Captive Portal Issue - Need Help
-
Hello guys, im doing a final work at my IT School, and my project is to set up a captive portal, im obviously using pfsense,
As i have all the documentation at school and we can't get that to home i will explain what i did and what is not happening;
First of all i installed the pfsense on a Server, all following a guide, afterwards i configured:
1 WAN: 172.16.203.70 (which is the ip from school teacher told to use that for wan).
1 LAN: 192.168.10.1 (LAN to connect to another pc and configure, then use the Captive portal).After that i went to the class again, i took a Virtual Machine with DHCP connected to the Server LAN, i enter the web configuration on the explorer, i started configuring the Captive Portal, used an already made Portal Page.
Basically what i did is set up the "Services -> Captive Portal" fully following a guide and then, when im suppossed to Test it, using an explorer to search; www.yahoo.com, im supposed to get "Hey, login first:" but i get "No internet Connection" the default no connection thing.
I'm not sure if im doing something wrong, i would appreciate the help so much, im 10 days to the presentation day and im on a hurry :'(, English is not my native lenguage i hope you understand me.
Leave a comment with your questions about my project so i can answer them, i appreciate your help guys, have a good day!!!
[ An example of a guide i followd [url=https://turbofuture.com/computers/How-to-Set-Up-a-Captive-Portal-Using-pfSense]https://turbofuture.com/computers/How-to-Set-Up-a-Captive-Portal-Using-pfSense ]
[Modify 1: In that link as you can see the Point 4: 4. Testing the Basic Portal - is where im stuck and is not happening to me]
-
Make sure you are passing through IP addresses the client uses for DNS resolution.
The easiest thing is to tell DHCP to give the pfSense LAN interface - the interface address of the interface running captive portal, as the DNS server and configure DNS forwarder/resolver listening on that interface.
If you have DHCP giving, say 8.8.8.8,8.8.4.4 as DNS servers then those IP addresses have to be entered in Services > Captive Portal (Edit) > Allowed IP Addresses
A browser will not initiate a connection on port 80 to a hostname without DNS. Without that connection there will be no CP login page.
Also make sure you are not connecting to an https page. enter 10.1.1.1 into your location bar to be sure.
-
Hi, thanks for your reply Derellct,
I'm getting the correct IP from DHCP,
Pfsense server LAN ip is: 192.168.10.1, DHCP is configured so it gives from 192.168.10.10 to 192.168.10.100, im on 192.168.10.14 on the client pc by dhcp.
Right now im on school and i will take a screenshot at everything i did so maybe you can help me out what im missing out.
http://imgur.com/a/BYQK6
-
So what happens when you enter 10.1.1.1 into your web browser?
-
Unable to connect
Firefox can't establish a connection to the server at 10.1.1.1.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer's network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. -
Get rid of that $portal_redirurl$ in the pre-auth URL field and try again. These random, amateur, ancient, internet "walk-throughs" amount to malware.
-
I deleted that, now its blank, still remains the same message,
I think, probably its a conflict of my school dns or dhcp ?? not sure, i think the configuration is ok.
Now im trying to put 1 Access Point and try it with my Phone.
-
Wired, Wireless, no difference. Attempting a connection to 10.1.1.1 eliminates DNS issues, which is why I suggested it.
You probably need to get a competent operator who can identify DNS, DHCP, routing, or other issues to put a client behind your portal to figure out what you have done wrong.
-
I think, probably its a conflict of my school dns or dhcp ?? not sure, i think the configuration is ok.
Don't think.
Be sure ;)
Check it.When a client connects to the "pfSense Captive Portal network" it should obtain an IP from pFsense (and from no one else).
You can check so with your device (the IP, gateway and preferred DNS)
You can see the lease showing up in pfSense.
You can see the DHCP server log in pfSense showing the device asking for an IP.Now im trying to put 1 Access Point and try it with my Phone.
Be aware that your AP should be AP - remove any DHCP server activities - shut down any router mode functions.
It should be a "transparent radio to wire" device.