Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allowed IP Address does not work in captive portal

    Scheduled Pinned Locked Moved Captive Portal
    24 Posts 6 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      net-mas @Gertjan
      last edited by

      @Gertjan

      why can I then enter IP networks in the mask?:
      377c0992-2390-49c1-a289-d5ae170f03a1-image.png

      susobacoS 1 Reply Last reply Reply Quote 0
      • susobacoS
        susobaco @net-mas
        last edited by susobaco

        @net-mas said in Allowed IP Address does not work in captive portal:

        why can I then enter IP networks in the mask?:

        I have tried both /32 and /24 and /16 masks and it does not work either way.

        N 1 Reply Last reply Reply Quote 0
        • N
          net-mas @susobaco
          last edited by net-mas

          @susobaco
          here - my picture:
          cc0e17fd-9054-4318-8a37-66e6d3bf18cc-image.png

          the functionality is contained directly in the upper right corner of the GUI. So more precisely, the developer cannot point out that he supports IP networks

          susobacoS GertjanG 2 Replies Last reply Reply Quote 0
          • susobacoS
            susobaco @net-mas
            last edited by

            As far as I could observe, the script (I guess php) to configure the "Allowed IP Address" page does not correctly save the configuration in the corresponding "rule" file. This would explain, in my case, that no output is obtained when executing "pfSsh.php playback pfanchordrill" in the "pzoneid_2_allowedhosts" section.

            N 1 Reply Last reply Reply Quote 0
            • N
              net-mas @susobaco
              last edited by

              @susobaco said in Allowed IP Address does not work in captive portal:

              As far as I could observe, the script (I guess php) to configure the "Allowed IP Address" page does not correctly save the configuration in the corresponding "rule" file. This would explain, in my case, that no output is obtained when executing "pfSsh.php playback pfanchordrill" in the "pzoneid_2_allowedhosts" section.

              Unfortunately, none of that means anything to me, I'm not that deep into the PFSense system. I would only be interested here if you can manipulate it: Can you find a variant of how it is stored correctly and thus used correctly with the subnet specification? In other words, is it just a GUI error or a firmware error because of the exchanged ipfw?

              susobacoS 1 Reply Last reply Reply Quote 0
              • susobacoS
                susobaco @net-mas
                last edited by

                @net-mas said in Allowed IP Address does not work in captive portal:

                @susobaco said in Allowed IP Address does not work in captive portal:

                As far as I could observe, the script (I guess php) to configure the "Allowed IP Address" page does not correctly save the configuration in the corresponding "rule" file. This would explain, in my case, that no output is obtained when executing "pfSsh.php playback pfanchordrill" in the "pzoneid_2_allowedhosts" section.

                Unfortunately, none of that means anything to me, I'm not that deep into the PFSense system. I would only be interested here if you can manipulate it: Can you find a variant of how it is stored correctly and thus used correctly with the subnet specification? In other words, is it just a GUI error or a firmware error because of the exchanged ipfw?

                I don't know the system that well either, I am researching, if I find something, I will write it here.

                1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan @net-mas
                  last edited by

                  @net-mas said in Allowed IP Address does not work in captive portal:

                  here - my picture:

                  Hummm.

                  21735d39-3064-4dee-9ad1-fcdb5ebe3519-image.png

                  I never actually saw that one.

                  If I select /30 as shown, I obtain :

                  cpzoneid_2_allowedhosts/192.168.2.100**_30** rules/nat contents:
                  ether pass in quick proto 0x0800 l3 from any to 192.168.2.100**/30** tag cpzoneid_2_auth dnpipe 2012
                  ether pass in quick proto 0x0800 l3 from 192.168.2.100**/30** to any tag cpzoneid_2_auth dnpipe 2013

                  That 'looks' correct.
                  I guess : you subject is wrong ?

                  It's not "Allowed IP Address does not work in captive portal"
                  but "Allowed IP Network does not work in captive portal" as an IPv4is a /32, and smaller then /32 is a network.

                  I'm even not sure. Something like this :

                  Address: 192.168.2.100 11000000.10101000.00000010.011001 00
                  Netmask: 255.255.255.252 = 30 11111111.11111111.11111111.111111 00
                  Wildcard: 0.0.0.3 00000000.00000000.00000000.000000 11
                  =>
                  Network: 192.168.2.100/30 11000000.10101000.00000010.011001 00 (Class C)
                  Broadcast: 192.168.2.103 11000000.10101000.00000010.011001 11
                  HostMin: 192.168.2.101 11000000.10101000.00000010.011001 01
                  HostMax: 192.168.2.102 11000000.10101000.00000010.011001 10

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  N 1 Reply Last reply Reply Quote 0
                  • N
                    net-mas @Gertjan
                    last edited by net-mas

                    @Gertjan That's correct - it wasn't my topic either, it was originally from someone else. I just stuck around here because I think it was/is similar. If that's wrong, we'll just have to open a new topic.

                    https://forum.netgate.com/topic/180480/ip-or-mac-passthrough-didn-t-work

                    here was the original post - but I didn't open it myself. In it, susobaco wrote to me that he probably has a similar problem - hence the cross reference

                    susobacoS 1 Reply Last reply Reply Quote 0
                    • susobacoS
                      susobaco @net-mas
                      last edited by susobaco

                      link text

                      1 Reply Last reply Reply Quote 0
                      • susobacoS susobaco referenced this topic on
                      • W
                        wtasin
                        last edited by

                        Hi,
                        I had the same problem.

                        Look at my post
                        maybe it helps.

                        susobacoS 1 Reply Last reply Reply Quote 0
                        • susobacoS
                          susobaco @wtasin
                          last edited by

                          It seems to be solved by putting the configuration page in English. If you do it that way it worked for me, it seems to be an error with the translation of the "Bold" "From" and "To" options. If you enter them in English, the rules seem to work.
                          link text

                          1 Reply Last reply Reply Quote 0
                          • GertjanG Gertjan referenced this topic on
                          • GertjanG Gertjan referenced this topic on
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.