized cert authority like Letsencrypt - to your captive portal's login page you will see things speed up quiet a lot. You can use the acme package to handle all the details.
The bad news is : you will be needing a domain name like "my-site-network.tld" and have to create a cert like "portal-my-site-network.tld" and use this cert on the captive portal's setup so the portal login page will get loaded using https.
( and will you're at it, ask the entire "wild card" cert for "*.my-site-network.tld" so you can also use it for your pfsense.my-site-network.tld and nas.my-site-network.tld and printer.my-site-network.tld etc etc on your local network (for all your https capable devices )

@free4 thank you a lots sir . I guess i ll do it with browser then. have a nice day :)

hi

this is a known bug : https://redmine.pfsense.org/issues/7553

the issue seems related to ipfw and its interactions with the freebsd kernel, it can't be resolved easly.

@fmattbp said in [Solved] Slow captive portal on smartphones:

just a little update.
I issue the certificate as example.mydomain.com and

What I do : I asked for a wild card cert.

@fmattbp said in [Solved] Slow captive portal on smartphones:

portal loads instantly in every device

I'm seeing the same thing. Actually, we all know why : browser prefer by far https sites I guess, before they fall back to old school 'http'.

@akuma1x said in simple toggle for children VLAN:

Ok, if it's all hard wired, how about sacrificing a small smart switch (because you said VLAN's) and power said switch with one of those "smart home" wifi power outlets?

The power outlet thingie can be turned on and off on a schedule, or even better, on demand with a smart phone app.

https://www.amazon.com/Gosund-Compatible-Required-appliances-Certified/dp/B079MFTYMV

If the switch doesn't have power, then the network traffic isn't going to pass. I'm NOT saying it's bullet-proof, or kid-proof either, but it could be a cheap & easy way to do this.

We will consider that, thanks. Maybe we could even toggle the existing switch-port via FHEM somehow.

@lexxai Yes, I've found this site

https://knobelbecher.net/vouchergenerator/

It gives you (on the botton of the page) a new index.php that is patched for the QR code.

got it working just fine Thx