Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive Portal authentication times outs

    Scheduled Pinned Locked Moved Captive Portal
    3 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      legacysl
      last edited by

      Hi,

      I have a captive portal running on 2.3.1. Overall it's working fine but the issue I have is that after a user (it is setup in a hotel environment with most often mobile devices) has to re-authenticate on the CP after their device is either in sleep mode or locked.

      a 2nd part to my question is, is there a way to keep the device authenticate across 2 AP's. As I mentioned it is setup in a hotel and when a guest moves between 2 AP's they have to re-authenticate on the CP.

      Thanks in advance for any help.

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        @legacysl:

        I have a captive portal running on 2.3.1. Overall it's working fine but the issue I have is that after a user (it is setup in a hotel environment with most often mobile devices) has to re-authenticate on the CP after their device is either in sleep mode or locked.

        Ones a session is created, and thus firewall rules are inserted so the device can go through, only TWO situations will remove the session:

        1. Idle time out. With no traffc what so ever, because the device is out of range, or in sleep mode, the connection (session) will be lost. Up to you to chose the right delay.
        2. hard time out : no matter what, when the time is up, the connection will be removed. And guess what : Up to you to chose the right delay ;)

        @legacysl:

        a 2nd part to my question is, is there a way to keep the device authenticate across 2 AP's. As I mentioned it is setup in a hotel and when a guest moves between 2 AP's they have to re-authenticate on the CP.

        Strange.
        I can connect to the captive portal using my "AP-1" nearby the reception (I'm also using pfSense in a hotel) and then go to the the second floor, switching to another AP-4 and, guess what, I'm still connected. Because my device will receive the same IP when the wifi connections is reestablished  - I'm still using the same MAC (my device), so session firewall rules are still present and valid for my device : my device is still connected to the net, no need to re authenticate.

        I'm using pfSense for many years now. Never saw what you just described.

        Question:
        When you connect with a device, can you check the IP it was given by pfSense on this device ?
        Now, check pfSense : it it the same IP ? The device's MAC is correct ?

        Detail your setup …

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • L
          legacysl
          last edited by

          Thanks for the reply and advise.

          Will check on the assigned IP addresses as suggested.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.