Change captive portal detected WAN IP address for radius auth
-
Hello Guys,
Thanks to Belgacon, our national internet provider, I have a problem with captive portal.
My internet providers forces users to be inside a LAN subnet behind their own router.
The problem is that when I try to connect to my freeradius server (on another site), the NAS-IP-Address field sent by pfsense is its WAN address, who is not its real WAN address but the one within the provider's LAN, and so the authentication is rejected with a Reply-Message = "NAS not found!" >:(
I tried to change my captiveportal.inc with the following values but no way….
function getNasIP()
{
$nasIp = "194.78.xxx.xxx" ;}
Has someone experienced it yet? And how to solve it?
Is it not a way to explicitly tell the captive portal service to send a custom IP instead of the detected WAN address??
Thank you by advance for the help and please excuse my bad english...
Thierry
-
Hi everybody,
It works!
Finally i've modified /etc/inc.captiveportal.inc with the following values :
function getNasIP()
{
$nasIp = "194.78.xxx.xxx";
if(!$nasIp)
$nasIp = "0.0.0.0";
return $nasIp;
}and rebooted my device… (this is what I did not do first time)
After this, my radius messages were looking better
NAS-IP-Address = 194.78.xxx.xxx
NAS-Identifier = "456.yyyyy.be"
User-Name = "testuser"
Acct-Status-Type = Start
Acct-Authentic = RADIUS
Service-Type = Login-User
NAS-Port-Type = Ethernet
NAS-Port = 7
Acct-Session-Id = "221de044d5aee762"
Framed-IP-Address = 10.1.0.10
Called-Station-Id = "5c:d9:98:aa:bb:cc"
Calling-Station-Id = "00:21:5d:aa:bb:cc"Mister developers, is it not a way to add a field on captive portal configuration page to permit to manually change the WAN IP address? I think it should be grandly appreciated...
Thierry