Captive Portal Hard Timeout & DHCP Maximum Lease Time

  • Hi There. I have a problem with Captive Portal Hard Timeout. I can see from the CP status that the usernames are disconnected when hard timeout is reached but on the users gadgets and laptop, the network/WIFI are still connected. Just to test, I have configured the CP hard timeout to 5 minutes then the DHCP Max Lease Time is 360 seconds (6 mins.).  I'm using Local User to Authenticate.

    Any help will be greatly appreciated…. T.I.A.  :) :) :)

  • They are still connected to the wifi, but they are blocked from accessing the internet. they need to still be connected to the wifi, or they can not log in again (if they are allowed to).

    At least that is what is supposed to happen.

  • tells you what happens.


    ipfw table all list

    half a minute before hard time out,
    and one again after time out.
    The user's devices IP and MAC are removed from the tables after time out.
    (and I guess the related states are reset)
    The device will not be able to "pass through" pfSense anymore. A re-authentication is needed.
    At least, this is what I see what happens (been trying for the last nearly 10 years now).

    DHCP should be set much longer as 6 minutes. If your free IP pool gets empty, you could play (= lower) with the DHCP lease time. If not, leave to default.
    Anyway, as you can see when executing

    ipfw table all list

    the DHCP protocol always passes.

Log in to reply