How does this Captive Portal work?

luke240778

Hi All, I am using 2.0-RC2 and trying to get this Captive Portal to work.  Is ther any easy way? No matter what i do, as soon as i click enable and save it, i cant get any internet access, and the portal page doesnt come up.. I have enabled it for LAN and i am inside the LAN when trying to access the net.  Is there some settings elsewhere that i have to change for Captive Portal to work?

I have tried with no authentication and also with Local User (although there doesnt seem to be anywhere i can create users), both no luck, any ideas?

I want to test this and get it working here now, then eventually hook it up to my RADIUS server

jimp

Are you using the pfSense box for DNS on that subnet?

You need working DNS for the portal to work, and by default the pfSense box's DNS server gets an exception. If you pass different DNS servers to your clients, they likely are failing because they can't resolve anything.

If that is the case you can add an IP bypass into the portal config so that the DNS servers can be reached.

luke240778

I don't really know. i know that in the general setup i have

208.67.222.222   wan
208.67.220.220   wan

And i have ticked the box just below it.. Does that mean i have it set wrong?  I see when i do ipconfig /all on my machine i get the above 2 as my DNS servers, and by what you are saying i should be getting just the IP of my pfSense box? To do this, what do i do, just remove those 2 DNS servers from the General Setup page?

I also have the DNS Forwarder enabled.. Which i thought was supposed to do what you are talking about.. i just ticked enabled, maybe i need more configuration?

wallabybob

@luke240778:

I don't really know. i know that in the general setup i have

208.67.222.222  wan
208.67.220.220  wan

And i have ticked the box just below it.. Does that mean i have it set wrong?

Depends what you want. If you want OpenDNS as your DNS AND you have a dynamic IP address on your WAN interface you have set it wrong (because you have said the DNS information in configuration sent from ISP should override what you specified on the General Setup page).

@luke240778:

I also have the DNS Forwarder enabled.. Which i thought was supposed to do what you are talking about.. i just ticked enabled, maybe i need more configuration?

Your system(s) on the pfSense LAN interface need to use the pfSense box as their DNS. If those systems have static IP then you need to change their DNS specification. If those systems have auto (DHCP) IP then you need to renew the DHCP lease (or reboot) so they get the correct DNS.

I'm successfully using captive portal on an OPTx interface on a test system.

luke240778

Ahh.. ok.. DNS confuses me..

I have a Static IP on my wan connection… So i should remove the Open DNS entries? and untick that box i guess?  This stuff with DNS and DHCP always confuses me..

jimp

Having the DNS servers under System > General is fine.

If your clients are on DHCP, you apparently also have those DNS servers defined under Services > DHCP Server as the DNS servers (then remove them), or you have the DNS Forwarder disabled under Services > DNS Forwarder (Then enable it).

Either one of those cases will result in your clients having the DNS servers from System > General assigned directly.

They should just be using the pfSense box's LAN IP as their DNS server.

luke240778

Excellent.. I have been tinkering at it for the last hour and have got the captive portal working.. Doing basically what you just said. all i did was untick the box under the DNS servers on the general settings, and i put the LAN ip as the DNS server on the DHCP settings.  Althought it does also seem to work without this, so maybe just removing the tick in the box next to "Allow DNS server list to be overridden by DHCP/PPP on WAN
" seems to do the trick.