Problem with Captive Portal too



  • Hi
    I'm having problems with DNS (another thread), but also with Captive Portal in CARP.

    As I said in another thread, I have one cluster with 2 nodes: 172.16.16.2 and 172.16.16.3 (LAN IP) and 172.16.16.1 as VIP. Both machines are running fine and same version (latest), sync, etc…
    When I enable Captive Portal, I got it working on both machines. When a Client try to navigate, pfSense redirect me to 172.16.16.2 capter portal (using IP in address) or 172.16.16.3 if primary node is offline. I can auth and navigate fine.  The problem is that I want to use my domain to authenticate in captive (address) and my SSL certificate. Usually, I use "HTTPS server name" field name to set, for example, 'gw.mydomain.com'. This works fine, but in stand alone mode.
    If I set this in CARP, both servers try to redirect client connection to 'gw.mydomain.com' and if I set this domain to my VIP, doesn't work, my VIP doesn't repply for captive portal.
    Since captive portal data are sync between both nodes, I can't setup individual address for each captive portal (Ex: node 1: gw1.mydomain.com (172.16.16.2) and node 2: gw2.mydomain.com (172.16.16.3)).

    Is there any way to solve this little 'problem'?


Log in to reply