Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Captive Portal, Vouchers, Passthrough MAC w/Username

    2.1 Snapshot Feedback and Problems - RETIRED
    2
    4
    1723
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Derelict
      Derelict LAYER 8 Netgate last edited by

      Okay -

      I was all excited about multi-day vouchers using pass-through MAC with username but am seeing something really weird.

      I have three portals defined.

      The first one has no authentication.

      The second has no authentication.

      The third has vouchers enabled, Pass-through MAC addition, and Pass through MAC with username.

      I connect to that network, get the voucher page, enter the voucher, and it is accepted.  But I am immediately presented with the CP login page again.

      The MAC passthrough entry is added to the config for the correct portal instance, but the pass-through MAC entry in ipfw is added to the first instance instead of the third.

      If I don't use Pass-through MAC addition, the user is added to the correct instance.

      I restored my config to a test box and it worked fine so I'm pretty sure a restart will fix it.

      But there's something funny with adding multi instance CPs still.

      This is 2.1-RC0 July 22 15:44 amd64.  I don't think there have been any CP changes since.

      (It might be nice to log $cpzone in portalauth.log)

      Chattanooga, Tennessee, USA
      The pfSense Book is free of charge!
      DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
      Do Not Chat For Help! NO_WAN_EGRESS(TM)

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        Rebooted this morning and the MAC passthrough entries are still being added to the first CP instance of ipfw instead of the 3rd, even though the config entry is added to the correct CP instance.

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          Aug  1 15:35:52 gw php: /index.php: The command '/sbin/ipfw -x meetings-q /tmp/macentry_meetings.rules.tmp' returned exit code '0', the output was '00002 pipe 4138 ip from any to any MAC a8:20:66:2b:bb:47 any 00003 pipe 4139 ip from any to any MAC any a8:20:66:2b:bb:47'

          Looks like a space is necessary in the mwexec command generation.  captiveportal.inc line 1871

          Chattanooga, Tennessee, USA
          The pfSense Book is free of charge!
          DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • E
            eri-- last edited by

            Fixed thanks for reporting.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post