Captive Portal Login URL
-
-
@ahmetakkaya said in Captive Portal Login URL:
Your Connection Is Not Private
That's not a message from pfSense. It's a message shown on your device.
You know that no one on this forum works for Apple, Samsung etc. So why should I know what that message means ?
Don't take me wrong : what about 'thinking' a bit before asking a question ??
I don't know what your device means with that message, but, "as they are all the same" it probably means something about the Wifi.
Are you using a Wifi network with a password ?
if it is WPA3 encrypted, god, but then the portal users have also to type in the wifi password first. As said before, that's not needed /wanted on a public network.We both also now that most traffic is TLS (https) encrypted these days.
This means : no one on planet earth can decrypt that. That includes the 3 letter agencies. So who cares that your Wifi network is not encrypted ?!
Most professional portal users even use a VPN as soon as they are connected to a public portal, so now everything is encrypted twice.
True : DNS traffic is visible ....Btw : my iPhone X IOS15.x says : "Not a secured network". It's just a message - not a show stopper. I'm not going to use "WPA3 encrypted" on my captive portal network. Older people won't be able to type that 28 letter password : My public captive portal wouldn't get used any more as it is to much a of hassle.
-
no ssid password only captive portal login available
I think the devices giving error can't get the ssl certificate
I don't know why this is
-
@ahmetakkaya said in Captive Portal Login URL:
I think the devices giving error can't get the ssl certificate
Can't get ? Can't trust ?
How did you set up the https portal access ?
Possible that you state more details ?Your portal works well for :
Apple device ?
Microsoft devices ?
Other brand devices ? -
SystemGeneral Setup
Hostname:aaa
Domain:domain.comDNS Resolver
Host Overridesaaa domain.com pfsenseip
Captive PortalHTTPS Options
HTTPS server name: aaa.domain.com
SSL/TLS Certificate: domain.com (a valid certificate)no problem on windows operating systems
I'm having problems with mobile devices especially android systems
-
Will testing, always use a pass all (TCP, UDP, ICMP etc) on your captive portal interface.
And to make live easy on you, use a dedicated captive portal interface, not the LAN interface.
By nature,your LAN is a trusted interface, and your captive portal is not, as it will accept device that you do not trust (otherwise you wouldn't use the captive portal in the first place).The principal captive portal issues are listed here : Troubleshooting Captive Portal
and you'll see that most issues are ..... (of course) : DNS.
For example : if a devices uses DoH or DoT (using port 835), it's game over right away.
-
@ahmetakkaya said in [Captive Portal Login URL]
https://aaa.hostname.com:8003/index.php?zone=xxxx
8003 I want to access the port from outside, so is it possible to access the portal page?
-
@ahmetakkaya said in Captive Portal Login URL:
8003 I want to access the port from outside
What is outside ?
The portal works form the captive portal interface. -
aaa.hostname.com Can I access the portal page by forwarding the address to port 8003?
-
You want to use the portal access from 'somewhere' on the Internet ?
I never saw a setup like that.The captive portal is designed to give a devices on a local network acess to the Internet, and other selected resources.
Devices that are already on the Internet don't need access t the Internet, they already have it.If you want to access local resources from the outside, use a VPN.
