4. Captive portal 'spinning' on initial connect if redirect URL used

Captive portal 'spinning' on initial connect if redirect URL used

  • C

    Hello all,

    It is funny how things work forever then just break…  Running the latest production release.  The captive portal setup is configured as the following:

    When someone connects to the UNC-Setup SSID and opens a browser, they normally connect to 'wifi.sitex.edu'  'wifi.sitex.edu' is a real site that they will be redirected to POST authentication.  But we just tell them to remember the wifi so they won't try to go to an https site and have the thing just spin and spin.  For whatever reason, if they type wifi.sitex.edu, the browser will spin and spin and will not connect them to the authentication portal.  If they go to google or any other http site, it works just fine.  The redirect happens immediately.

    What should I be looking at?  I did a packet capture, and I just see a bunch of SYN  packets and no SYN-ACKs for the attempts to wifi.unc.edu

    0
  • C

    Figured it out.  I had set a static DNS override for google.com to point to wifi.sitex.com in the DNS Forwarder and then had www.google.com as an 'allowed site' in captive portal by accident.

    0

  • Reconsider your solution.
    As you already said :
    @carzin:

    If they go to google or any other http site, it works just fine.  The redirect happens immediately.

    So why adding google.com to the 'allowed site' list ?

    Check this https://forum.pfsense.org/index.php?topic=115338.msg644308#msg644308
    Most OS's will open a navigator by default "automatically" when a Wifi connections comes UP (obtained an IP, gateway, DNS, etc) and the direct "Internet connections" (with a test http call). No end user interaction needed.

    Check this :
    @carzin:

    For whatever reason, if they type wifi.sitex.edu, the browser will spin and spin and will not connect them to the authentication portal.

    Where is "wifi.sitex.edu" ? Is it the URL being served by pfSense or elsewhere ?  If it's the latter, it should be added to the 'allowed site' list.
    Check also if "wifi.sitex.edu" is including pages from other locations (Google analytics, etc) because this will block the loading of the page (your "spinning around").

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy