Newbie Problem Captive Portal can't authenticate using radius server



  • I have configured the captive portal for my LAN connection.

    WAN - 192.168.0.101
    LAN - 192.168.1.1

    I try to use the radius server authentication, but it fails.
    When I access to internet, the captive portal appeared and asking me to input name and password.
    But when I put it, it display 'no RADIUS response received'
    Can someone help me with the configuration?



  • This is probably because you did not configure the RADIUS server correctly. The client is not known by the RADIUS server or there is a mismatch between the sharedsecret on CP and on RADIUS - or some rare characters or symbols. You can try with a simple sharedsecret like "password123".

    Further check your RADIUS log - it will tell you what is happening or try run RADIUS in debug mode to see all the output.



  • @Nachtfalke:

    This is probably because you did not configure the RADIUS server correctly. The client is not known by the RADIUS server or there is a mismatch between the sharedsecret on CP and on RADIUS - or some rare characters or symbols. You can try with a simple sharedsecret like "password123".

    Further check your RADIUS log - it will tell you what is happening or try run RADIUS in debug mode to see all the output.

    Thanks for your help.
    So, what IP should I set at the primary radius server?
    sorry, i'm new at pfsense. Need to learn lot of thing.



  • Hey again. I managed to set up the radius thanks to you sir  ;D

    But I detect that not all browser/devices can reach my captive portal page.

    For example : my laptop and phone can reach the CP, but my friends laptop can't reach CP. When he tries to browse internet, it will display no internet connection.

    Can you help me sir?  ??? ???



  • The DNS must be the pfsense interface IP where CP is running.

    Best way would be that your friend's computer gets its IP,GW and DNS from pfsense DHCP. Did your friend try another browser ?



  • @Nachtfalke:

    The DNS must be the pfsense interface IP where CP is running.

    Best way would be that your friend's computer gets its IP,GW and DNS from pfsense DHCP. Did your friend try another browser ?

    I set the DNS server at general setup to 192.168.1.1 which is my LAN pfsense address and I noticed that I have 3 DNS server. Is it correct?

    ![dns server.PNG](/public/imported_attachments/1/dns server.PNG)
    ![dns server.PNG_thumb](/public/imported_attachments/1/dns server.PNG_thumb)



  • @Azu:

    (…)
    I set the DNS server at general setup to 192.168.1.1 which is my LAN pfsense address
    (...)

    That's wrong. The DNS in "General Setup" is for pfsense.

    The clients on the LAN interface must have the pfsense LAN interface as DNS server.



  • @Nachtfalke:

    @Azu:

    (…)
    I set the DNS server at general setup to 192.168.1.1 which is my LAN pfsense address
    (...)

    That's wrong. The DNS in "General Setup" is for pfsense.

    The clients on the LAN interface must have the pfsense LAN interface as DNS server.

    I have deleted the DNS at general setup. Thanks.

    I still don't know why my friends laptop can't reach the captive portal page.

    Can you suggest some step for me?



  • Which OS is your friend using ?
    I read something about problems with MAC OS.



  • @Nachtfalke:

    Which OS is your friend using ?
    I read something about problems with MAC OS.

    They are using window 7. I don't know why but the ip are already assign by my dhcp server.


Log in to reply