[pfsense-2.3.1] captive portal redirect-url before auth
-
:8000 ?
From what version did you upgrade ?
What I recall is that port "8000" hasn't been used for years - and, first of all, shouldn't be hard coded anywhere.It easy to proof this to yourself : use a no tampered pfsense portal (clean install - minimal setting) and a clean browser.
Then go to http://www.google.com (NOT https://www.goolge.com) and it works ….If you have portal troubles, please know that this one exists : https://doc.pfsense.org/index.php/Captive_Portal_Troubleshooting
Can you tell me (and yourself) what this command gives back :
ipfw -x 2 show | grep 'fwd'"x 2" because the command "ipfw zone list" said me to do so.
-
8000 it's an error (it's old port) sorry it's 8003 in my config
so captive portal work perfectly with redirect-url before authentication in 2.2
i upgrade in 2.3 and problem appear
the command said fwd on port 8002 tcp 80 but i have juste one zone on port 8003
i think to delete portal and go to config from scratch
what do you think about?
-
so i'm test config from scratch (i delete the old portal and recreate it)
Now loop stop but stay on blank page
https://domain.com:8003/index.php = blank page
and
https://domain.com:8003/index.php?zone=zone_name = blank page -
Hi All,
Me too facing a similar issue.
I need to show a video before authenticating. The video shows correctly before authentication but it doesn't redirect to the CP.
I placed a link on the video page http://10.10.10.1:8002/?zone=local and also http://10.10.10.1:8002/index.php but both return a blank page when the link is clicked.
Me too running 2.3 version.Please help.
Regards,
Vikram -
https://domain.com:8003/index.php = blank page
and
https://domain.com:8003/index.php?zone=zone_name = blank pageBasic - normal 'http' works ? If so, its a https (SSL == certificate issue ?)
If not, it could be a DNS "domain.com" issue (pfSense needs to knwo who "domain.com" so it can inform the client, because browser can not work with "domain.com", they use "IP/index.php like 192.168.2.1/index.php. If the translation "domain.com" to "192.168.2.1" (done by pfSense) doesn't work, then do not use "domain.com" (which has to be used if you activated "https" login - certoficates works with domaine names, nt IP's), or do not use https.Btw : go here and read the very first subject https://forum.pfsense.org/index.php?board=2.0 not all is important for you, but it shwon what need to be done so https login works.
Actually, it explain how to set up a https web server (the one used by pfSense which presents a login page to the visitor) - it can be pretty daunting if it is your first time ….. -
Hey
With ip address it is the same problem
Https work find whitout pre-auth redirect URL, it is really in this case when you want tout go back from the page to CP index -
Hey,
The problem is solved. Using different method although.
Reference post https://forum.pfsense.org/index.php?topic=4937.msg61808#msg61808Regards,
Vikram -
No it is a different method but this problem is not solved. ;)
-
I agree, I do not understand what the difference is between:
"Pre-authentication redirect URL" (html : preauthurl)
and
"After authentication Redirection URL" (html : redirurl)If "After authentication Redirection URL" is set (and only that one) with an URL, I get redirected to that page after login.
If "Pre-authentication redirect URL" is set (and only that one), I get redirected to that page after login.Now, check out the code in /etc/inc/captiveportal.inc - line 1952.
The codes explains what happening ….. but now, what is the meaning of "Pre-authentication redirect URL" if both "Pre-authentication redirect URL" and "After authentication Redirection URL" are present (the second overwrites the first when both set)Do you need the "Pre-authentication redirect URL" page ? (which means to me : before the login page, visitor are redirected else where )
-
"Pre-authentication redirect URL" (html : preauthurl)
and
"After authentication Redirection URL" (html : redirurl)In fact if you want "force" user to see something else for exemple contract agreement, advertising etc.. you use pre-authentication redirect URL.
After user logon the captive portal he is redirect to a website (for exemple a famous search engine ;) ) but he can go where he want ….before not
-
In fact if you want "force" user to see something else for exemple contract agreement, advertising etc.. you use pre-authentication redirect URL.
After user logon the captive portal he is redirect to a website (for exemple a famous search engine ;) ) but he can go where he want ….before not
Yep, that's what I make of it ….
But, if you can 'read' some PHP :
@Gertjan:Now, check out the code in /etc/inc/captiveportal.inc - line 1952.
which I find surprising.
-
The problem is not of url but of this code
it doesn't works in 2.3 version can you help me
Usar el sgte codigo
o en todo caso agregar la linea , a su portal que ya tengan.
Saludos
require("globals.inc"); $request_uri = urldecode(str_replace("/index.php?redirurl=", "", $_SERVER["REQUEST_URI"])); $portal_redirurl = urldecode("$PORTAL_REDIRURL$"); if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) { Header("Location: $PORTAL_REDIRURL$"); exit; } ?> -
For me was happening the same problem. I have a custom page to make the user login, but after the update did not occur redirection. I checked my .html file and noticed a slight difference. The code below was missing.
P.S. At the configuration page of the captive portal has this information.
Example code for the form:I put this entry and voila !!! It worked!!! In 2.2.6 version I didn't have this line and was working normal.
Some explanation?
-
For me was happening the same problem. I have a custom page to make the user login, but after the update did not occur redirection. I checked my .html file and noticed a slight difference. The code below was missing.
P.S. At the configuration page of the captive portal has this information.
Example code for the form:I put this entry and voila !!! It worked!!! In 2.2.6 version I didn't have this line and was working normal.
Some explanation?
Nice to know CP works in 2.3
I'll try it later i hope it is the same for pfsense 2.3 clean installation using the same procedure.
-
yes in 2.3 you must change index page and add the zone field
for me it's when i use the pre-redirurl before authentication
i can't return on the captive portal to connect me
the url
https://hotspot.domain.com:8005/index.php?zone=zone_name
loop on pré-redirurl page
i think that code below is a part of my problem
$request_uri = urldecode(str_replace("/index.php?redirurl=", "", $_SERVER["REQUEST_URI"])); $portal_redirurl = urldecode("$PORTAL_REDIRURL$"); if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) { Header("Location: $PORTAL_REDIRURL$"); exit; } -
the url
https://hotspot.domain.com:8005/index.php?zone=zone_name
loop on pré-redirurl pageMaybe.
But who is gonna use an URL like that ?My setup permits me to :
People visit a http site (let's say : http://www.google.com)
They are intercepted, and redirected to my captive portal page : (which is : https://portal.my-pfsense-domain.tld/….. but who cares)
They identify themselves.
When accepted, they are redirect to the initial URL they were requesting, in this case http://www.google.com -
for me
https://doc.pfsense.org/index.php/Captive_Portal_Pre-authentication_Redirect
not working on 2.3
can i open a bug in pfsense redmine project ?
-
same issue here on 2.3
-
Got the trick.
To Pre-authentication redirect URL works, just remove this line:
require("globals.inc");
From the official help: https://doc.pfsense.org/index.php/Captive_Portal_Pre-authentication_Redirect
Then, the code will look like this:
$request_uri = urldecode(str_replace("/index.php?redirurl=", "", $_SERVER["REQUEST_URI"])); $portal_redirurl = urldecode("$PORTAL_REDIRURL$"); if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) { Header("Location: $PORTAL_REDIRURL$"); exit; } ?>Upload to Portal page contents and be happy
Works fine to me.
Cya
-
yes i remove this line but how can you return on captive portal page to logon ?
this url not working :
The user will be redirected to that URL, and then when the user clicks back to pfSense using a link to the firewall IP address/port, such as http://x.x.x.x:8002/index.php, the referring URL will match the original landing page and the redirect will not happen that time
This still not working on 2.3.1
