Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Newbie Problem Captive Portal can't authenticate using radius server

    Scheduled Pinned Locked Moved Captive Portal
    10 Posts 2 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Azu
      last edited by

      I have configured the captive portal for my LAN connection.

      WAN - 192.168.0.101
      LAN - 192.168.1.1

      I try to use the radius server authentication, but it fails.
      When I access to internet, the captive portal appeared and asking me to input name and password.
      But when I put it, it display 'no RADIUS response received'
      Can someone help me with the configuration?

      1 Reply Last reply Reply Quote 0
      • N
        Nachtfalke
        last edited by

        This is probably because you did not configure the RADIUS server correctly. The client is not known by the RADIUS server or there is a mismatch between the sharedsecret on CP and on RADIUS - or some rare characters or symbols. You can try with a simple sharedsecret like "password123".

        Further check your RADIUS log - it will tell you what is happening or try run RADIUS in debug mode to see all the output.

        1 Reply Last reply Reply Quote 0
        • A
          Azu
          last edited by

          @Nachtfalke:

          This is probably because you did not configure the RADIUS server correctly. The client is not known by the RADIUS server or there is a mismatch between the sharedsecret on CP and on RADIUS - or some rare characters or symbols. You can try with a simple sharedsecret like "password123".

          Further check your RADIUS log - it will tell you what is happening or try run RADIUS in debug mode to see all the output.

          Thanks for your help.
          So, what IP should I set at the primary radius server?
          sorry, i'm new at pfsense. Need to learn lot of thing.

          1 Reply Last reply Reply Quote 0
          • A
            Azu
            last edited by

            Hey again. I managed to set up the radius thanks to you sir  ;D

            But I detect that not all browser/devices can reach my captive portal page.

            For example : my laptop and phone can reach the CP, but my friends laptop can't reach CP. When he tries to browse internet, it will display no internet connection.

            Can you help me sir?  ??? ???

            1 Reply Last reply Reply Quote 0
            • N
              Nachtfalke
              last edited by

              The DNS must be the pfsense interface IP where CP is running.

              Best way would be that your friend's computer gets its IP,GW and DNS from pfsense DHCP. Did your friend try another browser ?

              1 Reply Last reply Reply Quote 0
              • A
                Azu
                last edited by

                @Nachtfalke:

                The DNS must be the pfsense interface IP where CP is running.

                Best way would be that your friend's computer gets its IP,GW and DNS from pfsense DHCP. Did your friend try another browser ?

                I set the DNS server at general setup to 192.168.1.1 which is my LAN pfsense address and I noticed that I have 3 DNS server. Is it correct?

                ![dns server.PNG](/public/imported_attachments/1/dns server.PNG)
                ![dns server.PNG_thumb](/public/imported_attachments/1/dns server.PNG_thumb)

                1 Reply Last reply Reply Quote 0
                • N
                  Nachtfalke
                  last edited by

                  @Azu:

                  (…)
                  I set the DNS server at general setup to 192.168.1.1 which is my LAN pfsense address
                  (...)

                  That's wrong. The DNS in "General Setup" is for pfsense.

                  The clients on the LAN interface must have the pfsense LAN interface as DNS server.

                  1 Reply Last reply Reply Quote 0
                  • A
                    Azu
                    last edited by

                    @Nachtfalke:

                    @Azu:

                    (…)
                    I set the DNS server at general setup to 192.168.1.1 which is my LAN pfsense address
                    (...)

                    That's wrong. The DNS in "General Setup" is for pfsense.

                    The clients on the LAN interface must have the pfsense LAN interface as DNS server.

                    I have deleted the DNS at general setup. Thanks.

                    I still don't know why my friends laptop can't reach the captive portal page.

                    Can you suggest some step for me?

                    1 Reply Last reply Reply Quote 0
                    • N
                      Nachtfalke
                      last edited by

                      Which OS is your friend using ?
                      I read something about problems with MAC OS.

                      1 Reply Last reply Reply Quote 0
                      • A
                        Azu
                        last edited by

                        @Nachtfalke:

                        Which OS is your friend using ?
                        I read something about problems with MAC OS.

                        They are using window 7. I don't know why but the ip are already assign by my dhcp server.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.