Captive login not proceeding (MacOS)



  • Hello

    I am not an administrator but a user and I am experiencing problems connecting through the captive portal with my MacBook Pro. Connecting with the iPad and the iPhone is working fine.

    The problem: as I connect to the wireless network the captive login pops up and I enter the voucher and proceed. Then the captive window stays open, is blank and I neither get a login confirmation nor a rejection message. When I then enter an URL either in Safari or Firefox the connection cannot be established. Interestingly I can resolve an IP address using nslookup but cannot ping it or traceroute it.

    System: MacBook Pro (Retina, 15-inch, Late 2013)
    OS: MacOS High Sierra 10.13.6

    On site I cannot contact an administrator and I just want to be sure that I didn’t miss anything.

    Regards,

    Alex



  • Hi,,

    As a user you can't do much, but ones connected to the wifi "portal network", Can you tell us what your IP is ? The gateway ? The DNS ?
    Also : how did your MacBook obtains this information ? It uses DHCP (it should) or did you set several "IP" settings yourself ?

    You mentioned a very important situation :

    The iPhone works.
    The iPad works.
    Your MacBook doesn't

    Knowing that they all use the same OS, there is only one difference : the network settings on your MacBook.
    Up to you what is different.

    I can assure you that when you unpack a brand new MacBook, and connect it to a captive portal, it works right away - as ay other device on the planet.

    Btw : please understand that on the administrator's side of pfSense, its settings could block your MacBook, for example, by MAC - or vouchers can't be used on "no more then X devices", etc.



  • Hi Gertjan,

    Thank you for your fast answer. DHCP is activated and is getting an IP (10.0.11.13), Subnet Mask (255.255.255.0) and Router (10.0.11.254) and a DNS Server (10.0.11.254). I have three vouchers - one for each device.
    Having asked Google I found a lot of people having trouble opening the captive window but this isn’t the problem here. The window opens, I enter the voucher, click send and nothing happens. I have no doubt that it would work if I used a MacBook out of the box as I could connect with mine two months before and I wonder why it isn’t working now as I cannot remember to have anything changed in my network settings - and the iOS devices work as they have before.

    Thanks again for your response,

    Alex


  • Rebel Alliance

    This post is deleted!

  • Rebel Alliance

    @riessal at this point you need clarification from your local admin...

    The blank page itself may come from no redirection URL has been set up in the captive portal settings, and your browser didn't provided any URL you would like to be redirected to After a successful authentication. It happens because captive portal don't know where to redirect you After getting connected so...it display you a blank page instead.

    But this blanck page should not be an issue. The true problem here is "why am i not getting connected when i enter a valid voucher?". I dont have reply for this through...



  • @free4 that’s what I thought after trying literally for hours, too.

    I remember when I entered the Voucher 2 months ago and it was accepted I used to click a „Done“-Button in the right lower corner of the window but now there is only a cancel button....



  • 2 months ?
    Is it still valid ?

    A voucher is a code that gives you an access during a fixed time.
    A soon as you connected the first time, the clock start. and it won't stop running.
    If you voucher states : "one month" it will be useless after one month. It doesn't matter f you used 5 minutes our 44640 minutes (== 1 month) of your connection time.

    When you enter a fake voucher code, like 123456789 do you see an error page that states that the voucher is invalid ?

    @riessal said in Captive login not proceeding (MacOS):

    I remember when I entered the Voucher 2 months ago and it was accepted I used to click a „Done“-Button ......

    Was this on the same MacBook ?



  • @Gertjan: yep, still valid. Please don’t ask me why they use a unlimited voucher. This doesn’t concern a large company or so and I don’t know who came up with this form of access control. On the other hand they don’t use WiFi encryption - so I use a VPN. And also interesting, one colleague had the same problem with his Mac book. They thought it was associated with Antivirus software - didn’t solve the problem when I disabled it. And when I enter a random number the system response states „invalid“. And yes, I used the same valid voucher 2 months ago.

    Anyway, I just ran into one of the IT crowd and he told me they are changing the system to WPA2-encrypted WiFi and RADIUS-authentification. So for the moment I will stop now solving a problem that might be gone in a few days.

    Thanks again so much for your time and have a nice day!

    Alex



  • @riessal said in Captive login not proceeding (MacOS):

    On the other hand they don’t use WiFi encryption - so I use a VPN

    No wifi encryption is normal and ok - rather typical for a public network.
    You would be needing a Wifi key to connect, so you would wind up using 2 codes, the key and the voucher.
    These days all traffic is SSL (https - smtps - imaps - pops - ssh). The one that can tap into the SSL connection to your back will have your VPN protection as breakfast ^^
    True, DNS goes over the air in clear.

    Public networks, present in plains, trains, libraries, town halls, hotels and MacDo etc etc are always non-WPA2 non-encrypted for a very good reason : this keeps away the people that do scary things with the Wifi connection.

    @riessal said in Captive login not proceeding (MacOS):

    unlimited voucher

    Ok, good to know - this rules out an obvious problem.

    Which means your connection is probably established, but your DNS is still blocked.
    This is the most common issue when a captive portal is set up, see here.

    @riessal said in Captive login not proceeding (MacOS):

    changing the system to WPA2-encrypted WiFi and RADIUS-authentification

    That's bad news for you ;) => More potential problems coming up real soon.
    " If they can't manage the Voucher setup, better stay away from a Radius solution ^^ "

    As said above : Nice, WPA2 - but you still need to fire up the VPN (otherwise admins of the upstream pfSense can see your DNS - what you do - the requests in clear).


  • Rebel Alliance

    @riessal i have a question : is it the first Time ever that you are using a voucher on your macbook?

    I mean, did you successfully connected/authencated to the wifi using your macbook (possiblly long time ago)?


Log in to reply