Captive Portal - Pass-through credits per MAC address broken?



  • I'm trying to implement this simple scenario like implemented in many hotspots to get free internet for a certain amount of time per day.

    I tried to implement it with:
    idle + hard timeout at 30
    Pass-through credits per MAC address 1 or any other number for that case

    Pass-through credits per MAC address is being completely ignored and I'm shown the login page. Is that a bug on the latest 2.4.4?



  • Hi,

    Initially, the MAC's tab (on the captive portal settings page) will be empty.
    When a device visits the portal a first time, he can log in ?
    Is his MAC added to that list ?

    The hard and soft time out throws him out after 30 minutes ?

    The same device can't loggin anymore for ""Waiting period to restore pass-through credits. (Hours)" hours ?

    You did set "Waiting period to restore pass-through credits. (Hours)" to 24 or something like that ?

    edit :
    The device obtains an IP from pfSense ? Check this with your device and the pfSense DHCP server logs.



  • It gets added after the login yes, but i want to have it without the login. The point is i want to give the user free internet without any login at all. and only after the hard time-out has hit I want the user having to use a username and password.

    This is my wishful scenario: User connects to AccessPoint > Captive Portal lets him through and use the internet for 30 minutes > after 30 minutes the user will be presented with the login-screen to use the internet again.



  • @sunnysonic said in Captive Portal - Pass-through credits per MAC address broken?:

    It gets added after the login yes, but i want to have it without the login. The point is i want to give the user free internet without any login at all. and only after the hard time-out has hit I want the user having to use a username and password.

    That's how it works :
    When connecting to the portal network, the device should pass through right away.
    Your device will be marked as "unauthenticated" the the portal users list.
    That device has x time access, and YY hours before it can access the internet again.

    I just tested this.
    It works.



  • Hi,

    I just updated my post above.
    I have to admit that I was talking pure nonsense, so I corrected my post.



  • Many thanks for the reply. It doesn't work here and i tested it with several devices. Maybe it's my version or the fact that i have been changing settings. So to be clear, so at least my understanding is correct. I feel there is some confusion.

    • I want any device to be able to get internet access without any sort of login
    • only after x amount of time i want the device to be blocked and shown a log-in

    Is that in some way possible?



  • @sunnysonic said in Captive Portal - Pass-through credits per MAC address broken?:

    I want any device to be able to get internet access without any sort of login

    This works. I was able to pass through without obstruction or a login page - the hard and or time out will throw me out.

    @sunnysonic said in Captive Portal - Pass-through credits per MAC address broken?:

    only after x amount of time i want the device to be blocked and shown a log-in

    I don't think so. Such a way of works isn't handled by the portal. You can access the internet XX hours later on.
    True is, I could make full tests, my portal is "live" and guest are connected all the time.



  • @gertjan
    Thanks for checking. So having authentication activated it is not possible that somebody can log onto the network while Pass-through credits per MAC are activated without any sort of log-in.

    Without authentication activated it does work having Pass-through credits per MAC enabled but then I would lose obviously the function of being able to log-in and could "block" that same device for a certain amount of time.

    Kind of a pitty. The only way i see this be made possible then is writing a php page that handles the log-in and creating users in the DB of freeradius when using it as authentication. Kind of overkill for a small network though.

    Many thanks again for your help though. I'm sure it will be helpful to others as well as this setting has the potential of being a bit misleading.



  • @sunnysonic said in Captive Portal - Pass-through credits per MAC address broken?:

    then is writing a php page

    I'm pretty sure the main index.php (the actual portal login page that does most of all the works) in /usr/local/captiveportal/ could be adapted so it handles your needs.
    All you need is some PHP knowledge.



  • exactly . thanks a lot