Lan users cant connect to internet
-
hi
iam new to pfsense ,i have aproblem .i have 2 card on server pfsense wan and lan ,pfsense go to internet Done but lan users no ,i need to know why and when finished from this problem i want users have mobile and tablet use captive portal authentication ,users can this or no- lam connected to switch and wan connected to router ,dhcp is on on lan card,user gw is lan card
-
Check: https://doc.pfsense.org/index.php/Connectivity_Troubleshooting
-
Thanks
But i need to know if i need any rules at firewall to get internet working -
https://doc.pfsense.org/index.php/Connectivity_Troubleshooting#Firewall.2FRules
If you want "specific" answers, you need to "show" (screenshots) how have "configured" your pfSense
-
You do not need to add any rules for basic internet access from LAN in a basic, default installation.
-
OK tomorrow when go to work i will upload an attachment Thanks
-
This an attachment for case .i am waiting for help
-
you don't need a lan gateway
uncheck "Block private networks and loopback addresses" on interfaces–>wan
-
i disabled lan gateway ,and iam not checked any option for wan gateway ,i cant go internet also
-
i found the problem ,when i enabled captive portal internet is not working ,when disabled internet working on lan users ,the question how can i enabled captive portal with access internet at users have mobile or tablet
-
"how can i enabled captive portal with access internet at users have mobile or tablet"
Well set it up and have them auth…
-
first i enabled the captive portal and create user at user manager and when access internet from lan not working (internet not working )
-
Get it working without captive portal first.
-
working without it .how can i work with it plz
-
Any solution plz
-
Dude what is your not understanding about the configuration of captive portal.. So your not using anything else like proxy or snort. You just have out of the box clean install of pfsense, dhcp clients using pfsense as their gateway, lan rules any any. clients using pfsense for dns while dns is just using unbound as resolver.
And everything works - but when you turn on CP it doesn't work? This really is click click..
Here I enabled cp on 1 of my wifi networks, on the wlan interface in pfsense, created a user gave it captive portal permissions
The really only thing other than selecting enable in captive portal and picking the interface(s) you want it to listen on is picking the auth.. So here I set it to use local users, created a local user and gave it permissions to use cp. I then tried to go to www.cnn.com on box on that network and get redirected to login page. I auth, you can see pfsense shows it authed, and on the client I get my website I originally asked for.
If it takes you say more than 30 seconds to get a basic cp up and running and tested your doing something WRONG.. But without knowing what you did and what is happening or not happening its impossible to help you find what that something is.
-
so the firewall rules should not block anything. What is happening exactly when a CP user tries to connect to the internet? Can you provide some more details?
-
ipfw (not pf) is placed in the stream and it redirects connections to any:80 to cp_interface:8002 where an nginx instance returns the portal page.
Upon successful login an IP/MAC pair is placed in an ipfw table (Status / Captive Portal / testcp image above) that passes traffic so it is no longer redirected to the portal page.
After that, normal pf LAN rules apply.
-
Can you provide some more details?
This has been taken care of a long time ago.
https://doc.pfsense.org/index.php/Captive_Portal_Troubleshooting
The firewall rules "ipfw" redirect all http requests to the internal web sever that displays the login page IF the user's device hasn't been granted access already.If a user's device has been granted access, the firewall rules accessible in the GUI determine what happens.
edit : great : I'm actually saying the same thing as Derelict.
