Feature lost in transaction? M0n0 MAC addreses are gone?
-
http://pfsense.com/cgi-bin/cvsweb.cgi/pfSense/etc/inc/captiveportal.inc
http://pfsense.com/cgi-bin/cvsweb.cgi/pfSense/usr/local/captiveportal/ -
ok, I think the problem is in Dropdown menu that select either "defult" or "cisco" type … thats the only thing that I can think off....
-
Did not modify that…
-
:-(
-
jeroen234, I did the trial ran for what u sudgested, and as I said it didnt work, because this fature is designed for diferent purpuse… it works like major cable troviders do for theit clients... so that they dont have to use username and passwords... they just go online right away...
BUT, what I found is that this feature dosnt work as it desined too... It suppose to send Radius-Request when I open web brower but it doesnt... Debug off everything is attached, I used my username to login...
So, I dont know why, but big part of m0n0 functionality is gone? :(
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.0.102:60873, id=214, length=79
Service-Type = Login-User
User-Name = "alexus"
User-Password = "xxxxxxxx"
NAS-Identifier = "pfSense.local"
NAS-Port = 0
NAS-Port-Type = Ethernet
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
Sending Access-Accept of id 214 to 192.168.0.102 port 60873
rad_recv: Accounting-Request packet from host 192.168.0.102:50951, id=195, length=97
Service-Type = Login-User
User-Name = "alexus"
NAS-Identifier = "pfSense.local"
NAS-Port = 0
NAS-Port-Type = Ethernet
Acct-Status-Type = Start
Acct-Authentic = RADIUS
Acct-Session-Id = "1285ff05b364519a"
Framed-IP-Address = 192.168.1.199
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): Released sql socket id: 2
Sending Accounting-Response of id 195 to 192.168.0.102 port 50951on this debug list you are oke
the only thing i can think off is that you dit'n open on youre wan conection the ports 1812 and 1813
on witch you radius server has to send its radius pakets to pfsense -
isnt it reverse? NAS send request to the radius server? and then gets replay with Access_accept or Access-Reject… ? Actuall accounting packets are stored in radius itself or im My Sql, but nas does not send accounting info
-
the access data is send on port 1812 to the radius server
and will be send back on port 1812 from the radius server a oke or a rejectsame for accounting now using port 1813
-
but avvording to standard the acc paks are not sent back to NAS… thet sent from NAS to Radius and that is it... mean while AVPs are sent on 1812 in both directioons
-
accounting pakets are not send back
but what is send is a oke or a reject
on a reject bv when the time is empty for that userwhen portal resieves the reject it disconect the user
on oke the user can contineu to surfi have pfsense check every 60 sec. with the radius server if the user is still oke to surf
-
yes, but I didnt say that I have problems with logging in, the user is authenticfated and allowed to access external network, the accounting pakt is sent to MySQL server and recorded, the problem is that accounting packt is not full, it is mising banch of stuff such as MAC addreses and octans etc…
-
jeroen234, to make sure that im not mostaken, I set WAN rules to Allow * to * from * (aka "hakers are welcome" ;) ) well as I assdumd it didnt work…
I also posted the probmen in mono list and someone wrote me that this could be because pfSense is using diferent web server and or OS? is that correct??
-
i dont see the trouble accounting packets are not forwarded back to the radius server till the session is finished.
the access request was made the accounting request is recorded.where is the rest of you data. close your session in the captive portal and then check the cleanup on your radius server.
nothing else is needed at stage one. i looks just like our sessions from our NAs boxes to the radius server. -
yep u are correct, everywjhere exept the part tha MAC addresses are sent during Accounting-Start…. all other junk thta I dont care about is sent when Accounting-Stop is sent :-(