Captive Portal & Firewall
Hi, this is my first post on this forum.
I write because I just installed pfSense to use as a captive portal for a wi-fi.
This is the configuration:
- WAN 10.0.1.173 configured with static ip, with default gw 10.0.1.1
- LAN 10.30.30.1 configured with static ip. This network interface is connected directly to the access point wifi (10.30.30.254) and is also an active DHCP server (range: 200-250) for the release of addresses of wifi devices.
I enabled the CaptivePortal (on LAN) and everything seems to work, in the sense that if I put an address on the browser opens the page with the request (10.30.30.1:8000) authentication.
The problem is that once authenticated text remains "Redirecting to http://www.google.com."
Surely i must configure the firewall to allow PC to exit the Internet LAN. In fact if I try from a machine connected to the wifi network (the address issued by the dhcp server is 10.30.30.201) to tell me to ping 220.127.116.11 Request timed out. Instead, if i "Ping" 10.30.30.254 I reply packets.
Can you help me?!?!?!?!?! Where is that wrong?
Thanks in advance to all those who "marry" my cause!
Hi, from the authenticated client try to ping the default gateway. Also try from inside pfsense webgui to ping any known website and see the response you get.
Clients behind the Cpative Portal need the CP interface IP as gateway and as DNS server.
On firewall rules you must allow traffic to the internet on the interface on which CP is running.
It's not 100% correct but firewall rules will first take effect if an user is authenticated on CP.