[HOWTO] Captive portal + FreeRADIUS + local MySQL user friendly single step
-
- CP Post Login.png (23.07 kB, 1920x1032 - viewed 0 times.)
That image shows the problem very well.
http://192.168.56.200:8002/?
isn't a valid URL (IP is ok, port 8002 also - but with the file called '?' the web server (Nginx) will yell … euh log something and show you the file not found error - also known as world's famous "404".Knowing that the correct URL will be build with "$PORTAL_ACTION$" I wonder what your this variable is in your case.
Edit your portal.html (and portal.php or whatever files are used to create te loggin page, and add this " html code ":
... PORTAL_ACTION == [$PORTAL_ACTION$] ....With my portal, this line shows :
PORTAL_ACTION == [https://brit-hotel-fumel.net:8003/index.php?zone=cpzone1]and this is a valid URL (works with my pfSense setup - I'm using https, this explains the "8003" port - and the zone name is 'cpzone1')
So, what about showing your "portal login html files" ?
edit : I didn't test-drive, but this :
https://github.com/deajan/pfSense-cp-auth-onestep/blob/master/ozy-captive.php#L331
looks fine to me. -
Good morning Gertjan!
I am sending the index.php file.
Sincerly, I don't know what to do. I read a lot of docs about captive portal and followed the advices from other people with the same problem, but nothing is working.
My best regards and thanks by your attention! -
heyy guys, first of all thank you Deajan for the amazing work, really, it helps alot, now to my problem, i am currently on pfsense 2.3.4, and everything seems to be working fine except for the radius login part, i can see the users in the MYSQL database but they are all Rejected, the configuration of the ports on the radius server is ok, i was able to find this in the logs
"Invalid user (sql1: Failed to create the pair: Invalid vendor name in attribute name "Password"): [123] (from client tester port 2010 cli "
i believe from what ive read that there is no such thing as apassword atribute, it must be Cleartext-Password, the problem is that i cant seem to find where to change the value, could you please help me out?,
FYI if i use the test user and test password i can log in no problem and the mysql database also reflects that, so im guessing its just some sintaxis problem.
thanks
-
I'd like to mention that I'm NOT using Freeradius and MySQL to handle te Captive portal clients.
(I just 'stole' somewhat the GUI part).
I'm running the Captive portal for a hotel for many years now - just using the local client database, built into pfSense.I tend to keep it simple, which guarantees that my portal is always available, which is THE most important thing for my clients.
Tracking or accounting my clients is not one of my priorities - I'm not selling Internet access - I just offer it.
-
FOLLOWUP, in case anyone is hitting the same problem as me, the problem is with freeradius3, so first of all you need to change the attribute type on the file ozy-captive :
From : "INTO radcheck (username, attribute, value) VALUES (?, 'Password', ?)")) "
TO: INTO radcheck (username, attribute, value) VALUES (?, 'Cleartext-Password', ?)"))
And then you need to change the file Schema.sql BEFORE you add it to the radius database
FROM:
CREATE TABLE radcheck (
id int(11) unsigned NOT NULL auto_increment,
username varchar(64) NOT NULL default '',
attribute varchar(64) NOT NULL default '',
op char(2) NOT NULL DEFAULT '==',
value varchar(253) NOT NULL default '',
PRIMARY KEY (id),
KEY username (username(32))
) ;TO:
CREATE TABLE radcheck (
id int(11) unsigned NOT NULL auto_increment,
username varchar(64) NOT NULL default '',
attribute varchar(64) NOT NULL default '',
op char(2) NOT NULL DEFAULT ':=',
value varchar(253) NOT NULL default '',
PRIMARY KEY (id),
KEY username (username(32))
) ;I hope this helps anyone My problem was with pfsense 2.3.4 FRERADIUS 3
-
@deajan thanks for the easy to follow tutorial. do you have tutorial on a case which users are limited to a certain amount of data?
-
Good morning guys, I'm having this problem.
PHP ERROR: Type: 1, File: /var/etc/captiveportal_publicwifi.html, Line: 157, Message: Class 'mysqli' not found @ 2017-08-11 08:54:53
-
Good morning guys, I'm having this problem.
PHP ERROR: Type: 1, File: /var/etc/captiveportal_publicwifi.html, Line: 157, Message: Class 'mysqli' not found @ 2017-08-11 08:54:53
This is what the error says :
Your are using "PHP mysqli extension" command(s) in your own portal login page. You can't. The PHP msqli extension library should be installed first.
I can't tell you how to do that on pfgSense. It might be possible. -
Hi everyone, I want to changhe the page after portal login, with putting some image to make it more readable.
I see that there are two variable in captiveportal-config.php $continue_string, $noScript_string, but i can't see it in the php main page.
Someone can me say where these variables are used, and where is the page after the portal login?
-
Good morning guys, I'm having this problem.
PHP ERROR: Type: 1, File: /var/etc/captiveportal_publicwifi.html, Line: 157, Message: Class 'mysqli' not found @ 2017-08-11 08:54:53
This is what the error says :
Your are using "PHP mysqli extension" command(s) in your own portal login page. You can't. The PHP msqli extension library should be installed first.
I can't tell you how to do that on pfgSense. It might be possible.Install mysqli with pkg
-
Hi Deajan,
I have configured your setup on my pfsense perfectly.
may i ask how can i set the time limit of the newly registered users and reset the time
ex: new user register, it will have access to internet for 3 hours then disconnect and can only reconnect without having to re-register after lets say after 12 hours.
and thanks for a great guide very much appreciated.. :)
-
Hi All,
anyone already have this working with pfsense 2.4.1?
thanks in advanced.
-
Maybe I found the solution for problem 2
in the File ozy-captive.php I changed the string "Password" to "Cleartext-Password"if (!$statement = $db->prepare("INSERT INTO radcheck (username, attribute, value) VALUES (?, 'Cleartext-Password', ?)"))
can someone be so kind and confirm the solution?
Update
I solved the problem Nr.1 using the last new version v0.48 - 03 May 2017
download from https://github.com/deajan/pfSense-cp-auth-onestepPromlem 2 now
after click on connect I recieve "Invalid credentials specfied" with the default
landing page username / password–-----------------
Promlem 1
I receive the Message: „Cannot check database for user.(1) after click on connect at the landing page.
I need some help how to go forward debugging ,Radius seams to be up and running
/root/pfSense-cp-auth-onestep/sql: radtest testu testp 127.0.0.1:1812 0 SuperTest
Sent Access-Request Id 87 from 0.0.0.0:5851 to 127.0.0.1:1812 length 75
User-Name = "testu"
User-Password = "testp"
NAS-IP-Address = 192.168.1.1
NAS-Port = 0
Message-Authenticator = 0x00
Cleartext-Password = "testp"
Received Access-Accept Id 87 from 127.0.0.1:1812 to 0.0.0.0:0 length 20#even mysql is up and running
mysql -p -e "SELECT * FROM radpostauth;" radius
Enter password:
+----+----------+-------+---------------+---------------------+
| id | username | pass | reply | authdate |
+----+----------+-------+---------------+---------------------+
| 1 | testu | testp | Access-Accept | 2017-10-31 21:36:17 |in schema.sql I changed in "CREATE TABLE radcheck" the line "op char(2) NOT NULL DEFAULT ':='," already
Running 2.4.1 with Freeradius 3P.S
ozy-captive.php
@mysql_select_db(DBNAME, $con); seams to work
but this seams to fail ....$query = "INSERT INTO reg_users (familyName, surName, roomNumber, emailAddress, macAddress, ipAddress, regDate, identificator, newsletter) VALUES ('$familyName', '$surName', '$roomNumber', '$emailAddress', '$macAddress' , '$ipAddress', '$regDate', '$identificator', '$newsletter');";
-
I'm running the latest version of pfsense with freeradius3
I followed every detail in the guide but I still cant manage to make everything work.I did try what user "srvrgt" suggested except changing the "==" to ";=" resulted in having an attribute error. ( I left the schema file as it was "==")
I've only changed the password value to cleartext-password in the php file.Now I am facing 2 issues.
1. Whenever a client connects and fills in the form the user gets created in sql but somehow it is not showing up on radius clients tab.
2. When a client submits the form they first get redirected to the new captive portal after clicking the accept button the default pfsense captive portal comes on with the error code that username/password is wrong however
authentication for user testu:testp works because it is in the clients tab on radiusIf someone could help me that would be great!
Thank you in advance -
in the Post is written „:=„ an not „;=„ also a change im the php file
-
I'm running the latest version of pfsense with freeradius3
I followed every detail in the guide but I still cant manage to make everything work.I did try what user "srvrgt" suggested except changing the "==" to ";=" resulted in having an attribute error. ( I left the schema file as it was "==")
I've only changed the password value to cleartext-password in the php file.Now I am facing 2 issues.
1. Whenever a client connects and fills in the form the user gets created in sql but somehow it is not showing up on radius clients tab.
2. When a client submits the form they first get redirected to the new captive portal after clicking the accept button the default pfsense captive portal comes on with the error code that username/password is wrong however
authentication for user testu:testp works because it is in the clients tab on radiusIf someone could help me that would be great!
Thank you in advanceI used the version form v0.48 - 03 May 2017
download from https://github.com/deajan/pfSense-cp-auth-onestep -
heyy guys, first of all thank you Deajan for the amazing work, really, it helps alot, now to my problem, i am currently on pfsense 2.3.4, and everything seems to be working fine except for the radius login part, i can see the users in the MYSQL database but they are all Rejected, the configuration of the ports on the radius server is ok, i was able to find this in the logs
"Invalid user (sql1: Failed to create the pair: Invalid vendor name in attribute name "Password"): [123] (from client tester port 2010 cli "
i believe from what ive read that there is no such thing as apassword atribute, it must be Cleartext-Password, the problem is that i cant seem to find where to change the value, could you please help me out?,
FYI if i use the test user and test password i can log in no problem and the mysql database also reflects that, so im guessing its just some sintaxis problem.
thanks
Do you found a Solution?
-
heyy guys, first of all thank you Deajan for the amazing work, really, it helps alot, now to my problem, i am currently on pfsense 2.3.4, and everything seems to be working fine except for the radius login part, i can see the users in the MYSQL database but they are all Rejected, the configuration of the ports on the radius server is ok, i was able to find this in the logs
"Invalid user (sql1: Failed to create the pair: Invalid vendor name in attribute name "Password"): [123] (from client tester port 2010 cli "
i believe from what ive read that there is no such thing as apassword atribute, it must be Cleartext-Password, the problem is that i cant seem to find where to change the value, could you please help me out?,
FYI if i use the test user and test password i can log in no problem and the mysql database also reflects that, so im guessing its just some sintaxis problem.
thanks
Do you found a Solution?
Thanks for the help :)
I've changed the Cleartext-password atribute in the schema.sql to ":=" and I had to enter my database password in the captive portal setting. Now everything works great.
-
Absolutely amazing work! Congratulations to all of you that made this system.
However I had some issues from users registering with emails with no valid domains (no mx records at all) so I am posting an addon for all of you that want to avoid this :
Add a new error message in captiveportal-config.php like
$novalidmail_string = "The input you provided is not a valid email.";or whatever you want to appear there and make your ozy-captive.php look like this (lines 105 - 117)
if (isset($_POST['emailAddress'])) { $emailAddress = cleanInput($_POST["emailAddress"]); $record = 'MX'; list($user, $domain) = explode('@', $emailAddress); } else $emailAddress = false; if (!checkdnsrr($domain, $record) && ($askForEmailAddress == true)) { $checkMessage = t('novalidmail_string'); $badCheck = true; }Once again great work !
-
Hi guys !
I've a problem with pfSense 2.4.1 and this solution..
I've 'Invalid creditential specified' and in the system logs 'failed retrieving values required to evaluate condition'.
Do anyone can help me ?
Thanks you
