Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Captive portal 'spinning' on initial connect if redirect URL used

    Captive Portal
    2
    3
    979
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      carzin last edited by

      Hello all,

      It is funny how things work forever then just break…  Running the latest production release.  The captive portal setup is configured as the following:

      When someone connects to the UNC-Setup SSID and opens a browser, they normally connect to 'wifi.sitex.edu'  'wifi.sitex.edu' is a real site that they will be redirected to POST authentication.  But we just tell them to remember the wifi so they won't try to go to an https site and have the thing just spin and spin.  For whatever reason, if they type wifi.sitex.edu, the browser will spin and spin and will not connect them to the authentication portal.  If they go to google or any other http site, it works just fine.  The redirect happens immediately.

      What should I be looking at?  I did a packet capture, and I just see a bunch of SYN  packets and no SYN-ACKs for the attempts to wifi.unc.edu

      1 Reply Last reply Reply Quote 0
      • C
        carzin last edited by

        Figured it out.  I had set a static DNS override for google.com to point to wifi.sitex.com in the DNS Forwarder and then had www.google.com as an 'allowed site' in captive portal by accident.

        1 Reply Last reply Reply Quote 0
        • Gertjan
          Gertjan last edited by

          Reconsider your solution.
          As you already said :
          @carzin:

          If they go to google or any other http site, it works just fine.  The redirect happens immediately.

          So why adding google.com to the 'allowed site' list ?

          Check this https://forum.pfsense.org/index.php?topic=115338.msg644308#msg644308
          Most OS's will open a navigator by default "automatically" when a Wifi connections comes UP (obtained an IP, gateway, DNS, etc) and the direct "Internet connections" (with a test http call). No end user interaction needed.

          Check this :
          @carzin:

          For whatever reason, if they type wifi.sitex.edu, the browser will spin and spin and will not connect them to the authentication portal.

          Where is "wifi.sitex.edu" ? Is it the URL being served by pfSense or elsewhere ?  If it's the latter, it should be added to the 'allowed site' list.
          Check also if "wifi.sitex.edu" is including pages from other locations (Google analytics, etc) because this will block the loading of the page (your "spinning around").

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense Plus
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy