I try Radius 3 also, but it seems to be the same.

I try to check with the Log, but it shows nothing

Under normal conditions it will start automatically. You will have to provide more detail about your specific configuration, including:

Which FreeRADIUS version? If it's 2.x, uninstall that and install 3.x and try again. How is FreeRADIUS configured? You mentioned MySQL, is it supposed to use that? What other options do you have enabled? Show any radiusd log messages from the system log during boot time

If nothing else, you can install the service watchdog package and have it babysit FreeRADIUS to keep it running.

@Gertjan:

Check the backup file you imported.
They are there ?
The file should have a name like config-your-host-and-domaine-20170718085441.xml and is VERY well readable by a human.
If they are NOT in the file, well ….

Just checked and it does have the users.

<md5-hash>531501fb668ac7198544acf912d9c624</md5-hash> <name>qwerty</name> <expires><authorizedkeys><ipsecpsk><uid>2009</uid> <user><scope>user</scope> <password>$#$%^&#%TFSDDFDSR#$</password></user></ipsecpsk></authorizedkeys></expires>

Anyway I'm good as long as the accounts are no longer active.

Cheers!

Hi dude. Did you resolve your problem? Can you share?

Push up …

Any Ideas?

Hi

Thanks, but the ipfw command not working, I have try all commands of this topics

https://doc.pfsense.org/index.php/Captive_Portal_Troubleshooting#Zones

[2.3-RELEASE][admin@]/root: ipfw -x guest show
ipfw: Context 0 is invalid
[2.3-RELEASE][admin@]/root: ipfw -x zone1 show
ipfw: Context 0 is invalid
[2.3-RELEASE][admin@]/root: ipfw
ipfw: usage: ipfw [options]
do "ipfw -h" or "man ipfw" for details
[2.3-RELEASE][admin@]/root: ipfw -x zonel show
ipfw: Context 0 is invalid
[2.3-RELEASE][admin@]/root: ipfw -x LAN_GUEST show
ipfw: Context 0 is invalid
[2.3-RELEASE][admin@]/root: ipfw show
ipfw: Context is mandatory: No such file or directory
[2.3-RELEASE][admin@]/root: ipfw -x context list
ipfw: Context 0 is invalid
[2.3-RELEASE][admin@]/root: ipfw_context -l
ipfw_context: Command not found.
[2.3-RELEASE][admin@]/root:
[2.3-RELEASE][admin@]/root: ipfw_context -1
ipfw_context: Command not found.
[2.3-RELEASE][admin@]/root: ipfw -x LAN_GUEST show
ipfw: Context 0 is invalid
[2.3-RELEASE][admin@]/root: ipfw -x 2 show
ipfw: setsockopt: choosing context
[2.3-RELEASE][admin@]/root: ipfw zone list
ipfw: Error returned: Unknown error: -1
: Invalid argument

do you know why ?

The plan is to both have a time limit for the users and to limit the amount of traffic for the users.
Regarding the timing issue, I know that this is difficult when not having a users database to authenticate against. The only way would be to use the device's Mac addresses and to check when they logged in for the first time and then measure the time from then…

Regarding the amount of traffic, I currently use ntopng to monitor and count the traffic the users are generating and as soon as they reached the 400 MB, I add their IP address to the firewall's block list. That's not a really convenient solution, as it involves manual tweaking where I thought ipSense could help...

Are anonymous hotspot really that rare that there's no support needed for such features?
(I think the free WiFi hotspots are becoming more and more common ... I think that the CP in pfSense would be even more attractive if there were more options for anonymous users... But's just my opinion. I still find it a great product and I can get what I need ;-) )

Regarding the suggestion with FreeRADIUS: This would be a great solution, but I have to create the users (i.e. the Mac addresses) first in order to be able to authenticate against the user database. As I don't know the Mac addresses of the customers, this is quite difficult... Best would be if such users be generated on the fly by the RADIUS server...

Didn't we already go over this in this thread.

https://forum.pfsense.org/index.php?topic=133348.0

That you could just create a firewall rule to block access on your wifi router 2 network, and that you didn't need to nat it, etc. etc.

ok it works now, thank you NogBadTheBad!

You have to manage the contents of the MySQL database yourself. Neither the package nor pfSense will do that for you.

@mbutz89:

I keep getting this error: PHP ERROR: Type: 1, File: /var/etc/captiveportal_guest.html, Line: 20, Message: Allowed memory size of 134217728 bytes exhausted (tried to allocate 112082944 bytes). Has anyone ever encountered this issue and is there a fix for it? Thank you for any future replies.

This file does not belong to a clean install of pfSense.
Some one (probably you) uploaded  "self made files" and they do not respect the syntax (html or PHP) or you try to include files that do not exist.
Put thinks back as they ware originally and you'll be fine.

Even generating a new roll leaves trhe CSV empty. I'm really in trouble with that. Anyone any idea?

I got voucher_gaeste_active and voucher_gaeste_used for each roll in /var/db. but where are the unused vouchers saved?

Thanks for the reply.

By meaning of it:

How can I create block rule in fw without blocking CP?

I wanted to add the firewall rule than blocks all the traffic at the end of list, so that CP rules for redirection, and rules that allows users IP + MAC to pass apply before that rule.

https://forum.pfsense.org/index.php?topic=110577.0

I use these rules (see image) to enforce that users can only contact the DNS resolver running on pfSense.
Abusing this DNS server (the one pfSense uses)  for tunneling purposes …. I don't know ...

dns-pfsense-portal.PNG
dns-pfsense-portal.PNG_thumb

Use /etc/rc.restart_webgui like the example shows, that will restart nginx instances for the GUI and Captive Portal. It happens quickly, there isn't really any incentive to restart only one or the other for something as infrequent as a certificate update (once per month at most, could be as rare as once every 90 days)

Great !