Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive Portal Time Out

    Scheduled Pinned Locked Moved Captive Portal
    12 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marciourakawaM
      marciourakawa
      last edited by

      I am having problem with time of Portal Captive.

      I configure the time out to 120 minutes but always the system disconect users in maximum 60 minutes.

      The DHCP configured to 120 minutes and ir works exactly, only Captive Portal disconect.

      Can somebody help me ?

      Version of PfSense : 2.4.3-RELEASE

      0_1536164082380_PfSense.jpg

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        What is being logged in the Captive Portal Auth and DHCP logs?

        If CP is disconnecting the user it will be logged.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • marciourakawaM
          marciourakawa
          last edited by

          This always happens:

          Sep 5 07:45:05 logportalauth 327 Zone: access - USER LOGIN: urakawa, 30:07:4d:33:51:b6, 192.168.0.12
          Sep 5 08:45:15 logportalauth 27441 Zone: access - TIMEOUT: urakawa, 30:07:4d:33:51:b6, 192.168.0.12

          The DHCP is alright, works 120 minutes.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            How are you authenticating?

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • marciourakawaM
              marciourakawa
              last edited by

              RADIUS Protocol.

              Users come from AD.

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                Anything in the reply attributes dealing with session time?

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 1
                • marciourakawaM
                  marciourakawa
                  last edited by

                  I searched the AD but found nothing about it.

                  1 Reply Last reply Reply Quote 0
                  • DerelictD
                    Derelict LAYER 8 Netgate
                    last edited by

                    I'd probably packet capture a RADIUS reply to be sure.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • marciourakawaM
                      marciourakawa
                      last edited by marciourakawa

                      Maybe a i finded something about it in AD.

                      I will try e post here after.

                      1 Reply Last reply Reply Quote 0
                      • marciourakawaM
                        marciourakawa
                        last edited by marciourakawa

                        I finded a network policy in AD that set the 60-minute timeout.

                        0_1536167726141_AD.jpg

                        Now i changed to 120 minutes and i am testing.

                        1 Reply Last reply Reply Quote 0
                        • marciourakawaM
                          marciourakawa
                          last edited by

                          After I perform this setup in AD, actually the user has now spent more time connected in Captive Portal without disconnecting.

                          Thanks for the tip! I never thought the solution could be in AD 👍

                          1 Reply Last reply Reply Quote 0
                          • DerelictD
                            Derelict LAYER 8 Netgate
                            last edited by

                            Good deal. Glad you found it.

                            Chattanooga, Tennessee, USA
                            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                            Do Not Chat For Help! NO_WAN_EGRESS(TM)

                            1 Reply Last reply Reply Quote 1
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.