Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hard time out/DHCP lease different IP address

    Scheduled Pinned Locked Moved Captive Portal
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      insurin
      last edited by

      Pfsesne 2.1.3
      Captive Portal
      Authentication via Active Directory with Radius
      Squid

      Question

      I have an idle timeout set to 6 hours. My DHCP lease is also set to 6 hours. Lets say I get a user that authenticates onto the CP and then turns off their wireless connection after 20 minutes. An hour or so later they turn their wifi back on, if they were to receive a different IP address from the original one they had, should this user just be able to carry on browsing the Internet or would they need to re authenticate as they are now on a new IP address?

      cheers

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi.

        Consider that the portal session ID is still valid a soft time out might change this, if its set.

        Anyway, valid, or not, the DHCP protocol just flows through the portal interface -it isn't blocked. Otherwise the PC could do anything because NO IP == no connection possible.

        The DHCP protocol is capable to handle the situation yuo asked for.
        The lease (IP) is still valid on the server.
        Look at the DHCP logs and in the DHCP server 'database'.
        What you will see is that the client asks for the IP it had before (on this network) - again, this is visible in the DHCP server (pfSense) log.
        The DHCP server could give another one, but normally is gives the save one.

        If the IP is different, AND you autherised concurrent login in the portal settings, then the portal session will be updated with the new IP.
        If not, yes, the client should re-authenticate.

        The DHCP server and portal logic recognizes the clients PC because it sees the MAC address.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • I
          insurin
          last edited by

          Hi Gertjan

          I am looking at the logs and I can now see what's happening as you have pointed out already

          logportalauth[83783]: CONCURRENT LOGIN - REUSING IP 172.110.14.67 WITH DIFFERENT MAC ADDRESS 18:20:32:27:17:b3: username timestamp

          cheers

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.