Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot connect when captive portal is enabled

    Scheduled Pinned Locked Moved Captive Portal
    24 Posts 4 Posters 4.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      muswellhillbilly
      last edited by

      @nappy_d:

      I don't have an issue rebuilding.

      Sounds like the best solution, though as Derelict suggests, use the amd64 version. I'd also test each step, leaving enabling the captive portal until the end. Use just the default CP page to ensure it's working before you try making any customisations or alterations. Then move on from that and ensure the CP continues working after each change. If it fails at any point, undo the last change you made and work on from there.

      1 Reply Last reply Reply Quote 0
      • N
        nappy_d
        last edited by

        64bit is now installed and the same issue exisits.  I am unable to reach the captive portal page.

        1 Reply Last reply Reply Quote 0
        • M
          muswellhillbilly
          last edited by

          How are you setting up your captive portal? What settings are you putting in for the authentication server? Are you really running this as a vanilla installation, or are you changing anything at all? Did you go through the steps I suggested in my last post?

          1 Reply Last reply Reply Quote 0
          • N
            nappy_d
            last edited by

            @muswellhillbilly:

            How are you setting up your captive portal? What settings are you putting in for the authentication server? Are you really running this as a vanilla installation, or are you changing anything at all? Did you go through the steps I suggested in my last post?

            See reply number 6 above.  This is my configuration and there is nothing entered for the authentication server.

            The instant that I enable a captive portal for OPT1, vLAN30, internet connectivity is lost and the captive portal auth page does not appear.

            TP-Link PCI-E gigE NIC
            vLAN1 172.16.0.1 is  the pfSense physical interface
            vLAN30 172.16.11.1 is a sub interface on the TP-Link

            1 Reply Last reply Reply Quote 0
            • M
              muswellhillbilly
              last edited by

              @nappy_d:

              See reply number 6 above.  This is my configuration and there is nothing entered for the authentication server.

              So how are you authenticating your users? Are you using local accounts?

              Might be an idea to post a full screenshot of your captive portal settings.

              1 Reply Last reply Reply Quote 0
              • N
                nappy_d
                last edited by

                The current setup is:
                UniFi AP setup with 3 vLANS

                • vLAN1 my default vLAN and the physical(gig-E NIC) interface 172.16.0.1
                • vLAN30(172.16.11.0/24) is a sub-interface on the TP-Link gigE NIC
                • on my AP it is configured as open for Guest WiFi
                • I have configured one local account on the pfSense called Wifi(with a password).  Added this account to the capitve portal security group

                What works

                • No rules configured for vLAN30
                • connect my phone(or laptop) to the guest ssid
                • internet access works 100%
                  What doesn't work
                • no rules configured for vLAN30
                • enable captive portal(See settings http://1drv.ms/1SakuBD)
                • no more internet access or redirection to the captive portal login page.
                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  If you have no rules configured interface VLAN30 will not pass any traffic.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • N
                    nappy_d
                    last edited by

                    @Derelict:

                    If you have no rules configured interface VLAN30 will not pass any traffic.

                    I have also configured the following rules attached and when configured no traffic passes when the captive portal is enabled.

                    ![Screen Shot 2016-01-22 at 8.43.25 PM.png](/public/imported_attachments/1/Screen Shot 2016-01-22 at 8.43.25 PM.png)
                    ![Screen Shot 2016-01-22 at 8.43.25 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-01-22 at 8.43.25 PM.png_thumb)
                    ![Screen Shot 2016-01-22 at 8.44.40 PM.png](/public/imported_attachments/1/Screen Shot 2016-01-22 at 8.44.40 PM.png)
                    ![Screen Shot 2016-01-22 at 8.44.40 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2016-01-22 at 8.44.40 PM.png_thumb)

                    1 Reply Last reply Reply Quote 0
                    • DerelictD
                      Derelict LAYER 8 Netgate
                      last edited by

                      If you can't get through the portal you can't get onto the internet. That's kind of the point.

                      Only passing TCP and UDP you won't be able to ping - that's ICMP. Just use any.

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • N
                        nappy_d
                        last edited by

                        Point taken on "use any".

                        I am unfortunately still stuck on not being able to browse the internet from the guest WiFi vLAN when the captive portal is enabled. :(

                        Now on a 64bit install and same issues.

                        1 Reply Last reply Reply Quote 0
                        • DerelictD
                          Derelict LAYER 8 Netgate
                          last edited by

                          Post your CP config. You might have a combination of options that breaks it.

                          Chattanooga, Tennessee, USA
                          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                          Do Not Chat For Help! NO_WAN_EGRESS(TM)

                          1 Reply Last reply Reply Quote 0
                          • N
                            nappy_d
                            last edited by

                            Been poking around and tonight I came across this in my system logs and seems to be the reason the portal is failing…

                            I didn't notice this before but I decided to kill process 47600.  After doing this, the captive portal was able to start and function 100%

                            Jan 23 21:07:15 lighttpd[47600]: (mod_fastcgi.c.1744) connect failed: No such file or directory on unix:/tmp/php-fastcgi-guest_wifi.socket-0
                            Jan 23 21:07:15 lighttpd[47600]: (mod_fastcgi.c.2846) backend died; we'll disable it for 1 seconds and send the request to another backend instead: reconnects: 5 load: 1
                            Jan 23 21:07:15 lighttpd[47600]: (mod_fastcgi.c.3414) all handlers for /index.php?zone=guest_wifi&redirurl=/Hw1fHFTVccGuYh/flixxebJVDTNnp/K4SAaSf48vnxog/wcaiRO5jX9C3v3/s6pqpxlXD5QUXK.html on .php are down.
                            Jan 23 21:07:17 lighttpd[47600]: (mod_fastcgi.c.2604) fcgi-server re-enabled: 0 /tmp/php-fastcgi-guest_wifi.socket

                            1 Reply Last reply Reply Quote 0
                            • GertjanG
                              Gertjan
                              last edited by

                              I wonder where this came from :
                              @nappy_d:

                              Jan 23 21:07:15 lighttpd[47600]: (mod_fastcgi.c.3414) all handlers for /index.php?zone=guest_wifi&redirurl=/Hw1fHFTVccGuYh/flixxebJVDTNnp/K4SAaSf48vnxog/wcaiRO5jX9C3v3/s6pqpxlXD5QUXK.html on .php are down.

                              No "help me" PM's please. Use the forum, the community will thank you.
                              Edit : and where are the logs ??

                              1 Reply Last reply Reply Quote 0
                              • N
                                nappy_d
                                last edited by

                                I saw that and not sue what it is from.  I do have a redirect URL entered but not sure if that's what was causing this issue.  The same redirect URL is there in my now working config.  I have not had any issues so far sine I killed the process and restarted the captive portal.

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.