CAPTIVE PORTAL and DNS Request for unregistered users
I got a problem today.
I have the DHCP server in WIFI interface letting DNS fields empty (as suggested in the DHCP Server Form)
Load balancing anf failover for 2 internet connections (wan and opt1=backup)
I have with Transparent Proxy running on Squid
After activating the captive portal service for WIFI Iterface (opt2) all traffic to wan+backuk from WIFI was stopped and captive portal login request was not shown.
I saw that users could not resolve domain names…
if using ip address.. it was correctly running as
- Password request
- Successfull Login
- reaching any web site by his ip address
So .... !!!it was a DNS problem!!!
I solved by adding this NATTING rule in FIREALL->NAT->PORT FORWARDING:
to forward any CNS request from WIFI (192.168.1.1/24) to DNS Forwarder on the ip 192.168.0.254 (lan ip address)
WIFI UDP 53 (DNS) 192.168.0.254(ext.: 192.168.1.1) 53 (DNS) DNS for WIFI USERS
and a new rule for WIFI Interface
passing all the traffic from the wifi subnet to ip lan address
UDP WIFI net * 192.168.0.254 53 (DNS) * DNS REQUESTS
Do I really need this?
by the way .... I Hope it helps anyone else having my problem.