How to Captive Portal Self Registration Using Free radius & Mysql (Tutorial)
-
Hi! Khan
Thanks for your wonderful work which I was looking for a long time to add into my pfsense machine which I am using for providing Internet access to students in university. I ll really appreciate if you can help me with the working VMware image to enable me to test the same.
Regards
Harsh
harshkukreja2008@gmail.com -
Hi Khan,
Tnx for your How to .. It workd perfectly on VM pfsense 2.1 with external sql from WAMP package. I just added some previlages to radius user to be able to write the whole sql, also replace email as login with username as login. I would like to add some time limit and session timout for this users how can i add it to the sql in order to successfully get accounting. -
I was able to add time limit (Max-Forever-Session := xxxx sec) to the users registered in captiveportal-cp_registration_form.php however Session-Timeout := xxx does not work. Just wanted those free users to force logout ever 5 min with 1 hour free time.
-
I was able to add time limit (Max-Forever-Session := xxxx sec) to the users registered in captiveportal-cp_registration_form.php however Session-Timeout := xxx does not work. Just wanted those free users to force logout ever 5 min with 1 hour free time.
Did you enable session-timeout on CP GUI?
-
Did you enable session-timeout on CP GUI?
Yes I did check Session-Timeout(se RADIUS Session-Timeout attributes). I'll try to remove it and see what will happen.
-
Okey it's working now. Time limit goes to radcheck while session timeout and idle time should go to radreply.
In CP check Session Timeout. I use interim update. Tried checking and unchecking in CP's Reauthenticate connected users every minute both are working fine with Interim, haven't tested in Stop/start yet.
I will test other setting like Bandwidth-Max-Up/Down, Simultaneous-Use, Amount of Download and Upload Traffic. -
Okey it's working now. Time limit goes to radcheck while session timeout and idle time should go to radreply.
In CP check Session Timeout. I use interim update. Tried checking and unchecking in CP's Reauthenticate connected users every minute both are working fine with Interim, haven't tested in Stop/start yet.
I will test other setting like Bandwidth-Max-Up/Down, Simultaneous-Use, Amount of Download and Upload Traffic.Hi Kababayan!
Did you have sucess?
I have about 3000 users working fine on pf213x64, thanks for all in this topic (and others too).
My only problem is with Max-Daily-Session, i can´t make it work!
i´m disconected after time, but i can relogin. I Think because is the timeout function only, not a max-daily-session.
In radius db, only the tables radcheck,radgroupcheck, radpostauth, radusergroup and reg_user have data, the others have nothing, is normal? -
Hi.
I have configured pfsense + captiveportal + freeradius + mysql + vhosts.
i would like to permit users to change their own password through a web page stored in pfsense.i have created a table in "radius" db named "resetpsw" with 2 column: "username" and "reset". every user in "radcheck" table has a record in this table with the corresponding username and a "reset" value set to "0" or to "1" to force him to reset the password. (I manually change the value in the db to force him to reimputate a new password)
My problem now is to insert the correct code in the captiveportal login page to check, before authenticate him, if the username has the "reset" value to "1" and redirect him to the reset password page.
Any suggestions?thanks
-
Caution : this procedure was perfect for me. Please use at your own risk & make backup.
You need few thing to do this
step 3
now rename every file & remove “.txt” from file name ie
captiveportal-cp_reg_suc.php.txt to captiveportal-cp_reg_suc.php
captiveportal-bootstrap.min.css.txt to captiveportal-bootstrap.min.cssand so …
now edit
captiveportal-cp_reg_suc.php in line 104 insert your sql server ipaddress & password.Upload evry file in captive file manager except
cp_portal.php
cp_error.phpHi,
I don't know how to access the files mentioned in step 3. Where can I find those files?
Thanks
sbb -
@sbb:
Caution : this procedure was perfect for me. Please use at your own risk & make backup.
You need few thing to do this
step 3
now rename every file & remove “.txt” from file name ie
captiveportal-cp_reg_suc.php.txt to captiveportal-cp_reg_suc.php
captiveportal-bootstrap.min.css.txt to captiveportal-bootstrap.min.cssand so …
now edit
captiveportal-cp_reg_suc.php in line 104 insert your sql server ipaddress & password.Upload evry file in captive file manager except
cp_portal.php
cp_error.phpHi,
I don't know how to access the files mentioned in step 3. Where can I find those files?
Thanks
sbb…just saw I can download the files. Wasn't logged in so i couldn't see them.
-
Hi Guys,
i was introduced to pfsense by a friend of mine a few months ago and it resulted very helpfull and an awesome system.
I have checked this post because i have a project same as the subject in this post.
As most of you, i am trying to implement this VM posted in here. As i tested it i saw the captive portal site for self-registration and i am trying to make it a little bit different from the configuration done till now.
What i'm lookin for is a self-registration with sms, a user can just put his phone number and name in the captive portal and the system after recieving this number it has to generate a password ( perhaps with voucher ) and send that code to the user to get access in internet. I want this because i have seen that most of the people that uses free wifi with self-registration puts fake informations at the captive portal so with the SMS i can minimize this fake users with fake ID's .
If any one has an idea please provide some cause i'm stuck at the auto-generation codes after recieving phone number.
Oh as for the implementation posted in here i'll finish testing it and for sure i'll give a feedback.Thanks in Advanced.
-
Hello everybody,
Do you have any solution for freeradius2 not working on pfSense 2.2? I can't upgrade my clients to 2.2 without captive portal working with freeradius2 + mysql -
Hello all,
i am triying to follow this tutorial but now in version 2.2 the command pkg_info -r http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/php52-mysql-5.2.13_3.tbz does not work. I now that now pfsense is using a new version of freebsd. Does anyone have successfully installed this Portal + Mysql in the new version? Does anyone knows how to do it?
Thanks!
-
Please help me on how to install phpMyadmin on pfsense ;D :-X
-
How can we start phpmyadmin?
-
Is there an updated guide for this setup in pfSense 2.2.4 amd64 installation?
-
It will just work on latest pfsense 2.3 Beta, in the previous 2.2.x versions, package php5x-mysql breaks pfsense.
Latest beta uses nginx and has embedded php56-mysql activated, so you just have to install freedradius. I recommend to install mysql and phpmyadmin in a external server.
What I did is to get the Khan's vitualbox machine, start it and save a backup config file. I also exported the radius database preent on the local virtualbox image using the embeded phpmyadmin installed on that virtual machine.
Then load the backup xml file to the 2.3 beta amd64 pfsense version, change the ip of the mysql server in the captiveportal-cp_reg_suc.php file code to point your new mysql server, and import the radius table on that server, granting permissions to the user root pass pfsense.
Go to freeradius admin section on pfsense and in mysql change the ip of the sql server to your external one. And voila, it will work in the latest pfsense version. Took me few days to get it working!
-
If you have issue with empty "reg_users" table on pfsense 2.3.1, it`s resolve by changing "phone_number" column type from "INT" to " BIGINT".
-
Thanks all,
I have used this guide and make it working on my PFSense 2.3.2 adding squid/squidguard http/https filtering and limiting bandwidth to dhcp assigned clients.
Did someone tested the solution with SMS authorization code?
Thank you, -
Captive Portal Self Registration Using Free radius & Mysql Tested with 2.0.2-RELEASE (i386) built on Fri Dec 7 16:30:14 EST 2012 in vmware 8.
Caution : this procedure was perfect for me. Please use at your own risk & make backup.
You need few thing to do this
- php-mysql support in pfsense. Default is disabled. follow this post to do it
http://forum.pfsense.org/index.php/topic,47150.0.html
your command should be
pkg_info -r http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/php52-mysql-5.2.13_3.tbz
and
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/php52-mysql-5.2.13_3.tbz
tips: according to his (sash99) post some package dependencies should occur. But I did not found 1. what I did..
- in command added package with
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/php52-mysql-5.2.13_3.tbz
- in command
/etc/rc.php_ini_setup
- installed freeradius2 package from system/package
- rebooted pfsense
- in command
touch /etc/php_dynamodules/php52-mysql
- rebooted pfsense.
Step 2
Config pfsense freeradius according to this doc
http://doc.pfsense.org/index.php/FreeRADIUS_2.x_package
and for sql support
http://forum.pfsense.org/index.php/topic,43675.msg235475.html#msg235475
add extra table using reg_users.sql.txt file sql command or u can rename this to reg_users.sql and import via phpmyadminI hav added database file also.
step 3
now rename every file & remove “.txt” from file name ie
captiveportal-cp_reg_suc.php.txt to captiveportal-cp_reg_suc.php
captiveportal-bootstrap.min.css.txt to captiveportal-bootstrap.min.cssand so …
now edit
captiveportal-cp_reg_suc.php in line 104 insert your sql server ipaddress & password.Upload evry file in captive file manager except
cp_portal.php
cp_error.phpin captive portal main page
enable captive portal in Lan
check Disable concurrent logins
in Authentication section
check RADIUS Authentication
in ipaddress box –----------- 127.0.0.1
port box ----------- 1812
sharedsecret box -----------your shared secret
in Accounting check send RADIUS accounting packets
in port ----------- 1813
Accounting updates ----- check strat stop
In RADIUS NAS IP attribute select your lan.insert cp_portal.php in “Portal page contents”
cp_error.php in “Authentication error page contents”.
Save. And you are ready to go.Important
1. you should change php file content according to your need.2. be aware about adding php-mysql package you may not be lucky as i was. if anything goes wrong follow "sash99" post carefully.
3. in my captive portal page i have some security like a client with a mac address can only register one account.
please let me know your experiences.
Hi please provide with explanation and provide any link if you have create any document because i am new learner pfsense .