Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MultiWan + LAN CP Not working

    Captive Portal
    5
    7
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      smoothworker
      last edited by

      Hi everyone,

      i have a big problem with our PFSense for a Hotel Wifi. I have the following configuration

      Pfsense newest release on a PCEngine AlixBoard APU with 3 NICs
      Dlink Switch
      9 Ubiquiti Unifi AP
      2 DSL Router from Provider.

      I have configured the Pfsense like above:

      DSL Router 1 - eth0 - WAN1
      DSL Router 2 - eth1 - WAN2
      DLINK Switch - eth2 - LAN

      I have set the WAN1 & WAN 2 as Loadbalanced and have set the DNS Forwarder, DHCP with Static IPs for the AP (DHCP Reserver). Internet is working and everything but the only thing that is not working is the Redirection to the CP.. i think i have checked everything that i could imaging but no luck… Every Client that is connecting to the Unifi AP and get IP from the PFSense DHCP is getting right to the Internet but not to the CP to log in.

      Please if anyone has an idea what else to check it whould be grade!

      Thanks in advanced for your time reading this.

      1 Reply Last reply Reply Quote 0
      • J
        jaspras
        last edited by

        Have you enabled CP to the interface ? Did you enable the login page of the CP ?

        1 Reply Last reply Reply Quote 0
        • S
          smoothworker
          last edited by

          Hi Jaspras,

          yes i have enabled the Captive Portal on LAN and the Login Page.. if i enter manual in the Browser 192.168.1.1:8000 i get on the Captive Portal page. Every Client is not redirecting to the login page and so bypassing the captive portal without loggin and i really dont know what else i should look on.

          1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan
            last edited by

            @smoothworker:

            I have configured the Pfsense like above:

            DSL Router 1 - eth0 - WAN1
            DSL Router 2 - eth1 - WAN2
            DLINK Switch - eth2 - LAN
            …..

            I have proposition.
            For testing purposes, set up a "normal" situation:
            One WAN (this means, for the moment - don't use your second WAN connection).
            One LAN
            and one OPT1 interface.

            First: backup your setting - so you can get back to the actual situation afterwards).
            Then : Goto the main web menu => System => Setup Wizard.
            Init one LAN, one WAN and one OPT1 (your future Wifi Portal) network.
            Setup local LAN IP (example: accept 192.168.1.1)
            Setup local OPT1 IP (example : 192.168.2.1)
            Init your WAN connection.

            Test if all is ok.

            Now, activate the portal on OPT1.
            Test it.
            It should work as advertised. "Portal services" belong to the OPT1 interface - your LAN is for 'admin' purposes and trusted devices like NAS, Printers, and company PC's etc. (that's how it run it is run in 'our' hotel').

            If you want to use your second WAN, go for the 'simple' solution: use a 4 NIC device ;)

            When done with your tests, take your backup - and you're at the point where you started.

            Btw: I'm using pfSense in our hotel for years (5 or more) and never had any problems with it.
            Clients that do not login correctly on the portal page can't bypass the network. Period.

            edit: second, easy test: hookup a switch to you LAN.
            On this switch, hookup a PC by wire.
            Connect using the wire interface (by switch, Not Wifi).
            Are you still bypassing the portal interface ?

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              You're likely breaking the redirect with the policy routing. Add a rule to allow traffic to the LAN IP, leave gateway at default, put at top of list.

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                Or trying to get a redirect from an https URL, which you cannot do unless you enable https logins.  And even if you do that you'll throw certificate errors.

                Most "portal page won't come up" I see are due to trying to go to https sites.

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan
                  last edited by

                  @Derelict:

                  …..
                  Most "portal page won't come up" I see are due to trying to go to https sites.

                  :(
                  Stupid me: I forgot that one !

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.