Clients can make a DNS resolution but do not see the captive portal
-
Hello,
I am currently installing Pfsense to try to replace an existing captive portal solution on a rather large network (2 firewalls, DMZs etc etc...).
Currently the captive portal in place is as follows:(NET)-----[ firewall-1 ]----(Captive portal)-------[ firewall 2 ]-------(Vlan User wifi).
My users in the wifi vlan can make DNS and ping pfsense resolutions, after capturing frames, I see DNS requests passing through pfsense, but despite the fact that the captive portal is enabled, I can't see it on the vlan wifi side, I don't see any frames passing it either.
I disabled the blocking of private networks on my wan and lan interfaces, I also opened the rules of my firewall.
In frame captures, pfsense sees the @IP and @mac of the machine in the user vlan.
Anyone have any idea why the captive pfsense portal doesn't want to show up?
-
So clients are just blocked and never redirected to the captive portal login?
But they can ping things?
https://docs.netgate.com/pfsense/en/latest/captiveportal/captive-portal-troubleshooting.html#captive-portal-not-redirecting
Steve
-
Hello,
the only thing clients prevent ping is the pfsense LAN interface
-
You really have to put a [ firewall 2 ] in front of pfSense (captive portal) ?
-
yes I have no other choice in the current network configuration imposed by my company, but firewall 2 only serves as a gateway, it does not block anything and does not do NAT, it simply redirects requests.
Plus I declared the roads on pfsense, I don't really know what to do anymore:/
-
I advise you to make the captive portal work without this "firewall2".
Add "firewall2" only when everything works perfectly.