Help Initially Setting Up Captive Portal

netgate54

Hi, I am new at pfSense and I am having a problem with initially setting up the captive portal.

When I enable the captive portal, I lose my internet connection throughout the entire network. It is not clear to me what the settings should be on:
• DHCP Relay
• DHCP Server
• DNS Forwarder
• DNS Resolver.

Gertjan

Hi,

DHCP relay : You can't use it if pfSense is a DHCP server, and by default, it is.
DHCP server : no changes needed.
DNS Forwarder : You can't use it. By default pfSense is using the resolver.
DNS Resolver : no changes needed (and I advise you not to add any - change any DNS related settings !!)

@netgate54 said in Help Initially Setting Up Captive Portal:

When I enable the captive portal, I lose my internet connection throughout the entire network

Close to correct.
You could still can connect to any device on the LAN. Simple http requests to every where else will redirect the browser requests to the Captive portal login page.
Recent IO's like Windows, MAC, iOS etc will even signal that your have to login using a browser as soon as you establish the connection (by wire or by radio == wifi).

netgate54

Than you for your help.

What I am saying is that when I activate captive portal there is no login screen that pops up AND I lose internet. I must have something set up wrong.

Effectively, I am not able to use captive portal.

free4

@netgate54 it is probably a DNS issue. are you using a custom DNS server in your DHCP settings ? (eg, 8.8.8.8 ?)

the captive portal require your devices to use pfSense as DHCP server and DNS server.

netgate54

Initial I had DHCP set to 192.168.1.1 (which is the IP of the Netgate). That did not work. Should I set it to auto?

Gertjan

@netgate54 said in Help Initially Setting Up Captive Portal:

Initial I had DHCP

So your device (PC, pad, phone) will get the correct IP, network, Gateway and DNS : the last two are the IP of pfSense, which is a must-be.

When I activate a captive portal on my LAN, I also loose any connection to the Internet. This is exactly what the Captive portal is all about : blocking all connections, and let the user passing through when he is identified.

Any simple http request (not https !!!!!) will do - the Captive portal login page will open.
For example, when I activate the Captive portal : I have no more wen browsing, my mail client won't connect any more, no more FTP and SSH acces no where. Nothing.
But : ..... a simple http://whatismyip.host (again : NOT https !!) will open up the Captive portal login page.

See https://docs.netgate.com/pfsense/en/latest/captiveportal/captive-portal-troubleshooting.html

See also the videos here : https://www.youtube.com/channel/UC3Cq2kjCWM8odzoIzftS04A/videos take the oldest one to start with).

You'll see : it's "finger in the nose" technology.

netgate54

Thanks so much for your help!