Captive Portal doesn't work with NAT

lir

Is this a normal issue?
Is there a way around it?

Thanks

hoba

This is a pretty incomplete report. I don't have a clue what you are asking for. Please provide more details and a way how to reproduce.

PinoVero

i'm very newbie to pfsense and i don't know what is a Captive Portal, but i got the same issue:

i've just installed pfsense, setup some simple firewall rules and some nat port forward, so just to learn more about it i've just tryed to activate Captive Portal, then any LAN pc get unable to connect outside

so the first impression is that captive portal don't work with nat

but i think that captive need some more config, to work and let lan pc to work

buraglio

It works with NAT.  Not meaning to come off as rude, but if you don't know what the captive portal is then how do you know it's not working?  The default behavior is that the captive portal will redirect all http connections to a page on the pfsense box, specifically, an instance if lighthttpd running on port 8000.  From there you have to provide credentials to gain access.  Did you enable the portal?

nb

ripice

im having the same problem…

buraglio

What version of pfsense?  What is your config?  I'll see if I can replicate it here.

ripice

I have onde router in bridge conected to the WAN … a my network conected to the LAN ... the captive is enabled on Lan interface ... :|

buraglio

The captive portal doesn't work on bridged interfaces.  Are you using NAT or are you bridging?  I use the portal extensively in both NAT and public address space and have no issues.

ripice

Im not bridging …
Im using WAN - NAT - LAN ...

I´ve reseted the pfsense machine and when i enable the captive portatal ... the nat rules stop working ... ;/

buraglio

hmm, I set up a fresh config like this with 1.0.1 and it worked fine.  Do all NAT entries stop working or is it something more specific?  What version of pfsense?  Normal behavior of the captive portal is to block outgoing access until credentials can be verified.  All hosts, unless specified in the passthrough, will not be able to reach the WAN until said credentials are provided and verified.  Do you get redirected to the portal page at all?

After you enable the captive portal log in and type

pfctl -s nat|grep -v 127.0.0.1 

as well as

ipfw list 

and post the results.