Portail captive



  • depuis un certain temps que j'essaye de mettre en marche pfsense sous vmware  en machine virtuelle je vous donne ma configuration:

    Machine réels–--machine virtuelle1----machine virt2
    (serveur web)              (pfsense)          (client)

    machine réel(vmnet8) ip:192.168.1.2
    machine virt1(vmnet8) ip(wan):192.168.1.1
                virt1(vmnet2) ip(lan):192.168.77.250       
    machine virt2(vmnet2) ip:192.169.77.13

    le probléme c'est quand je lance l'ip du wan sur le navigateur je suis redirigé vers la page d'authentification alors que toute autre requette(ex:www.google.fr) n'est pas redirigé.

    voici le fichier xml de configuration ,je vous prie de m'aider

    • <pfsense><version>3.0</version>
        <lastchange><theme>pfsense</theme>

    • <system><optimization>normal</optimization>
        <hostname>pfsense</hostname>
        <domain>fsdmfes.ac.ma</domain>
        <username>admin</username>
        <password>$1$dSJImFph$GvZ7.1UbuWu.Yb8etC0re.</password>
        <timezone>Etc/UTC</timezone>
        <time-update-interval><timeservers>0.pfsense.pool.ntp.org</timeservers>

    • <webgui><protocol>https</protocol>
        <port>443</port>
        <certificate><private-key></private-key></certificate></webgui>
        <disablenatreflection>yes</disablenatreflection>

    • <ssh><authorizedkeys><port>22</port></authorizedkeys></ssh>
        <enablesshd>yes</enablesshd>
        <maximumstates><shapertype><dnsserver>192.168.1.2</dnsserver>
        <dnsallowoverride></dnsallowoverride></shapertype></maximumstates></time-update-interval></system>

    • <interfaces>- <lan><if>em0</if>
        <ipaddr>192.168.77.250</ipaddr>
        <subnet>24</subnet>
        <media><mediaopt><bandwidth>100</bandwidth>
        <bandwidthtype>Mb</bandwidthtype></mediaopt></media></lan>

    • <wan><if>em1</if>
        <mtu><blockpriv>on</blockpriv>
        <blockbogons>on</blockbogons>
        <media><mediaopt><bandwidth>100</bandwidth>
        <bandwidthtype>Mb</bandwidthtype>
        <disableftpproxy><ipaddr>192.168.1.1</ipaddr>
        <subnet>24</subnet>
        <gateway>192.168.1.2</gateway>
        <spoofmac><dhcphostname></dhcphostname></spoofmac></disableftpproxy></mediaopt></media></mtu></wan></interfaces>
        <staticroutes>- <pppoe><username><password></password></username></pppoe>

    • <pptp><username><password><local></local></password></username></pptp>

    • <bigpond><username><password><authserver><authdomain><minheartbeatinterval></minheartbeatinterval></authdomain></authserver></password></username></bigpond>

    • <dyndns><type>dyndns</type>
        <username><password></password></username></dyndns>

    • <dhcpd>- <lan>- <range><from>192.168.77.10</from>
        <to>192.168.77.20</to></range>
        <defaultleasetime><maxleasetime><netmask><failover_peerip><gateway>192.168.77.250</gateway>
        <enable><ddnsdomain><next-server><filename><dnsserver>192.168.77.250</dnsserver></filename></next-server></ddnsdomain></enable></failover_peerip></netmask></maxleasetime></defaultleasetime></lan></dhcpd>

    • <pptpd><mode><redir><localip></localip></redir></mode></pptpd>
        <ovpn>- <dnsmasq><enable></enable></dnsmasq>

    • <snmpd><syslocation><syscontact><rocommunity>public</rocommunity></syscontact></syslocation></snmpd>

    • <diag><ipv6nat></ipv6nat></diag>
        <bridge><syslog>- <nat>- <ipsecpassthru><enable></enable></ipsecpassthru></nat>

    • <filter>- <rule><type>pass</type>
        <descr>Default LAN -> any</descr>
        <interface>lan</interface>

    • <source>
        <network>lan</network>

    • <destination><any></any></destination></rule></filter>
        <shaper>- <ipsec><preferredoldsa></preferredoldsa></ipsec>
        <aliases><proxyarp>- <cron>- <minute>0</minute>
        <hour></hour>
        <mday>
      </mday>
        <month></month>
        <wday>
      </wday>
        <who>root</who>
        <command></command>/usr/bin/nice -n20 newsyslog

    • <minute>1,31</minute>
        <hour>0-5</hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/usr/bin/nice -n20 adjkerntz -a

    • <minute>1</minute>
        <hour>3</hour>
        <mday>1</mday>
        <month></month>
        <wday>
      </wday>
        <who>root</who>
        <command></command>/usr/bin/nice -n20 /etc/rc.update_bogons.sh

    • <minute>/60</minute>
        <hour>
      </hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout

    • <minute>1</minute>
        <hour>1</hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/usr/bin/nice -n20 /etc/rc.dyndns.update

    • <minute>/60</minute>
        <hour>
      </hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot

    • <minute>/60</minute>
        <hour>
      </hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c

    • <minute>/5</minute>
        <hour>
      </hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/usr/local/bin/checkreload.sh

    • <minute>/5</minute>
        <hour>
      </hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/etc/ping_hosts.sh

    • <minute>/140</minute>
        <hour>
      </hour>
        <mday></mday>
        <month>
      </month>
        <wday>*</wday>
        <who>root</who>
        <command></command>/usr/local/sbin/reset_slbd.sh</cron>
        <wol>- <installedpackages>- <package><name>siproxd</name>
        <website>http://siproxd.sourceforge.net/</website>
        <descr>Proxy for handling NAT of multiple SIP devices to a single public IP.</descr>
        <category>Services</category>
        <config_file>http://www.pfsense.com/packages/config/siproxd.xml</config_file>
        <depends_on_package_base_url>http://files.pfsense.org/packages/7/All/</depends_on_package_base_url>
        <depends_on_package>siproxd-0.7.0_1.tbz</depends_on_package>
        <pkginfolink>http://doc.pfsense.org/index.php/Siproxd_package</pkginfolink>
        <version>0.7.2</version>
        <status>Beta</status>
        <required_version>1.2.1</required_version>
        <configurationfile>siproxd.xml</configurationfile></package>

    <menu>
      <name>siproxd</name>
      <tooltiptext>Modify siproxd users and settings.</tooltiptext>
     Services
      <url>/pkg_edit.php?xml=siproxd.xml&id=0</url>
     </menu>

    • <service><name>siproxd</name>
        <rcfile>siproxd.sh</rcfile>
        <executable>siproxd</executable></service>
    • <olsrd>- <config><enable><enablelqe>2</enablelqe>
        <iface_array><enablehttpinfo><port>443</port>
        <allowedhttpinfohost><allowedhttpinfosubnet><enabledyngw><enableannounce><announcedynamicroute><ping><polling><enabledsecure></enabledsecure></polling></ping></announcedynamicroute></enableannounce></enabledyngw></allowedhttpinfosubnet></allowedhttpinfohost></enablehttpinfo></iface_array></enable></config></olsrd></installedpackages>
    • <revision><description><time>1243559394</time></description></revision>
    • <rrd><enable></enable></rrd>
    • <captiveportal>- <page><htmltext>PGZvcm0gbWV0aG9kPSJwb3N0IiBhY3Rpb249IiRQT1JUQUxfQUNUSU9OJCI+DQogICA8aW5wdXQgbmFtZT0iYXV0aF91c2VyIiB0eXBlPSJ0ZXh0Ij4NCiAgIDxpbnB1dCBuYW1lPSJhdXRoX3Bhc3MiIHR5cGU9InBhc3N3b3JkIj4NCiAgIDxpbnB1dCBuYW1lPSJyZWRpcnVybCIgdHlwZT0iaGlkZGVuIiB2YWx1ZT0iJFBPUlRBTF9SRURJUlVSTCQiPg0KICAgPGlucHV0IG5hbWU9ImFjY2VwdCIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQ29udGludWUiPg0KPC9mb3JtPg==</htmltext></page>
        <timeout>60</timeout>
        <interface>lan</interface>
        <maxproc><idletimeout><enable><auth_method>local</auth_method>
        <reauthenticateacct><httpsname>admin</httpsname>
        <bwdefaultdn><bwdefaultup><certificate>LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlDL2pDQ0FtZWdBd0lCQWdJSkFLWUkyYUVnNXlYcE1BMEdDU3FHU0liM0RRRUJCUVVBTUY0eEN6QUpCZ05WDQpCQVlUQWsxU01RNHdEQVlEVlFRSUV3Vk5ZWEp2WXpFTU1Bb0dBMVVFQnhRRFJ1aHpNUkF3RGdZRFZRUUtFd2RtDQpjMlJ0Wm1Wek1RMHdDd1lEVlFRTEV3UnBibVp2TVJBd0RnWURWUVFERkFkbVlXTjFiSFRwTUI0WERUQTVNRFV5DQpOVEl4TWpVMU1sb1hEVEU1TURVeU16SXhNalUxTWxvd1hqRUxNQWtHQTFVRUJoTUNUVkl4RGpBTUJnTlZCQWdUDQpCVTFoY205ak1Rd3dDZ1lEVlFRSEZBTkc2SE14RURBT0JnTlZCQW9UQjJaelpHMW1aWE14RFRBTEJnTlZCQXNUDQpCR2x1Wm04eEVEQU9CZ05WQkFNVUIyWmhZM1ZzZE9rd2daOHdEUVlKS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKDQpBb0dCQUtxSWVaa3R0RitneTZoQnVCZ2J6bGZJRm1DVkhxTS9GTzRGaFNuMHV4YVJuKzJSVkQ4NlZYOFcvT0VLDQpKSzY5S3pUWTZDK3Z2dU5ac2lmNGxNQ3d0TzVyYm43a0ZYaUxZbzNKZXY1K0hUek44N2VVdy9wOFJhQXVKb1BkDQoxWTlPRElncHErajBPendQVEpiZ0taRzRLRUVVOVlzY0QyVDBnc0xhUkl2WDl1ckpBZ01CQUFHamdjTXdnY0F3DQpIUVlEVlIwT0JCWUVGTExkMlFZaGc0TEczdENuN3N4cFU1aDZNQnFWTUlHUUJnTlZIU01FZ1lnd2dZV0FGTExkDQoyUVloZzRMRzN0Q243c3hwVTVoNk1CcVZvV0trWURCZU1Rc3dDUVlEVlFRR0V3Sk5VakVPTUF3R0ExVUVDQk1GDQpUV0Z5YjJNeEREQUtCZ05WQkFjVUEwYm9jekVRTUE0R0ExVUVDaE1IWm5Oa2JXWmxjekVOTUFzR0ExVUVDeE1FDQphVzVtYnpFUU1BNEdBMVVFQXhRSFptRmpkV3gwNllJSkFLWUkyYUVnNXlYcE1Bd0dBMVVkRXdRRk1BTUJBZjh3DQpEUVlKS29aSWh2Y05BUUVGQlFBRGdZRUFnR0F0SXlPRmdObnVHQzVQS0Q4U1V2bnlFaUhZS3NZQ0RhOWY0VFEzDQo4WGtaU2ZQV0hDblFBSmdtaXBINnZ2UVh0YTl5Y2QwNGJnYUNDaGlxY2pDWC90TmU0T3pWWmZIQUFBMEVUcTVuDQpLKytuZDNmUVRGYkpacTY0bEdHeFhQWDMvNXduNFRodHpOcWxQSVh0ZmVseWhJS2FNaHFhcFc1cWNPNTJJelk2DQpodlk9DQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t</certificate>
        <private-key>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQ0KTUlJQ1hBSUJBQUtCZ1FDcWlIbVpMYlJmb011b1FiZ1lHODVYeUJaZ2xSNmpQeFR1QllVcDlMc1drWi90a1ZRLw0KT2xWL0Z2emhDaVN1dlNzMDJPZ3ZyNzdqV2JJbitKVEFzTFR1YTI1KzVCVjRpMktOeVhyK2ZoMDh6Zk8zbE1QNg0KZkVXZ0xpYUQzZFdQVGd5SUthdm85RHM4RDB5VzRDbVJ1Q2hCRlBXTEhBOWs5SUxDMmtTTDEvYnF5UUlEQVFBQg0KQW9HQUx1Ty9xNktwaWZISWpjY2tPMXpKNjlFVWRoSUtqcEIxek15dnhNMko4N2F1NXIrakRvK1htbzVUa2YwYw0KQVAvNnRWayszbjNRV3VyNjFZckFQQXRhZEJENjNUTXZBRDc3bHljdmtQWlNuZ3ovNzRiSGRvaFlaTHpBR0o4dw0KRmpIbjhQUFJRUjBGMyt3Uy8rT0hIVGtZUGxYRHB1RERLa0hhUy9oSGtjUGRuZ0VDUVFEY3Q3MEFMdzVKSy80Zg0KNk9GYWtWZkx3SlRvN0JhL2w4aWs5N04yc0h1TVBDRjkwZE53NjBoNnZIZnRRQmwraXFlbFlYV1JidkpkM3Zmaw0Ka3hMVnFFTTVBa0VBeGNzUjdicGlHcmkzK0I5RVVtQjVjV0VvSlJFbXZNQkxnRC9Yb1VSN2I0Nk9aVnRLNVpRUw0KZDBHV2xvY0phWEVyY3hMTDQ3TlQ0MWpCeGpHSFpOb1VFUUpBWUF6MWl1YnZhSmhrZHE1NW8xZ3N4TmFCOXZzRw0KeTBuYVh6QU1RVko3OFlNWmNBK24zRFFIenFIRjd0RStSdnRBQ1pCb0FXb3V2dnNSRmIrTEtyK1d3UUpBZWV0eg0Kc0xMN3QvYjJ4NFlXYWlTM2x4REpXeGZZWmU2dVcyNSs3eFEwZGc1TWJlTzVKZ3lBMld2ZmRBZm00RXoyK0dhMA0Kc1RXZjF2cWw3eEltb0I3ZzBRSkJBS0IvYlF0TW1rMkxyZVdRK2dFZytROHdiNnB0WGhJWjBBQzIveitIMDFJeA0KaEl5YW9MSzJzUVhrb3pOZkluNU9nRlhZRmNmVG0xYitPME82dGRNb3drQT0NCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tDQo=</private-key>
        <redirurl><radiusip><radiusip2><radiusport><radiusport2><radiusacctport><radiuskey><radiuskey2><radiusvendor>default</radiusvendor>
    • <user><name>Aminos</name>
        <fullname>Amine TALBI</fullname>
        <expirationdate><password>ea7cf1116d18ae80f61ba1cfdbaddd9b</password></expirationdate></user>
    • <user><name>abdelahad</name>
        <fullname>Abdelahad Chraibi</fullname>
        <expirationdate><password>4911e516e5aa21d327512e0c8b197616</password></expirationdate></user></radiuskey2></radiuskey></radiusacctport></radiusport2></radiusport></radiusip2></radiusip></redirurl></bwdefaultup></bwdefaultdn></reauthenticateacct></enable></idletimeout></maxproc></captiveportal></wol></proxyarp></aliases></shaper></syslog></bridge></ovpn></staticroutes></lastchange></pfsense>


  • si je ne peut avoir une réponse au forum de pfsense ou puis je en avoir. svp c urgent



  • Vous aurait il échappé que c'est le week end de Pentecôte ?
    On se décontracte et on boit frais. Il a fait chaud.



  • en voila le week-end achevé ou sont vos réponse.



  • Au lieu de travailler 'virtuellement', as-tu essayé de travailler avec un vrai "PC-pFsense", un vrai client (un portable qui traine…), etc. ?
    Car monter ton config / essayer de le copier n'est pas une chose qui ce fait rapidement.


Log in to reply