Need Help with https log in



  • Hi guys,

    I recently updated to Version 2.4.2 I have an issue when enabling https log in for my captive portal.

    what I did is define the FQDN in the DNS forwarder service (host overrides) and use it in the captive portal "HTTPS server name" but the guest gets redirected to the pfsense log in page, Not the captive portal page.

    Anyone knows how to fix this? or maybe I did something wrong with the set up.

    Thanks



  • Best guess based on that limited information is that you are running your captive portal on the same interface as the access to the pfsense box. So try the below.

    Move your pfsense login page to a port other than 443 under System -> Advances ->Admin Access and put something like 4443 in the TCP port field. Then restart.



  • And take note of this : the most easy way of running a "Captive portal" is to put in on a dedicated interface.



  • Hello Again,

    Here is network set up

    I Have 3 ports being utilized in my pfsense unit

    Port 1 - ADMIN Interface: 192.168.2.1/20
    Port 2 - WIFI Interface: 172.16.1.1/20
    Port 3 - WAN Interface

    What I did;

    Captive Portal is being used in WIFI Interface Only
    On Captive Portal Settings;

    Captive Portal Zone Name - guestportal
    Log Out Button - Enabled
    HTTPS Log In - Enabled
    HTTPS Server Name - guestportal.net
    HTTPS Forwards - Disabled

    Services> DNS Forwarder
    Added Host Override:
    Host - guestportal
    Domain - net
    IP Address - 172.16.1.1 (IP of WIFI Interface for Captive Portal)

    Here is whats happening:
    Upon connecting to Wifi, the client device automatically gets redirected to captive portal log in page (no problem here) although I've noticed in pFsense version 2.4.2 the Portal URL is
    https://guestportal.net:8003/?zone=guestportal on earlier pfsense version it was only like https://guestportal.net:8003

    The problem is when a client wants to log out and they typed into the browser address bar guestportal.net instead of being redirected to the log out page of the captive portal, the browser gets redirected instead to pfsense log in page on that interface.

    Did I miss something in the set up?



  • @AYSMAN:

    …..
    I've noticed in pFsense version 2.4.2 the Portal URL is
    https://guestportal.net:8003/?zone=guestportal on earlier pfsense version it was only like https://guestportal.net:8003

    Yep, that's normal.
    pfSense supports more then one captive portal, each being called a "zone".
    This was implemented a couple of versions ago (2 years or so).

    @AYSMAN:

    The problem is when a client wants to log out and they typed into the browser address bar guestportal.net instead of being redirected to the log out page of the captive portal, the browser gets redirected instead to pfsense log in page on that interface.
    Did I miss something in the set up?

    Yep. People should not have type in the address. To complicated - they WILL make errors. They should "accept" a popup windows (they actually never allow pop up in there browsers …. as you already know). The logout popup is send to the client when connecting, and if they really have a good reason to disconnect "by hand" they shouldn't close this window (and logically, accepts popup from your portal interface : so what about telling them when they login ?  ;)) - and they could use it when needed.


Log in to reply