Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal not working with some domains

    Captive Portal
    2
    4
    1.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      adamjezek
      last edited by

      Hi,
      I've got a Captive portal set on pfsense. When I connect to the network and open eg. google.com, wikipedia.org, facebook.com, the browser timeouts. But when i visit eg. google.cz, itnetwork.cz, seznam.cz, I'm instantly redirected to the captive portal login page. When I login and try to visit pages, that weren't working before (google.com, wiki, facebook), it works now.

      I think, it ma be because the captive portal is blocking access to the DNS server. However, when I disable the captive portal, connect to the network, use nm-tools in Linux to get the DNS server IP, I get only IPs that I already allowed in Captive portal.

      What should I do? Is it possible, that not .cz domains are translated by another DNS server, which doesn't shows up in nm-tools? If so, how to get this DNS server IP? Is there any command in linux, to show not only domain IP (like host command), but also IP of DNS server which was used?
      Thanks.

      1 Reply Last reply Reply Quote 0
      • M
        muswellhillbilly
        last edited by

        For the captive portal page to load, DNS must be working at the outset. So you can do one of two things:

        1. Activate the DNS forwarder on your PFS and set your DHCP settings on your clients to use the LAN address of the PFS as their primary DNS server.

        2. Set the IP address of your external DNS servers in the 'Allowed IP addresses' tab of your captive portal config. Set you DHCP server to give these DNS servers as the primary/secondary DNS entries for your clents.

        Either of these solutions should work. From the sound of things, your clients are using a DNS server which can't resolve some external addresses.

        1 Reply Last reply Reply Quote 0
        • A
          adamjezek
          last edited by

          2. I have this setted before, as I said.

          1. I activated DNS forwarder and set the DNS to the IP of pfsense's captive portal intefrace. It seem's it works in most cases, but even after login, I can't access google.com - chrome says DNS_PROBE_FINISHED_BAD_CONFIG. But all non-google.com pages (like youtube or google.cz) works fine.

          1 Reply Last reply Reply Quote 0
          • A
            adamjezek
            last edited by

            So the problem solved itself. Propably it needed a while to let the changes take effect at all clients.
            Some web pahes still didn't redirect to cp login, but it showed up it's because of https…

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.