Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't make captive portal work

    Scheduled Pinned Locked Moved
    Captive Portal
    3
    7
    3.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      ben.suffolk
      last edited by

      I'm thought I'd give the captive portal a try. I'm running 1.2-BETA-1 .

      I enabled CP and I can browse to http://10.0.0.1:8000 and I get the default login page.

      However I am never redirected to it when I try to access the internet. I had squid installed as a transparent proxy, but I have un-installed it in case that was getting in the way. The only package I have installed now is snort.

      I also rebooted, but it seems nothing I can do gives me an automatic redirection to the CP.

      What should I be looking for in my config that might have screwed this up?

      Regards

      Ben

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Make sure your clients use the pfSense IP of the captiveportal-enabled interface as DNS. Redirection won't work if this is not the case.

        1 Reply Last reply Reply Quote 0
        • B
          ben.suffolk
          last edited by

          Hi Hoba,

          Yes the clients were using the LAN interface for DNS.

          [EDIT] But the web browser was already open, so I guess it might have cached the lookups?

          Regards

          Ben

          1 Reply Last reply Reply Quote 0
          • B
            ben.suffolk
            last edited by

            Just looked at the IPFW rules, and there is one in there :-

            00009    194    18276 allow ip from 10.0.0.0/24 to any in recv fxp0

            So it never makes it to this rule :-

            19902      0        0 fwd 127.0.0.1,8000 tcp from any to any dst-port 80 in

            Which is what sends users to the CP.

            Rule 9 seems to tie in with this rule from the LAN rules configurations page :-

            *  LAN net  *  *  *  *      Default LAN -> any

            If I ipfw delete 9 then it works as it should.

            Regards

            Ben

            1 Reply Last reply Reply Quote 0
            • S
              sullrich
              last edited by

              Rule #9 is schedules.  Captive portal is not compatible with Schedules.

              1 Reply Last reply Reply Quote 0
              • B
                ben.suffolk
                last edited by

                Ah ok fair enough, I'm just playing around with everything at the moment so I can try out the different features. Is it likely that CP and schedules will co-exist in the future, or is it a more fundamental reason for them not playing together?

                I had an inbound NAT rule to allow ssh to one of my internal boxes, I had 2 firewall rules set up, the one that was auto created, and then the one I added to allow the connection from the outside to the WAN interface.

                When CP is enabled the inbound connection is blocked by IPFW (I know this because if I ipfw flush then the connection works).

                Is that another limitation of CP, Or is that also related to the scheduled rules? (It was not in the scheduled time period when I tested this BTW. The schedule is to disable internet access before school to the kids computers).

                Regards

                Ben

                1 Reply Last reply Reply Quote 0
                • S
                  sullrich
                  last edited by

                  It's possible but was not a design goal for 1.2.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post