Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Captive portal on multiple subnets

    Captive Portal
    3
    7
    5221
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 3
      33blouse last edited by

      I download the pfsense 's book : Pfsense the definitive Guide but I don't get the figure 19.1 Captive Portal on multiple subnets . So I' d like someone to share this . Please !
      I recently read Pfsense multiple subnets in one  interface . Now I'd like to set captive portal On ALL THE SUBNETS .
      I also need to set the subnets to use external DHCP+DNS+LDAP

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        Are you a commercial support subscriber or a customer of applianceshop.eu?

        If not, how did you get the book? If you contact the source of the file, and they get the request back to us, we can get a fixed version of the PDF.

        If you downloaded a pirated copy of the book, then don't expect any help. :-)

        1 Reply Last reply Reply Quote 0
        • jimp
          jimp Rebel Alliance Developer Netgate last edited by

          If you actually purchased a real copy of the book, we might be more inclined to help. But if all you did was download a .rar of the book instead of paying for it, and you didn't buy the book or obtain it from an authorized distributor (like applianceshop.eu), then don't expect any help. The book is is not available for free from the Internet.

          As one of the authors of the book, I don't appreciate it being spread around like that. If you mention downloading it again, you will likely end up banned from the forum.

          1 Reply Last reply Reply Quote 0
          • 3
            33blouse last edited by

            Sorry Jim !

            1 Reply Last reply Reply Quote 0
            • L
              lsoltero last edited by

              Hello Jim,

              Is it possible for you to provide a copy of the updated handbook pdf to Jos Schellevis at the appliance shop?  He was able to provide me with the missing image but it seems he does not have an updated copy of the book…


              Hi Luis,

              It seems the xml book source does not include the picture, strange.

              However I have the full source including media, and the picture is part of that, so here it is:
              The picture is also attached to this email as png.

              Best regards,

              Jos Schellevis
              Deciso B.V.

              On another note... the following patch seems to do in software what your picture suggests should be done in hardware.
              If I create subnets using this approach

              http://www.google.com/url?sa=t&source=web&cd=2&sqi=2&ved=0CCoQFjAB&url=http%3A%2F%2Fdoc.pfsense.org%2Fmultiple-subnets-one-interface-pfsense.pdf&rct=j&q=pfsense%20multiple%20subnet%20config.xml&ei=_QoTTc6ML8GBlAe80ZHaDA&usg=AFQjCNHreYMjK4zXW8fp93eEk9noExW_ew&sig2=_MJHwEXbaiLJgEjVkdyAGw

              and then apply this patch to /etc/inc/filters.inc

              --- filter.inc 2010-12-23 08:46:47.000000000 +0000
              +++ filter.inc.new 2010-12-23 08:46:31.000000000 +0000
              @@ -1752,7 +1752,7 @@
              $src = $lanip;
              break;
              case 'lan':

              • $src = "{$lansa}/{$lansn}";
              • $src = "any";
                break;
                case 'pptp':
                $src = "{$pptpsa}/{$pptpsn}";

              I get subnets with Captive portal.  As far as I can tell these are very well behaved subnets. I can whitelist mac addresses and IP address on this subnet to bypass the CP as you would expect.

              Is there a reason we shouldn't implement this that you can see?

              I look forward to your response.

              --luis

              1 Reply Last reply Reply Quote 0
              • jimp
                jimp Rebel Alliance Developer Netgate last edited by

                That's all been reworked on 2.0, iirc it should work there out of the box now.

                I have a fix for the missing images in the book (And an e-mail from them asking for an updated copy) but I haven't had a chance to generate a new pdf with the fixes. I'll probably be getting that to them today.

                1 Reply Last reply Reply Quote 0
                • L
                  lsoltero last edited by

                  Hello Jim,

                  I look forward to the updated book. I will touch base with Jos in a few days to get the new version.

                  We are running a customized version of pfSense 1.2.3 so it will be a while before we can upgrade to 2.0.  So we will need to settle for the above for now.  The only draw back I see is that src LAN_NET gets replaced with any in all rules.  I still have not been able to unscramble exactly why this allows the captive portal LAN subnets to work. There is some interaction between pf and ipfw that I am not quite getting… However, the bottom line is that for whatever reason changing that one line in filters.inc causes subnets to work with captive portal.

                  Thanks for help and advise here and in other postings.

                  take care.

                  --luis

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post

                  Products

                  • Platform Overview
                  • TNSR
                  • pfSense
                  • Appliances

                  Services

                  • Training
                  • Professional Services

                  Support

                  • Subscription Plans
                  • Contact Support
                  • Product Lifecycle
                  • Documentation

                  News

                  • Media Coverage
                  • Press
                  • Events

                  Resources

                  • Blog
                  • FAQ
                  • Find a Partner
                  • Resource Library
                  • Security Information

                  Company

                  • About Us
                  • Careers
                  • Partners
                  • Contact Us
                  • Legal
                  Our Mission

                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                  Subscribe to our Newsletter

                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                  © 2021 Rubicon Communications, LLC | Privacy Policy