Captive Portal Kills Pfsense
-
There are known issues with captive portal.
-
ok, THANKS
Another little issue, I went to the console, and reset to factory default, everything looks OK, webgui is running again, but is not possible to access via SSH with winscp, SSH is enabled in webgui.
regards
Alfredo -
FYI, more information to this issue.
In my experience, it does not "kill" captive portal totally. You can still ssh into the box, run the shell, do a 'links http://192.168.1.1/' and log in to the captive portal that way. So it's still running, you just cannot get to it from anywhere but localhost.
-
this fixed in the latest snapshot?
-
Just imaged with pfSense-2.0-BETA1-4g-20100124-1657-nanobsd.img.gz Captive portal will get you:
Fatal error: Cannot redeclare get_priv_files() (previously declared in /etc/inc/priv.inc:48) in /etc/inc/priv.inc on line 67
I am running 1.2.3 with no problems. I would like the additional traffic shaping however. bit torrent needs to be stopped!
Steve
-
In my experience, it does not "kill" captive portal totally. You can still ssh into the box, run the shell, do a 'links http://192.168.1.1/' and log in to the captive portal that way. So it's still running, you just cannot get to it from anywhere but localhost.
Yeah the problem is ipfw fwd is broken in FreeBSD 8.0. If you browse to LANIP:8000 it also works, it's just the redirect to 8000 that doesn't work. A patch is in the works to fix ipfw.
-
Actually more than "in the works", it was already committed several days ago. Captive portal works for me now as of the latest snapshot.
-
20100125-2045 ?
-
-
haha. i been running that for a little while now and so hesitant on starting it LOL. I think i got confused over the "update" feature because it wasn't catching the latest snapshots and what have you, and actually kept down grading me..
-
you must be mistaken. it's still borked.
-
No, it definitely works. Just set it up on another install, now on a February 6 snapshot, and it works perfectly.
-
Still not working for me either. CP clients just sit and timeout, redirect never connects, I see no response traffic at all coming from the firewall. I'm not seeing any kind of redirect pf rule created (though pass rules are there), and unless I'm misunderstanding how the CP works I think that is necessary. Is there any troubleshooting you recommend?
Manually hitting the CP URL and registering works fine however.
-
The redirect is an ipfw fwd, it's not in pf. Can you send me a backup of your config? Private message or email to cmb at pfsense dot org.
-
New problem found, it doesn't work on VLANs at the moment.
http://redmine.pfsense.org/issues/show/357It does work fine on physical interfaces. If anyone is having a problem still that is not using VLANs, we'll need more info.
-
I found that enabling it, the re-direct would take around 30 seconds it seems, to actually re-direct to the URL of the users request. IE: if no redirect url was specified in settings but a home page set in the browser. Though after submitting the login, which is all blank so no login required, closing the browser and opening it again before it can redirect, web traffic works as normal.
-
Im having some issues with the captive portal in latest build, different than discussed already. The captive portal works fine and redirects, etc.. but the bandwidth restrictions dont seem to be very effective. i set the per user bandwidth restriction in the captive portal to 1024/384kbit/s, but i can download/upload at full speed thru the captive portal…? Ok, so i figured i would run the traffic shaper and create an alias for the cp_guest dhcp range and then stick the alias in the penalty box w/ 10% bandwith limitation. Still blasted thru downloading at 1.23MB a sec. am i lost or confused? or are these things still not 100%. I can send logs/configs if that would help. i have a small non-profit next to UCF campus that i need the CP to work in so i can restrict bandwidth/users as im sure every kid over there will be trying to utilize/hack into the wireless. Dont want to put wlan in, if can be hacked and then steal all the bandwidth, rather do without. (i understand it can be hacked, i plan on it being hacked, i just dont want to loose all the bandwidth if possible when it does!).
-
I notice this bug (CP not working on VLANs) has been closed, yet the problem persists for me. I can access the CP page manually by typing the router IP address, but am not redirected there automagically when trying to access other websites.