Captive portal URL/IP
-
The most logic one:
Enable DNS forwarderThese are also normal:
Register DHCP leases in DNS forwarder
Register DHCP static mappings in DNS forwarderAnd this one:
Do not forward private reverse lookupsI didn't check any others.
-
System: General Setup
hostname: pfsenserouter
Domain : ccs.edu.localnetwork (my FQDN)
DNS Servers: 192.168.200.5 (my Domain IP)
Allow DNS server list to be overridden by DHCP/PPP on WAN CHECKED.
.
Services: DNS forwarderEnable DNS forwarder
Register DHCP leases in DNS forwarder
Register DHCP static mappings in DNS forwarder
Do not forward private reverse lookupsInterfaces : ALL
I can still see IP in my portal.. what else is missing?
-
form method="post" action="http://192.168.200.1:8000/" –---->>>> This one..thats what showing in my portal url
"http://www.google.com"> –------->>> I set this up<center>
|
|
</center>
-
DNS Servers: 192.168.200.5 (my Domain IP)
form method="post" action="http://192.168.200.1:8000/" –---->>>> This one..thats what showing in my portal url
So, your portal server (pfsense) isn't your DNS server ?
Btw: stop looking for a solution ;)
I switched to NON-https portal login, and it showed the IP of the portal interface: http://192.168.2.1/index.php…...... not the host name.
/etc/inc/captiveportal.inc: (in function portal_reply_page())
$htmltext = str_replace("\$PORTAL_ACTION\$", "{$protocol}{$ourhostname}/", $htmltext); ```and $ourhostname is being set just before:$ourhostname = portal_hostname_from_client_ip($clientip);Now, have a look at function portal_hostname_from_client_ip(). The IP of the portal interface is returned, not the name. -
So, your portal server (pfsense) isn't your DNS server ?
Btw: stop looking for a solution ;)
my portal is 192.168.200.1… my DNS server which is my DomainController is 192.168.200.5
STOP looking for a solution?? why?? there's no solution for this??
base on your reply...what I understand is it's not possible if I use non-https portal login..so I have to stop looking for a solution .. RIGHT???
but it is possible if I'll use https portal login. RIGHT??
.
.so how to have a HTTPS portal log-in then?? what do I need to do?
-
my portal is 192.168.200.1… my DNS server which is my DomainController is 192.168.200.5
STOP looking for a solution?? why?? there's no solution for this??
base on your reply...what I understand is it's not possible if I use non-https portal login..so I have to stop looking for a solution .. RIGHT???
but it is possible if I'll use https portal login. RIGHT??Well, sorry, no. I meant: the IP is hard coded in the captive portal code.
No possibility with a 'setting' to change that.When the portal page is non-https, then the IP of the gateway of the portal is returned.
Of course, your browser will do the DNS tric if it is a fully qualified DNS name like http://portal/ but the navigator will not reverse the process when an IP is send back. An IP is what the navigator wants.There is a solution - and you don't need to look for. You need to code it :)
.
@lynx:so how to have a HTTPS portal log-in then?? what do I need to do?
That's what I did.
I got a free Certificate from startssl.com, implemented it and portal user don't see the IP anymore. -
see here:
https://forum.pfsense.org/index.php?topic=53846.msg312507 -
see here:
https://forum.pfsense.org/index.php?topic=53846.msg312507Yep, saw it.
The code you mentioned ( 31-01-2013, 09:42:23 )
if (isset($config['captiveportal']['httpslogin'])) $ourhostname = $config['captiveportal']['httpsname'] . ":8001"; else { if (isset($config['captiveportal']['httpsname'] )){ $ourhostname = $config['captiveportal']['httpsname'] . ":8000"; } else { $ifip = portal_ip_from_client_ip($clientip); if (!$ifip) $ourhostname = $config['system']['hostname'] . ":8000"; else $ourhostname = "{$ifip}:8000"; } }Knowing that portal_ip_from_client_ip($clientip) always return the IP of the portal interface (a portal client without its gateway, that would be a curious situation ….) so this gets executed:
$ourhostname = "{$ifip}:8000";$ifip is our 'not wanted' IP (normally OPTx) IP.
I propose :
Serach```
$ourhostname = (is_ipaddrv6($ifip)) ? "[{$ifip}]" : "{$ifip}";change for this$ourhostname = (is_ipaddrv6($ifip)) ? "[{$ifip}]" : $cpcfg['httpsname'];
In /etc/inc/captiveportal.inc "Works for me" ™ ;) -
my plan is to use $config['captiveportal']['httpsname'] that is "HTTPS server name" in web gui to configure what clients see in the address bar even if we are not using https.
portal_ip_from_client_ip($clientip) is not called at all.
-
my plan is to use $config['captiveportal']['httpsname'] …...
this should be the same as
$cpcfg = $config['captiveportal'][$cpzone]['httpsname']
(see function portal_hostname_from_client_ip($cliip) in /etc/inc/captiveportal.inc - pfSense 2.1.3)
@lsense:that is "HTTPS server name" in web gui to configure what clients see in the address bar even if we are not using https.
Well, this is where I need to explain:
"Works for me"
$cpcfg['httpsname'] is only set when you activate (ones) the "activate https authentication on the captive portal settings page.
This will be done if you put in valid certificates …
Not very difficult, its explaine here: https://forum.pfsense.org/index.php?board=2.0 The very first subject PFsense 2.1 MultiCP and https with Windows Radius Guide.
As soon as "https" is setup and valid, de-activate it.
The tric is: the $cpcfg['httpsname'] will be grayed out, but remains set and valid (so, you can use it as I did above ;)).
Exemple:
My domaine is
brit-hotel-fumel.net (to be set on the General setup page).
The portal 'host' = 'portal' (IP 192.168.2.1, as set on the DNS Forwarder page)
So, my 'httpsname' will be portal.brit-hotel-fumel.netWhen people connect to my Wifi network they will get an IP (they don't connect yet).
They can ping at that very moment alreay portal.brit-hotel-fumel.net - this MUST give back a reply.
This means the host name is resolved.
This means that host name can be used instead of 192.168.2.1
And that's what the subject is all about.portal_ip_from_client_ip($clientip) is not called at all.
For me, this is correct, because I'm using https login.
For non-https login, this function will be called:
(see function portal_hostname_from_client_ip($cliip) in /etc/inc/captiveportal.inc - pfSense 2.1.3)
