Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal's session timeout

    Scheduled Pinned Locked Moved Captive Portal
    21 Posts 6 Posters 13.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      buraglio
      last edited by

      Ah, that wasn't clear to me from your first post.  I have not tried the radius provided session timeout.  If I get some time maybe I can test it against my lab setup this week to see if I get the same results.

      https://www.forwardingplane.net/

      1 Reply Last reply Reply Quote 0
      • L
        lir
        last edited by

        Thank you.
        I very much appriciate it, it's an important feature for me which I need Pfsense to fully support.

        1 Reply Last reply Reply Quote 0
        • B
          buraglio
          last edited by

          @lir:

          Thank you.
          I very much appriciate it, it's an important feature for me which I need Pfsense to fully support.

          I've been really busy this week and have yet to have a chance to try it out.

          nb

          https://www.forwardingplane.net/

          1 Reply Last reply Reply Quote 0
          • L
            lir
            last edited by

            Ok cool
            I'm waiting for your reply on it.

            1 Reply Last reply Reply Quote 0
            • B
              billm
              last edited by

              @lir:

              But the timeout in the captive portal is a global timeout for all users, and there's a special check-box for grabbing
              the session-timeout attribute returned from the radius- if its there then it means it is supposed to work.

              Actually, I think that might be part of the radius code that hasn't been backported from HEAD when we last merged in the m0n0 CP code.  This may be a feature that's not supposed to work and needs to be stripped from 1.0.  I'll try and confirm that shortly.

              –Bill

              pfSense core developer
              blog - http://www.ucsecurity.com/
              twitter - billmarquette

              1 Reply Last reply Reply Quote 0
              • B
                billm
                last edited by

                Scott can probably add more, but the more I look at the code, the more I'm convinced that this feature slipped in during a merge of the CP code which requires the newer radius.inc and PECL RADIUS that's in HEAD.

                –Bill

                pfSense core developer
                blog - http://www.ucsecurity.com/
                twitter - billmarquette

                1 Reply Last reply Reply Quote 0
                • S
                  sullrich
                  last edited by

                  Could be.  I don't know.  Will check it out.

                  1 Reply Last reply Reply Quote 0
                  • L
                    lir
                    last edited by

                    Cool.
                    Let me know what you find out…

                    1 Reply Last reply Reply Quote 0
                    • S
                      sullrich
                      last edited by

                      We havent changed RELENG_1's captive portal code in quite a while.  That is not it.

                      1 Reply Last reply Reply Quote 0
                      • L
                        lir
                        last edited by

                        Sorry but I'm a bit confused.
                        Is the 'session-timeout' attribute supported or not?

                        1 Reply Last reply Reply Quote 0
                        • S
                          sullrich
                          last edited by

                          Session timeout is working fine for me here.  But I am in no way using radius.

                          1 Reply Last reply Reply Quote 0
                          • L
                            lir
                            last edited by

                            Right.
                            When not using radius, it's working fine.

                            Question is - what happens when using radius?
                            There's a special box to use Session-Timeout attribute received from the radius so why is that not functioning?

                            Thanks.

                            1 Reply Last reply Reply Quote 0
                            • L
                              lir
                              last edited by

                              @sullrich:

                              Could be.  I don't know.  Will check it out.

                              Any new regarding this issue?

                              Thanks.

                              1 Reply Last reply Reply Quote 0
                              • S
                                sullrich
                                last edited by

                                No.

                                1 Reply Last reply Reply Quote 0
                                • B
                                  buraglio
                                  last edited by

                                  @sullrich:

                                  No.

                                  I've been too busy to test this yet, sorry.  I have a lot of travel in the next few weeks so it may be a little while.

                                  nb

                                  https://www.forwardingplane.net/

                                  1 Reply Last reply Reply Quote 0
                                  • H
                                    hoba
                                    last edited by

                                    You might want to test this with m0n0wall and bring this to attention at the m0n0 list if it's the same there. pfSense's captive portal is a nearly exact copy of the m0n0 CP though it's not the version used  in the latest m0n0wall.

                                    1 Reply Last reply Reply Quote 0
                                    • N
                                      namezero
                                      last edited by

                                      Looks like m0n0wall's beta 1.23b1 has improvement on that issue:

                                      hanges in captive portal (jdegraeve)

                                      * fixed a bug in the way we handle authentication mechanisms (potentially allowing double logins and faulty locking)
                                          * add support for different MAC address formatting styles
                                          * add support for per-user bandwidth limitation (using well-known WISPr RADIUS attributes)
                                      http://m0n0.ch/wall/beta.php

                                      So if you're really stuck, you might want to take a look at m0n0wall for the mean time.

                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        sullrich
                                        last edited by

                                        @namezero:

                                        Looks like m0n0wall's beta 1.23b1 has improvement on that issue:

                                        hanges in captive portal (jdegraeve)

                                        * fixed a bug in the way we handle authentication mechanisms (potentially allowing double logins and faulty locking)
                                            * add support for different MAC address formatting styles
                                            * add support for per-user bandwidth limitation (using well-known WISPr RADIUS attributes)
                                        http://m0n0.ch/wall/beta.php

                                        So if you're really stuck, you might want to take a look at m0n0wall for the mean time.

                                        We have already backported this code to HEAD but it will not appear in 1.0.  I agree with namezero, if this is such a big issue then please run m0n0wall.

                                        1 Reply Last reply Reply Quote 0
                                        • First post
                                          Last post
                                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.