Does captive portal work at all in 2.4.2?



  • I've spent several day strying to make use of the captive portal feature.
    so far it seems to just be a "block all internet from all users" feature.

    This is what I BELIEVE is supposed to happen:

    • I specify a user.
      I turn on captive portal with various settings.
      User can no longer to ANYTHING on internet (i.e all packets dropped)
      USer tries to surf a page
      User gets login screen
      USer enters info (or ticket)
      User can (subject to default bandwidth) do all internet activities
      After a while internet stops working
      User goes to #5

    what happens:
    I turn on Captive Portal
    User can no longer access internet

    I have put the user's mac address in the white list just as a test.. made no differnence.

    Is there a way I can dump out relavent settings t post them here? (new to pfsense..  always ran home-build FreeBSD gateway before, thought I'd give pfsense a go.

    other issues..
    bandwidthd doens nothing when installed and enabled, except show an empty stats screen that is mostly unresponsive.
    Trying to set shaping results in an error about altq not being available on wlan..
    Traffic shaper in incredibly cryptic.
    no easy way to see bandwidth used by each client machine over time

    A little underwhelmed at the moment.. about 50% of features I've tried do nothing or at least , not what I'd expect. But it could easily be Pilot error.

    All I want to do is limit bandwidth for each kid, and have the DNS respond "no" to some dns lookups (e.g. youtube,com  when it's homework time).


  • LAYER 8 Global Moderator

    So lets see how your connected, and yes post up your settings..

    It really is clickity clickity..

    Turn it on
    Auth
    Access

    It is that simple.

    I created captive portal on lan.
    I set it to user users.
    I created user..
    I then try to hit a http site - www.cnn.com in this example.
    Get redirect to captive portal
    Auth
    Get Access
    You can see pfsense showing one user with access through captive portal.

    So really basic captive portal is like setting interface and auth method or no auth and hitting save.  But you need to be using pfsense for dns, etc.
    https://doc.pfsense.org/index.php/Captive_Portal



  • LAYER 8 Global Moderator

    As to bandwidthd..

    Again clickity clickity..

    Install the package.
    Turn on the package
    Wait a few minutes access the info

    So without some details of what your doing, how you have your network setup its going to be impossible to point out your pilot error.




  • well bandwidthd has decided to start working.. after a coupel of reboots, suddenly I noticed it was actually responding, and sure enough there was data.

    I've given up on captive portal for  a while.. I"ll get back to it ehan I have a week to spend on it again :-)
    using the mac filter to exempt people from CP seems to work as a manual on/off switch..  which will do for now.



  • Like to propose an even more simpler solution as https://forum.pfsense.org/index.php?topic=144430.msg786296#msg786296 - what jhonpoz said.

    Do what he said, but do not use LAN, use a dedicated interface, like OPT1 - that's where a captive portal really belongs (like trusted devices belong on LAN, non trusted on other interfaces)
    Activate OPT1 - assign it a pass-all rule for TCPv4 (because are no default rules on OPTx interface) - and of you go.

    If that doesn't work, then "some" settings you made are conflicting.


Log in to reply