Simple Captive Portal Config not Loading Login Page



  • I've had a captive portal working for a few years for guest access but it has suddenly broken.  My access points are using a second SSID on vlan 1003. I have a Guest interface set up at 192.168.4.1.  My LAN is at 192.168.2.1.  If I disable the captive portal, connections to my guest network are allowed internet access.  I believe the only change I've made since this last worked was to upgrade to 2.3, then the maintenance upgrades after that.

    I believe the issue lies with serving up the page or accessing port 8002.  The clients get IP addresses on the 192.168.4.x network.  Using the utility in pfSense I can ping Google and Yahoo from the Guest network as well so I don't believe it is a DNS issue.  When a guest connects, it appears the redirect works but the captive portal login page never loads.  Manually typing in the captive portal address  of 192.168.4.1:8002 doesn't load.  If I'm on the LAN network, I can manually enter 192.168.2.1:8002 and see the login page.  I do have firewall rules blocking the guest clients from access to the web gui, but specifically on ports 80 and 443.  I tried disabling these just in case with no luck.

    The only packages I have installed are mailreport, OpenVPN Client Export, and RRD Summary.

    I attached my current captive portal config and guest network firewall rules.  There's nothing set on any of the other tabs in the CP config.  Normally I severely limit the guest bandwidth and use a custom login page.  I actually deleted my old CP config and started over just in case.

    I appreciate any pointers.  Not sure where else to look.





  • LAYER 8 Netgate

    Yeah that looks like it should be working.  What did you upgrade from?



  • I have the same problem after update to 2.3 the captive portal not redirect to login page.

    @matt_m:

    I've had a captive portal working for a few years for guest access but it has suddenly broken.  My access points are using a second SSID on vlan 1003. I have a Guest interface set up at 192.168.4.1.  My LAN is at 192.168.2.1.  If I disable the captive portal, connections to my guest network are allowed internet access.  I believe the only change I've made since this last worked was to upgrade to 2.3, then the maintenance upgrades after that.

    I believe the issue lies with serving up the page or accessing port 8002.  The clients get IP addresses on the 192.168.4.x network.  Using the utility in pfSense I can ping Google and Yahoo from the Guest network as well so I don't believe it is a DNS issue.  When a guest connects, it appears the redirect works but the captive portal login page never loads.  Manually typing in the captive portal address  of 192.168.4.1:8002 doesn't load.  If I'm on the LAN network, I can manually enter 192.168.2.1:8002 and see the login page.  I do have firewall rules blocking the guest clients from access to the web gui, but specifically on ports 80 and 443.  I tried disabling these just in case with no luck.



  • I forget what the last version I had was before 2.3 but it wouldn't have been more than 1-2 releases old as I generally stay pretty current.  I am current right now.



  • Hi Matt

    For me, I'm updated from 2.2.6 to 2.3.1 then captive portal was failed.
    I try install a fresh 2.3.1 on other machine and re-config captive portal it working, but I still waiting for the solution :'( :'(


  • LAYER 8 Netgate

    No known issues here. Works fine. I guess the next thing to do would be a packet capture on the GUEST interface then attempt a CP load. Not sure what else to suggest.



  • Well call me dumb.    Didn't think about the fact that I recently replaced my old Apple Airport Extreme's with Ubiquiti AC Lites.    Even though I didn't configure any guest restrictions or the captive portal there, I had marked the guest WLAN as a guest network.  Somehow the two are trampling each other.  I reconfigured the guest WLAN as a normal WLAN in the Unifi controller and now everything is fine.  I think it was working when I installed the Ubiquiti gear and broke when I upgraded to 2.3, because I'm pretty sure I tested the guest network then.

    My teenage daughter's friends will be happy to have internet again even if it is only 5x1  8)



  • For Me, I just fixed by changing the DNS from 8.8.8.8 to ISP's DNS.



  • @Mr.Hitman:

    For Me, I just fixed by changing the DNS from 8.8.8.8 to ISP's DNS.

    Something (your ISP ?) is blocking Google's DNS ;)


  • LAYER 8 Netgate

    Or 8.8.8.8 not being passed by the captive portal config.


Log in to reply