5. Captive portal problem

Captive portal problem

  • L

    Dear all,

    I just implemented captive portal recently and i found out, there are some issues happening. My PfSense box is 2.0-BETA4  (i386) built on Fri Aug 20 15:04:15 EDT 2010.
    The Mac OS, IPod and some Windows clients which are in the allowed list, sometime they are getting the captive portal authentication page.
    I could resolve the problem by deleted the them from the list and re-create them but later it happen again.. but it is strange to see this happen since they are in the allowed list.

    Regard,  ???
    Leap

    0
  • E

    Please be more verbose on your configuration.
    Show facts when the issue happens and some logs with it.

    0
  • L

    The captive portal configuration  is very simple

    • Captive portal page

    Enable and Interface: Lan

    • Pass-though MAC

    I added all well known clients and some of them (MS windows client, MAC OS and IPod) are blocked by captive portal authentication page.

    –---------------------------------

    There is only one log which appear in the system log

    php: /services_captiveportal_mac.php: The command '/sbin/ipfw delete 77; /sbin/ipfw delete 78' returned exit code '69', the output was 'ipfw: rule 78: setsockopt(IP_FW_DEL): Invalid argument'

    and Portal Auth page

    Sep 16 12:31:18 logportalauth[42107]: ACCEPT: unauthenticated, 08:00:27:3e:a1:a4, 192.168.1.116
    Sep 16 11:10:46 logportalauth[45822]: ACCEPT: unauthenticated, 00:18:41:e1:1a:3c, 192.168.1.156
    Sep 16 10:50:05 logportalauth[45822]: ACCEPT: unauthenticated, 00:24:9f:3f:fd:0b, 192.168.1.127
    Sep 16 10:28:45 logportalauth[50046]: ACCEPT: unauthenticated, 00:23:14:ae:30:08, 192.168.1.161
    Sep 16 10:16:14 logportalauth[45822]: ACCEPT: unauthenticated, 00:23:14:ae:39:90, 192.168.1.158
    Sep 16 09:56:21 logportalauth[54770]: ACCEPT: unauthenticated, 5c:59:48:a1:8c:09, 192.168.1.121
    Sep 16 09:53:44 logportalauth[54770]: CONCURRENT LOGIN - REUSING OLD SESSION: unauthenticated, 00:26:37:14:49:4a, 192.168.1.181
    Sep 16 09:53:44 logportalauth[54770]: ACCEPT: unauthenticated, 00:26:37:14:49:4a, 192.168.1.181
    Sep 16 09:52:05 logportalauth[54770]: ACCEPT: unauthenticated, 00:26:37:14:49:4a, 192.168.1.181
    Sep 16 09:45:43 logportalauth[50046]: ACCEPT: unauthenticated, 00:21:e8:b9:af:74, 192.168.1.185
    Sep 16 09:43:44 logportalauth[45822]: ACCEPT: unauthenticated, 00:21:6a:85:f5:58, 192.168.1.128
    Sep 16 09:37:45 logportalauth[50046]: ACCEPT: unauthenticated, 38:e7:d8:02:1d:f3, 192.168.1.146
    Sep 16 09:34:38 logportalauth[54770]: ACCEPT: unauthenticated, c4:17:fe:fb:c0:24, 192.168.1.208
    Sep 16 09:30:44 logportalauth[22939]: ACCEPT: unauthenticated, 00:26:9e:3b:36:86, 192.168.1.235
    Sep 16 09:19:45 logportalauth[54770]: ACCEPT: unauthenticated, 40:2b:a1:e0:74:a9, 192.168.1.186
    Sep 16 09:16:46 logportalauth[50046]: ACCEPT: unauthenticated, 00:23:8b:75:90:3d, 192.168.1.120
    Sep 16 09:15:01 logportalauth[45822]: ACCEPT: unauthenticated, 00:22:15:44:73:14, 192.168.1.134
    Sep 16 09:06:33 logportalauth[58101]: ACCEPT: unauthenticated, 00:1b:fc:df:8f:2a, 192.168.1.240

    But these are unknown MAC address which are not the allowed list

    The very strange one, my Debian server was able to access to internet since the morning but later during lunch time, it was not able. there is no log about that server in PFSense.
    I just re-create and it solved.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy