• After migrating from 1.2.3 to 2.0.1, I'm having some trouble with Captive Portal occasionally not honoring the idle timeout. I have idle timeout currently set to 59 minutes, but when I go to Status->Captive Portal and click "show last activity", I can see clients whose last activity is ca 20 hours old. It seems that sometimes CP goes into a state where it doesn't release the old sessions. Two times now I have had a situation where new clients can no longer get through the portal until I reset it by disabling and re-enabling it in Services->Captive Portal. After last time I did this, the problem seemed to go away for couple of days but now it's back again. The attached graph shows well how I had a problem on Tuesday, then reset it in the morning and again in the afternoon, then things were normal for Wednesday and Thursday, and now on Friday the problem seems to be back - number of concurrent users is climbing and never decreases.



  • Are you using Radius authentication ?

    If so, have a look at http://forum.pfsense.org/index.php/topic,53344.msg286022.html#msg286022


  • No, I'm not using RADIUS authentication. Authentication is set to "No Authentication"


  • Vatson did you find the cause of this? I'm having the same issue, after a while old idle sessions aren't being removed.

    I do make use of a radius server but as this is the first time I experienced it, its too soon to blame it on the radius.

    (Also on 2.0.1)


  • I had these symptoms when I had inadvertently set the DHCP lease time to be LESS than the idle-timeout - logged-in user number would just keep growing until I restarted the CP service.