4. CAPTIVE PORTAL and DNS Request for unregistered users

CAPTIVE PORTAL and DNS Request for unregistered users

  • M

    I got a problem today.
    I have the DHCP server in WIFI interface letting DNS fields empty (as suggested in the DHCP Server Form)
    Load balancing anf failover for 2 internet connections (wan and opt1=backup)
    I have with Transparent Proxy running on Squid

    After activating the captive portal service for WIFI Iterface (opt2) all traffic to wan+backuk from WIFI was stopped and captive portal login request was not shown.

    I saw that users could not resolve domain names…
    if using ip address.. it was correctly running as

    1. Password request
    2. Successfull Login
    3. reaching any web site by his ip address

    So .... !!!it was a DNS problem!!!

    I solved by adding this NATTING rule in FIREALL->NAT->PORT FORWARDING:
    to forward any CNS request from WIFI (192.168.1.1/24) to DNS Forwarder on the ip 192.168.0.254 (lan ip address)
    WIFI UDP 53 (DNS) 192.168.0.254(ext.: 192.168.1.1) 53 (DNS) DNS for WIFI USERS

    and a new rule for WIFI Interface
    passing all the traffic from the wifi subnet to ip lan address
    UDP WIFI net * 192.168.0.254 53 (DNS) *   DNS REQUESTS

    Do I really need this?

    by the way .... I Hope it helps anyone else having my problem.

    Bye
    Massi

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy