Captive Portal doesnt work …



  • Hello everybody. Could you please give me a hand in order to make it work because i tried so many different configurations that i dont know what else to do. Basically i want to set up a captive portal. So the network topology is

    ADSL Router -> PFSense NIC1 (WAN) |
                          PFSense NIC2 (LAN) -> console computer for managing the web interface
                          PFSense NIC3 (OPT1) -> connect with a TP-Link WA901ND Access Point

    So since the captive portal doesnt work with bridges i made another OPT2 which is basically a bridge of OPT1 + LAN. I added a couple of rules to the firewall and everything works (i think…)

    So now, every computer that connects through the WIFI AP is able to access the internet but also can access the 192.168.2.1 which is the PFSense web interface.

    My questions are those two:

    1. What rules i must add to the firewall in order the clients not to be able to see the 192.168.2.1 since that it is a security compromise?
    2. When i activate Captive Portal on OPT2 there is no authentication page whatsoever... What am i missing?

    Thank you in advance guys



  • Why have you bridged LAN and OPT1? (Perhaps its an unnecessary complication.)

    What firewall rules did you add and on what interfaces?

    @gmilas:

    1. What rules i must add to the firewall in order the clients not to be able to see the 192.168.2.1 since that it is a security compromise?

    Essentially a rule to block (all?, tcp? tcp ports 80 and 443?) access to destination IP address 192.168.2.1 then reset firewall states.

    @gmilas:

    2. When i activate Captive Portal on OPT2 there is no authentication page whatsoever… What am i missing?

    If I recall correctly, when I first started using Captive Portal it was necessary to provide your own authentication page. (I presume you mean the page asking for authentication information, username and password or voucher code, as appropriate). I think a default might now be provided, at least in 2.1 builds. ut it is pretty simple to roll your own if you start from the example in the Portal page contents section of the Services -> Captive Portal page.



  • Wallabybob thanks in advance for your time. About the first question, i did the bridge in order all the pc from LAN and WIFI to communicate to each other. About the firewall rules i will do what you are suggesting.

    About the CP, i meant that despite the fact that i enabled the captive portal the pc that are connected through WIFI are not getting the "Splash page" of CP which is the logical. Thats what i am asking about…why the CP is now working with the setup :(



  • @gmilas:

    Thats what i am asking about…why the CP is now working with the setup :(

    Did you mean not working rather than now working?

    There is a known problem if the browser starts to go to an https page rather than a http page? What URL is the browser attempting to open? What does the browser report?



  • Yes type mismatch apparently. CP doesnt work with this configuration …:(



  • @gmilas:

    …Thats what i am asking about...why the CP is now working with the setup :(

    @gmilas:

    … CP doesnt work with this configuration ...:(

    :-\ It does ? It doesn't ?

    My setup:
    @gmilas:

    ADSL PPPOE modem -> PFSense NIC1 (WAN)
                          PFSense NIC2 (LAN) -> console computer for managing the web interface - 192.168.1.1
                          PFSense NIC3 (OPT1) -> connect with several a Linksys AP's - 192.168.2.2, 192.168.2.3, etc OPT1=192.168.2.1

    Portal mode activated on OPT1 - works since ….. many years.



  • Actually the only thing that i had to change in order everything to work was to change my (&^%$&^%$#) ethernet cross cable. Now everything work. Thank you everybody for your answers.


Log in to reply