Captive Portal relogin after logout

M.Meyer

Hi guys, we're just despairing here.
The following scenario.
Current 2.4.3 cummunity edition

Local users auth .. the captive portal goes great once without problems Redirect everything goes.
If we take the logout window or shoot the user in the Pfsense from then comes no redirect anymore.
CP restart does not help.
However, if we make changes in the CP and then start it again it goes through again .. once.
Time runs out too.
So only if the user logs in and then hangs out and back in, no chance anymore.
What can this be?
THANK YOU

I hope google Translate work fine ;)

Gertjan

@M.Meyer:

If we take the logout window ….

This is 'normal', a glitch entered in 2.4.3 https://forum.pfsense.org/index.php?topic=146046.msg795216#msg795216  (and how to repair that one)

M.Meyer

Thanks we testing tomorrow  :-*

M.Meyer

Thanks Gertjan it works fine.
But we have more Problems …
It is possible https:// Redirect to Login captive Portal ?
I think the pfsense captive Portal works not so fine ;-(
We need it for normal user.
any idea ?
On 2.4.2 works evething without the bug ?
Redirect not work . Browser --- www.google.de not working,ip work fine 172.217.16.67 Redirect to Google.de
it is possible no to redirect https on the new versions.

Gertjan

@M.Meyer:

It is possible https:// Redirect to Login captive Portal ?

What you are asking is possible.

If you go to www.cnn.com (a https site), you can not go to some where else. Your browser will not let you do so, it will fail with an error.
What you are askin g is : can we break TLS ? I hope not.

But, as I explained already many times, this is not a problem - and has nothing to do with pfSense, or whatever portal software .

@M.Meyer:

I think the pfsense captive Portal works not so fine ;-(
We need it for normal user.
any idea ?

I'm using the portal for a hotel. This means : 'simple' users - they use the portal just fine. They use all kind of devices.
@M.Meyer:

On 2.4.2 works evething without the bug ?

Up until now, just this small bug, others bugs have been removed.
This bug is normally not very important, because users, these days, are not dosconnecting anymore.
Most users use browsers that do not show pop up (popup blocking is pretty default these days), so they won't have the small windows to disconnect anyway.

@M.Meyer:

Redirect not work . Browser –- www.google.de not working,ip work fine 172.217.16.67 Redirect to Google.de
it is possible no to redirect https on the new versions.

After authentication, my users are redirected to https://www.google.fr - works just fine.
If it doesn't redirect for you, use the default build in login page.

M.Meyer

Thank you Gertjan for Help ..
We are waiting for a better version from Captive Portal .
The Firewall works pretty good but the CP problem is not fine.

Gertjan

@M.Meyer:

We are waiting for a better version from Captive Portal .
The Firewall works pretty good but the CP problem is not fine.

:o

See my stats. Sorry, can't go back more then one year - but the graphs are clear : people enter and use my pfSense Captive Portal all the time.
Note :
I'm not explain them how it works. I'm probably not there when the arrive at the hotel.
I'm not telling them where the password is …. (Printed on a page in the room directory, present on the bureau in the room).

Also :
Believe me, if there are troubles, I will help the client to connects his BYOD. I guess I'm close to a 99 % of "BYOD is fckd up, so client can't connect because client did not understand when he was *#@"#@ up his device that this might have consequences on other networks, but on the home network all is fine".

Today, in a hotel, when :
There is no warm water, the client doesn't care,
No TV, are nothing on the TV, the client doesn't care,
The food is close to disgusting,  the client doesn't care,
The heating doesn't work ? =>  the client doesn't care,
But if there is no free usable Internet access, the (never been a, but potential) client walks out of the door.

So, what do you think : I use pfSense because it doesn't work for everybody ??  ;)

The small bug can be circumvented if you edit "the file as mentioned in the patch". It isn't even needed, except if you really need to kick clients out of your network, which is normally handled by the soft- and hard time out.

edit : Just from the press : the patch is nearly done : feedback phase :  https://redmine.pfsense.org/issues/8441
... and merged https://github.com/pfsense/pfsense/pull/3937

M.Meyer

Thank you  :)
I have read you post an the Bug is Fix.  ::)
We are still testing everythin … any we need it for a little more peopla than 20 ;)
Do not get me wrong we love the pfsense.  :-*