Captive Portal doesnt resolve DNS



  • Hello, as i write in the tittle, thats the trouble im having.

    I've configured the captive portal, users and privileges, and it works, but only when i write ip's on the browser.
    I've also read some posts about the same and i tried all the solutions but it doesnt work in my case.

    any help is appreciated.


  • Rebel Alliance Developer Netgate

    Are the clients using the firewall for DNS? If so, that should work by default.

    If the clients use some other DNS server assigned to them by DHCP or manually (e.g. 8.8.8.8, 1.1.1.1, 9.9.9.9) then you must add those IP addresses to the allowed IP address tab so that traffic to them may bypass the portal. Otherwise clients can't use DNS. Having them use the firewall for DNS is the most reliable solution.



  • That issue - the one mentioned on the first line, and many more : https://www.netgate.com/docs/pfsense/captiveportal/captive-portal-troubleshooting.html



  • @jimp said in Captive Portal doesnt resolve DNS:

    Are the clients using the firewall for DNS? If so, that should work by default.

    If the clients use some other DNS server assigned to them by DHCP or manually (e.g. 8.8.8.8, 1.1.1.1, 9.9.9.9) then you must add those IP addresses to the allowed IP address tab so that traffic to them may bypass the portal. Otherwise clients can't use DNS. Having them use the firewall for DNS is the most reliable solution.

    Tried it but still not working..

    @gertjan said in Captive Portal doesnt resolve DNS:

    That issue - the one mentioned on the first line, and many more : https://www.netgate.com/docs/pfsense/captiveportal/captive-portal-troubleshooting.html

    I configured allowed ip`s, dns resolver and dns server on general / setup, but nothing.. i can upload some screenshots if needed



  • If, for example, 8.8.8.8 is the DNS server used by the clients, and 8.8.8.8 is added to the "Allowed IP addresses" tab, then you can resolve DNS requests from your client PC's (test that using nslookup for example).

    You can also 'see' that the IP's are pass-through : go to console or SSL access, enter option 8 - and enter :

    ipfw table all list
    

    You will see the IP's white listed in a table.

    But, normally, you shouldn't alter any DNS settings, and keep the DNS Resolver running on pfSense.
    This way the captive portal will work "within 3 clicks" (test this ! and only then move from this position by understanding each step before taking it ☺ )