[Solved] Captive Portal https Problem (works with Http)

omarmohammed · May 21, 2018, 11:21 PM

Hello, i have a problem regarding https. i get "The page isn't redirecting properly"

Here is my configuration : Common name of Certificate : CapAdmins

The name of the https server is CapAdmins

interface VLAN10 address is 10.1.10.1.

in the DNS, the entry is : CapAdmins with 10.1.10.1 and it is resolved by the client.
Domain : Simulation.com
the redirection works but its like it's stuck in a loop.

With Http i got no problem.

i use the latest version of pfsense : the one that was released three days ago (14 of may)

omarmohammed · May 18, 2018, 1:17 PM

anybody ? is the entry in the dns the problem ?

Gertjan · May 18, 2018, 2:13 PM

Hi,

A common name of one word ?
Normally, it should be "CapAdmins.Simulation.com".

At least, true (trusted) certificates should be "Simulation.com" and/or "CapAdmins.Simulation.com".

I'm using a certificate from the ACME package. Just plain rocks.

For the DNS, the Resolverw as activated by default, never touched it. I added a host override like
portal brit-hotel-fumel.net 192.168.2.1
where 192.168.2.1 is my captive portal NIC and portal..brit-hotel-fumel.net the common name of the cert (I own brit-hotel-fumel.net of course).

omarmohammed · May 18, 2018, 2:31 PM

here i changed to the followings :

Cert commun name : CapAdmins.Simulation.com

https Server name : CapAdmins.Simulation.com

DNS resolution CapAdmins : 10.1.10.1 (the captive portal interface) with the domain : Simulation.com

Still problem :/

Gertjan · May 18, 2018, 2:47 PM

When you connected your device to the captive portal interface, could you resolve :
CapAdmins.Simulation.com ?
It should return "10.1.10.1"

And your cert contains "CapAdmins.Simulation.com" ?

And what do you mean by "problems" ?
Any portal and captive webs server logs ?

You use the default captive portal login page, right ?

omarmohammed · May 18, 2018, 3:38 PM

yes the default web page.

and yes for the certificate (name and also commun name)

yes it resolves with 10.1.10.1 for the logs i'll get them right away for u

Edit : The logs are for authentication i dont even get there i get "bad gateway" in microsoft edge, and "The page isn't redirecting properly" with firefox

Edit 2 : I tried the host override thing like u nothing changed

Gertjan · May 18, 2018, 9:27 PM

No clues from me.
Witrhout further details, I'll go for a VLAN issue.

omarmohammed · May 19, 2018, 4:52 AM

Thanks a lot i guess it might be related to that…

can u like test it ? if you have some time

Gertjan · May 19, 2018, 10:36 AM

@omarmohammed:

…
can u like test it ? if you have some time

Well, I'm using the captive portal for the last 10 years or so.
I guess tests are over for me ;)

omarmohammed · May 19, 2018, 11:26 AM

you mean its working with vlans ? the https redirection works correctly if the interface is a vlan interface in ur case ?

Gertjan · May 19, 2018, 5:27 PM

Never used vlan's.
Portal has a dedicated NIC.

Derelict · May 19, 2018, 8:12 PM

Captive portal doesn't care if it is on a VLAN interface.

omarmohammed · May 21, 2018, 11:21 PM

solved : i have to not use cap letters