• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Captive Portal, Vouchers, Passthrough MAC w/Username

Scheduled Pinned Locked Moved 2.1 Snapshot Feedback and Problems - RETIRED
4 Posts 2 Posters 1.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D Offline
    Derelict LAYER 8 Netgate
    last edited by Jul 31, 2013, 10:56 PM

    Okay -

    I was all excited about multi-day vouchers using pass-through MAC with username but am seeing something really weird.

    I have three portals defined.

    The first one has no authentication.

    The second has no authentication.

    The third has vouchers enabled, Pass-through MAC addition, and Pass through MAC with username.

    I connect to that network, get the voucher page, enter the voucher, and it is accepted.  But I am immediately presented with the CP login page again.

    The MAC passthrough entry is added to the config for the correct portal instance, but the pass-through MAC entry in ipfw is added to the first instance instead of the third.

    If I don't use Pass-through MAC addition, the user is added to the correct instance.

    I restored my config to a test box and it worked fine so I'm pretty sure a restart will fix it.

    But there's something funny with adding multi instance CPs still.

    This is 2.1-RC0 July 22 15:44 amd64.  I don't think there have been any CP changes since.

    (It might be nice to log $cpzone in portalauth.log)

    Chattanooga, Tennessee, USA
    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
    Do Not Chat For Help! NO_WAN_EGRESS(TM)

    1 Reply Last reply Reply Quote 0
    • D Offline
      Derelict LAYER 8 Netgate
      last edited by Aug 1, 2013, 2:46 PM

      Rebooted this morning and the MAC passthrough entries are still being added to the first CP instance of ipfw instead of the 3rd, even though the config entry is added to the correct CP instance.

      Chattanooga, Tennessee, USA
      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • D Offline
        Derelict LAYER 8 Netgate
        last edited by Aug 1, 2013, 3:40 PM

        Aug  1 15:35:52 gw php: /index.php: The command '/sbin/ipfw -x meetings-q /tmp/macentry_meetings.rules.tmp' returned exit code '0', the output was '00002 pipe 4138 ip from any to any MAC a8:20:66:2b:bb:47 any 00003 pipe 4139 ip from any to any MAC any a8:20:66:2b:bb:47'

        Looks like a space is necessary in the mwexec command generation.  captiveportal.inc line 1871

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • E Offline
          eri--
          last edited by Aug 1, 2013, 6:40 PM

          Fixed thanks for reporting.

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received