Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Enable captive portal can't solv dns (need help)

    Scheduled Pinned Locked Moved Captive Portal
    8 Posts 3 Posters 10.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      ccsniper
      last edited by

      when i enable captive portal service and pass authen but clients can't solv dns and access to internet .
      ,when i test stop service captive portal clients able to solv dns and access to internet  :'(

      enyone can help me

      thank you for advance

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        Add on the captive portal page a "Allowed IP addresses" entry with as destination the DNS server of the clients.
        Alternatively set your clients to use pfSense as DNS.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • GertjanG
          Gertjan
          last edited by

          @GruensFroeschli:

          Alternatively set your clients to use pfSense as DNS.

          I just checked this, and after a ipconfig /all, I saw that my DNS is set to the IP of the portal server (pfsense = 192.168.2.1 in my case).
          I think I didn't take anything of the default values, concerning pfsense.

          It seems rather logic to me that wireless (portal) connections always should use DHCP, which will inform the client PC with all the needed settings, like IP, mask, gateway, DNS, DHCP, time server, etc.

          That a simple "www.going-some-where.com" doesn't work right away doesn't mather, because it will be redirected to the 192.168.2.1:8000/…... (in my case) portal page anyway.
          After auth, the URL will be re-writen with "www.going-some-where.com" and all ports are open to that client.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • C
            ccsniper
            last edited by

            @GruensFroeschli:

            Add on the captive portal page a "Allowed IP addresses" entry with as destination the DNS server of the clients.
            Alternatively set your clients to use pfSense as DNS.

            ok .i let "allowed ip address " at service captive protal page but it's still not work. (able to authen but could not to receive data)

            I test ping to outside netwok (such as yahoo , google) from Diagnostics page , the server able to ping and solv dns success both wan - lan inetrface.
            but,when i test ping from my clients i receive request timed out.

            (my clients point gateway-DNS  to pfsense server and use default firewall rule )

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan
              last edited by

              A couple of question:

              CP running from an OPTx interface ? or are you using a Wifi network card ?
              Is the client PC using DHCP ? and, are you receiving an IP from the "CP" Interface ?
              How do you connect to the "CP" interface ? If it's a simple network card (i.e. OPT1) you can use a classic network cable (crossed if from OPTx directly to client PC).
              Do you see the login page ?
              Do you use the local user manager ? (Skipping Radius for now)

              What does the Status->Captive portal says ?
              What does the Status->system logs->Portal auth says ?

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • C
                ccsniper
                last edited by

                @Gertjan:

                A couple of question:

                CP running from an OPTx interface ? or are you using a Wifi network card ?
                Is the client PC using DHCP ? and, are you receiving an IP from the "CP" Interface ?
                How do you connect to the "CP" interface ? If it's a simple network card (i.e. OPT1) you can use a classic network cable (crossed if from OPTx directly to client PC).
                Do you see the login page ?
                Do you use the local user manager ? (Skipping Radius for now)

                What does the Status->Captive portal says ?
                What does the Status->system logs->Portal auth says ?

                • i use lan interface for CP service by default  and assign  DHCP service for my clients , my clients received ip / GW-DNS point to pfsense server.
                • i check CP status is running  and see login page and passed authen.
                • i use local authen.
                • log in session found at CP status.
                • when i disable CP service my clients able to access to internet and solv dns normally (use pfsense as GW and DNS)

                this is CP log able to log  in-out
                Sep 1 20:45:51 logportalauth[378]: LOGOUT: test, 00:1f:c6:c4:68:c0, 192.168.21.250
                Sep 1 20:45:58 logportalauth[378]: LOGIN: test, 00:1f:c6:c4:68:c0, 192.168.21.250

                thank you for advance    :-[

                1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan
                  last edited by

                  So, your CP is running from LAN.

                  What are the LAN firewall rules ?

                  Is it possible that you run CP from it's own OPT1 interface ? (another thread is going on right now about troubles running CP from LAN ….)
                  I would say : CP is meant to be running from OPTx, not from the network card 'LAN'.
                  I'm using the CP now for 3 years (LAN = compagny, CP = non trusted clients - I use pfsense for a hotel, with the classic setup)

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • C
                    ccsniper
                    last edited by

                    @Gertjan:

                    So, your CP is running from LAN.

                    What are the LAN firewall rules ?

                    Is it possible that you run CP from it's own OPT1 interface ? (another thread is going on right now about troubles running CP from LAN ….)
                    I would say : CP is meant to be running from OPTx, not from the network card 'LAN'.
                    I'm using the CP now for 3 years (LAN = compagny, CP = non trusted clients - I use pfsense for a hotel, with the classic setup)

                    ok.i'm let enable CP on OPT1 interface it's work. ;)
                    thank you for advance

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.