Captive portal setting
-
when i surf to an ip example 73.25.56.1 the portal works but if u use an url www.google.be does not work.
I think the problem is something like this:
1. Captive portal traps access to port 80;
2. Captive portal can't work on https (port 443) because it doesn't have the certificate of the requested host;
3. Google issues a redirect from http://www.google.com (and presumably all its variants) to https://www.google.com
4. Browser uses last successful access to www.google.com (https://www.google.com) and hence uses port 443 which captive portal doesn't trap but access hasn't been authenticated so access is blocked. -
thanks I will try it this evening.
No url works only when I surf with an ip i get the portal. -
Why did you enable CP on both LAN and WAN.
You probably only need it on LAN and WAN could make problems.Further enable the "DNS Forwarder" on pfsense if not already done.
Firewall rules on the LAN interface must allow traffic to port 8000 and port 80. Perhaps best try to create an "allow any to any" rule on LAN interface to make sure it's not a firewall problem.
-
well, I followed a tutorial on youtube and they enabled both lan and wan for the portal.
dns forwarding is enabled but doesn't the portal need to show befor an actual dns request ? -
well, I followed a tutorial on youtube and they enabled both lan and wan for the portal.
dns forwarding is enabled but doesn't the portal need to show befor an actual dns request ?Yes it should if the client uses the pfsense DNS Forwarder as DNS Server.
And you must only use http pages an not httpS pages. Make sure you did that.Perhaps restart CP and/or restart pfsense.
-
Thanks, did a reboot and it works.
But the login screen still tries to connect to https, I did disable the https login to resolve the port 8000 issue -
I just disabled the dhcp on the pfsense machine and let the client receive it's ip by the servers dhcp with the pfsense machine's ip as primary ip for the dns, (ip of the lan connection)
but now the captive portal isn't showing when surfing.
Must I change something else too ? -
do I also need to point the gateway to the pfsense machine ?
-
do I also need to point the gateway to the pfsense machine ?
Hmm, where else would you point the gateway to ?
Isn't your CP the gateway ? -
no, but i was wondering why.
i was only using it for the dns, so both dns and gateway ? -
so both dns and gateway ?
Yes.
The gateway is the computer to which your computer forwards packets when your computer doesn't have a "direct" route. If the gateway is not the computer operating the captive portal then your computer can access the internet without going through the captive portal so the captive portal has no chance of controlling the access to the internet.