What Happened To Users?

qwaven

Hi there,

So I've been using Captive Portal for a while now, over several releases of PFSense…etc. Never had any major issues.

In short my setup has a few users and when they auth on the portal the MAC is perm added to the allow list.

So I've noticed, and I'm assuming this either happened after upgrading the the latest version, or when I switched hardware appliances. I'm unable to determine which as I had not discovered this at the time of doing either...

So my issue...

I don't see any users under my firewall users section. There used to be a few there that had captive portal login rights.

I don't particularly care about the users themselves as long as they won't continue to work. I can easily create new ones and be done with it if that's all that is required.

Can anyone help to first confirm that the users are not still "usable" as active accounts?

Or did at some point the captive users get moved somewhere else?

As far as I know network access via captive portal has continued to work fine for everything added previously. (I don't have the passwords for the accounts to test something new)

Any help/thoughts would be great!

Cheers!

Gertjan

Hi,
@qwaven:

As far as I know network access via captive portal has continued to work fine for everything added previously.

As far as you know ? As the admin, you should know …. ;)
When my captive portal goes down, my phone will explode ...

@qwaven:

(I don't have the passwords for the accounts to test something new)

I don't get it. You are the admin. What about creating a new login for a "test" captive portal user (make sur the device you are using isn't on MAC "white" list).
Try to enter your captive portal network, … see the login page - use your "test" credentials - and see that your are listed as a connected user (Status => Captive portal).

And while you're at it, check also that the users MAC (the MAC from the device your are using when you logged in using the "test" credentials : here  Services => Captive Portal => [zone] => MACs) : it should be on the list now.

The answer to your question : MAC addresses listed are passed through right away - and NOT considers as logged in "users" anymore. Their activity can not been seen. Except maybe if you use a "radius" solution.

qwaven

Thanks for the reply.

As far as I know meaning there are no complaints. IE MAC's that were authenticated are likely still working. IE the allowed list does not often change.

Yes I can create a new user just fine. The point of my question was to determine what happened to the users that used to be populated? Since I did not remove them is there a possibility that they can still exist without being displayed in the GUI. I do not want "active" logins that I cannot see/control.

To be clear when I go under: System/User Manager/Users the only account I see is the admin account.

qwaven

Anyone?

jimp

If the users are not listed under System > User Manager, then they were manually deleted or not entered. Perhaps you started fresh from a factory configuration, or restored a backup that did not have them when you switched hardware. Nothing on pfSense would have deleted the users.

If they are not showing in the GUI, captive portal should not be able to use them if it is set for local users. You'd have to test it for yourself to be certain, however.

qwaven

@jimp:

If the users are not listed under System > User Manager, then they were manually deleted or not entered. Perhaps you started fresh from a factory configuration, or restored a backup that did not have them when you switched hardware. Nothing on pfSense would have deleted the users.

If they are not showing in the GUI, captive portal should not be able to use them if it is set for local users. You'd have to test it for yourself to be certain, however.

Thanks for the quick reply. I had started from a fresh install and restored a FULL backup on top. I can only assume then that there must have been some issue with importing the users (or exporting the users to the backup originally) as I also would not have deleted them. In any case all is well long as they are not still present on the system I can just create new ones and be done with it. :)

Thanks for confirming.

Cheers!

Gertjan

Check the backup file you imported.
They are there ?
The file should have a name like config-your-host-and-domaine-20170718085441.xml and is VERY well readable by a human.
If they are NOT in the file, well ….

qwaven

@Gertjan:

Check the backup file you imported.
They are there ?
The file should have a name like config-your-host-and-domaine-20170718085441.xml and is VERY well readable by a human.
If they are NOT in the file, well ….

Just checked and it does have the users.

<md5-hash>531501fb668ac7198544acf912d9c624</md5-hash>
			<name>qwerty</name>

			 <expires><authorizedkeys><ipsecpsk><uid>2009</uid>

		 <user><scope>user</scope>
			<password>$#$%^&#%TFSDDFDSR#$</password></user></ipsecpsk></authorizedkeys></expires> 

Anyway I'm good as long as the accounts are no longer active.

Cheers!