Captive portal will not redirect to portal page
-
Can I post my cisco switch config or no? would you be able to take a look at it?
I changed my lan back to 172.16.1.2/16 and check out the attachment. some are showing the correct interface while others are still showing LAN for interface. You still think this has to do with my switch config?
thanks
-
The traffic from those hosts is hitting LAN, not VLAN240 so yes.
Instead of just making changes willy-nilly you need to document your network. What IP scheme is on what interface? In order to help you we'll need to know physical details as well as logical. For instance, I have no idea whether or not your VLANs are on the same physical interface as LAN.
If you don't understand basic subnetting and VLANs this is going to be difficult to get going for you.
-
vlans are on single physical LAN. I have cisco aironet APs. Each SSID is a different vlan. The APs are hard wired into a port on my switches. on my layer 2 switch i have my vlans enabled.
is this a start?
-
The APs are hard wired into a port on my switches.
Uhm… did you configure the VLANs on the APs?
-
vlans are configured on the APs. Just an FYI. Everything works as it should, but as soon as I change the LAN interface on the pfsense to /24 (the way it hsould be) i get the issues stated in my previous posts.
-
It's a start but with no detail it'd be guessing. Post some details.
-
Been messing with this all day…..
my switch: have a vlan 240 with ip address 172.16.240.2 /24
pfsense: have a vlan 240 with ip address 172.16.240.1 /24on the pfsense i changed my lan to /24 like we discussed. everything seems to be working great. firewall log is saying the correct interface now. BUT, i have a problem, of course. i am getting intermittent blocks from my firewall. for instance, i rdp into my print server. and i will get disconnected after awhile. but it will reconnect. so its intermittent. i look at my firewall log and it is telling me im getting blocked....
attached is the message - please note: it is going to say 172.16.0.0/16 in the attachement. thats because i started changing things back so that it would work like normal. so just pretend it says 172.16.0.0/24 :)
-
bump…. :-\
-
Why are you messing around with firewall rules for captive portal?
On the interface with the portal on it:
Pass the traffic you want your portal users to be able to get to (DNS servers, etc. This also requires allowed IPs in the portal so they can get there before logging in)
Block the traffic you don't want them to be able to get to (protected local networks, etc)
Pass any any (the internet)172.16.0.0/24 does not include 172.16.240.0/24 so I'm not sure what you're trying to do with that rule.
-
I understand what you are telling me.
I have disabled captive portal until I figure out my other issues.
I did not mess with the firewall.
I was simply stating that when i changed my vlan to /24 it seems that my firewall is blocking traffic. For example, I RDP into one of my servers and i keep getting disconnected and reconnected.
The only rule I have in my firewall for that interface is any to any.
With that said, should I change my rules to what you stated?
thanks!
-
I have no idea what rules you need. Every network is different.
In general:
Pass what you want
Block what you don't want
Pass everything else -
Let me start over, what I don't understand is why is this stuff getting blocked when I have everything open? Please see attached. thanks.
-
Those are broadcasts. Who cares?