Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal service stopping

    Scheduled Pinned Locked Moved Captive Portal
    6 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      samuistu
      last edited by

      Hello,

      I've been using Pf for quite some time now with minimal fuss.  Recently though, the captive portal service has been stopping at its own accord - generally at the most inconvenient times (early AM).
      The only thing that has changed on the network has been an increase in the number of AP's and users.

      Conf.

      x64 VM 2 CPU 3G Ram Ver. 2.1.4

      I saw somewhere it could be related to DHCP lease time so here's some more info

      • DHCP lease 3 Hours

      • CP hard time out 2 Hours

      • Radius Auth

      • No concurrent logins

      User numbers could get up to around 150

      Any Ideas?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Anything in any of the logs when it stops working?

        I routinely have thousands of users on hundreds of APs, but I'm not using RADIUS.

        The DHCP lease time/CP timeout problem shouldn't affect everyone at once, and it looks like you're fine there anyway (lease is longer than timeout).

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • E
          ember1205
          last edited by

          @Derelict:

          Anything in any of the logs when it stops working?

          I routinely have thousands of users on hundreds of APs, but I'm not using RADIUS.

          The DHCP lease time/CP timeout problem shouldn't affect everyone at once, and it looks like you're fine there anyway (lease is longer than timeout).

          Actually, the lease is set to longer than the timeout, but leases are re-negotiated at 50% elapsed time. So, at 1.5 hours, a client will attempt to renegotiate their lease (and that's less than the 2 hour hard timeout for CP).

          You could try increasing the lease duration to see what happens.

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            What do you mean by "service stopping"? Shows stopped under Status>Services? What happens when it stops working?

            @ember1205:

            Actually, the lease is set to longer than the timeout, but leases are re-negotiated at 50% elapsed time. So, at 1.5 hours, a client will attempt to renegotiate their lease (and that's less than the 2 hour hard timeout for CP).

            That's ok, the only scenario where you'll create a problem is if you let an IP be re-assigned to a different device in less time than your hard timeout. As long as your lease time is more than your hard timeout, that won't happen. The renewal at 1.5 hours makes the lease good for another 3 hours at that point, still beyond (and actually further beyond) the hard timeout.

            1 Reply Last reply Reply Quote 0
            • S
              samuistu
              last edited by

              @cmb:

              What do you mean by "service stopping"? Shows stopped under Status>Services? What happens when it stops working?

              Yes the service just shows stopped.  Nothing I can see in the log.  When it stops it just does not allow users to access the login page.
              It seems that previously authenticated users and pass-through can continue to work (not sure what happens with timeout as this is part of CP)

              1 Reply Last reply Reply Quote 0
              • C
                cmb
                last edited by

                The service status there is only for the web server process that serves the portal page. So the question is what's happening to the lighttpd instance that runs CP. There should be something about lighttpd in one of the logs (probably system) somewhere. It wouldn't be a captive portal related log.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.