Captive portal not working with wpad
-
same with squid3-dev…
Not redirecting to captive portal login page. Can browse without logging in.
Could you share the procedure you followed? -
did you blocked connections to ports 80 and 443 in firewall lan rules
-
Sorry for delayed response, I was out of town.
Yes, I did. Should I disable web gui anti-lockout rule? I tried that also, didn't help.
I am not good at firewall rules. That would be great if you could share the screenshot of your lan and nat rules (if possible :)).
Thanks for helping.
-
is squid transparent or non-transparent(you say that you are using wpad, so it must be non transparent)
if it is non transparent firewall rules blocking ports 80,53 and 443 from lan to wan should be enough with the patch captiveportal option enabled
if it is transparent you should block connections to your proxy ip and proxy portand lastly the browser, if you use firefox you should select the second option from top in network proxy settings in your browser
-
squid non-transparent.
ports 80, 53 & 443 blocked from lan to wan
cp deleted and re-created, then applied patch, still not working
I have tried ie 10 and crome.
Thanks again…
-
can you share your wpad file content, may be there is something wrong with it
also you have done the dhcp server and dns forwarder settings for wpad, right?
-
function FindProxyForURL(url, host) { if (isInNet(myIpAddress(), "10.0.0.0", "255.255.255.0")) return "PROXY 10.0.0.1:8080"; else return "DIRECT"; }
DNS forwarder only, working for sure. If I disable auto detect proxy settings in IE, can't browse.
-
@aru:
function FindProxyForURL(url, host) { if (isInNet(myIpAddress(), "10.0.0.0", "255.255.255.0")) return "PROXY 10.0.0.1:8080"; else return "DIRECT"; }
DNS forwarder only, working for sure. If I disable auto detect proxy settings in IE, can't browse.
i think the problem is the lack of "}" and "{" marks for "else" statement, it should be
function FindProxyForURL(url, host)
{
if (isInNet(myIpAddress(), "10.0.0.0", "255.255.255.0")) {
return "PROXY 10.0.0.1:8080";
} else {
return "DIRECT";
}
} -
I will try that and let you know.
-
No difference at all. Tested rebooting also.
-
Only counculusion I come up with is
one or more of your firewall rules is/are effecting the squid's "patch captive portal" directive (this directive is basically a firewall rule created by squid when you enable it)
-
I think your guess is right.
This is the third fresh install (one amd64) and I have the same problem. I don't know how to find out which firewall rule is causing this.
I really appreciate your kind help :)
Right now, I am loading defaults and installing packages from the beginning. Just DG, squid3-dev & freeradius2(later)
-
65292 0 0 allow carp from any to
65292 0 0 allow carp from any to
65302 0 0 allow ip from any to any layer2 mac-type 0x888e,0x88c7
65303 0 0 allow ip from any to any layer2 mac-type 0x8863,0x8864
65307 0 0 deny ip from any to any layer2 not mac-type 0x0800,0x86dd
65310 0 0 skipto 65314 ip from any to { 255.255.255.255 or 10.0.0.1 } d
st-port 3128 in
65310 0 0 skipto 65314 ip from { 255.255.255.255 or 10.0.0.1 } 3128 to
any out
65310 861 102661 allow ip from any to { 255.255.255.255 or 10.0.0.1 } in
65311 1590 1262533 allow ip from { 255.255.255.255 or 10.0.0.1 } to any out
65312 0 0 allow icmp from { 255.255.255.255 or 10.0.0.1 } to any out ic
mptypes 0
65313 0 0 allow icmp from any to { 255.255.255.255 or 10.0.0.1 } in icm
ptypes 8
65314 0 0 pipe tablearg ip from table(3) to any in
65315 0 0 pipe tablearg ip from any to table(4) in
65316 0 0 pipe tablearg ip from table(3) to any out
65317 0 0 pipe tablearg ip from any to table(4) out
65318 0 0 pipe tablearg ip from table(1) to any in
65319 0 0 pipe tablearg ip from any to table(2) out
65532 52 4587 fwd 127.0.0.1,8000 tcp from any to any dst-port 80 in
65533 44 3782 allow tcp from any to any out
65534 1223 145077 deny ip from any to any
65535 3 288 allow ip from any to anyDoes it help?
-
Any suggestions?