Captive portal without zone name



  • Hello,

    In my current setup i don't have a zone name, when i click in the top menu bar on captive portal.
    then on the next page i have to select an empty zone, is there a way to alter this.

    I't looks like when i import these settings in my new test setup (pfsense 2.2.1) the captive portal isn't working.



  • Hi,

    Most probably, what you imported is messed up / broken.
    Wipe captive portal settings, redo the captive portal settings.



  • and how can i copy the voucher from my live setup to the test setup.
    when i now backup the vouchers and later restore them, there aren't any vouchers visible in the captive portal.

    how can i fix that.


  • Banned

    You don't copy broken setup. Restart from scratch.



  • Export a full backup, and open the resulting xml file.
    Search for

    You'll find something like this:

     <voucher><cpzone1><charset>2345678abcdefhijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ</charset>
    		<rollbits>16</rollbits>
    		<ticketbits>10</ticketbits>
    		<checksumbits>5</checksumbits>
    		<magic>231839953</magic>
    		<exponent>31589</exponent>
    		<publickey>LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0NCk1DTXdCDHHRF29aSWh2Y05BUUVCQlFBREVnQXdEd0lKQUpxUmV5N1lxczNaQWdKN1pRPT0NCi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQ0K</publickey>
    		<privatekey>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQ0BBUQ0Q0FRQUNDUUNha1hzdTJLck4yUUlDZTJVQ0NFemU1SmVYS1B1bEFnVUF5NUZSMXdJRkFNSmhSODhDQlFESw0KRXBVVEFnUjZ2ZlYvQWdVQXE3ZkxmZz09DQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQ0K</privatekey>
    		<descrmsgnoaccess></descrmsgnoaccess>
    
    		 <enable></enable></cpzone1></voucher> 
    

    Note : right now, I have no 'roles' created yet.
    Note : these voucher settings concern the zone name "cpzone1", your zone name can and keys will be different.
    I guess it's needles to say that if you have a zone name like xxxxx on the old system, and yyyyy on the new system, these two will NOT share vouchers.

    Now, create a role - role number "0" - 15 minutes per voucher - 4 vouchers  - name it "4-test-vouchers".
    Export your settings again (or export only voucher settings). You will have:

     <voucher><cpzone1><charset>2345678abcdefhijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ</charset>
    		<rollbits>16</rollbits>
    		<ticketbits>10</ticketbits>
    		<checksumbits>5</checksumbits>
    		<magic>231839953</magic>
    		<exponent>31589</exponent>
    		<publickey>LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0NCk1DTXdCDHHRF29aSWh2Y05BUUVCQlFBREVnQXdEd0lKQUpxUmV5N1lxczNaQWdKN1pRPT0NCi0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQ0K</publickey>
    		<privatekey>LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQ0BBUQ0Q0FRQUNDUUNha1hzdTJLck4yUUlDZTJVQ0NFemU1SmVYS1B1bEFnVUF5NUZSMXdJRkFNSmhSODhDQlFESw0KRXBVVEFnUjZ2ZlYvQWdVQXE3ZkxmZz09DQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQ0K</privatekey>
    		<descrmsgnoaccess></descrmsgnoaccess>
    
    		 <enable><roll>cpzone1
    			<number>0</number>
    			<minutes>15</minutes>
    
    			<count>4</count>
    			<used>AA==</used>
    			 <active></active></roll></enable></cpzone1></voucher> 
    

    As you can see, a "role" has been defined for zone "cpzone1".

    Alos, understand that the unused voucher codes ARE NOT STORED. These codes will be validates by pfSense if the keys that were used to generate them, are the same.
    The zone name has also be the same.

    As soon as a voucher has been parially used, a block like this;

    ....
    			 <active><v1><voucher>GZqF57YvXui</voucher>
    					<timestamp>1426752109</timestamp>
    					<minutes>15</minutes></v1></active> 
    ....
    

    will be present inside the <roll>block.

    I guess an in-place upgrade will keep created and used vouchers as long as initial parameters that were used to create the vouchers and roles are the same.

    Note that you can export and import Vouchers settings separately - just keep in mind that the zone name on the two system should be identical.

    Note : I never moved a voucher setup from a previous pfSense to a new (updated) one. I never used the possibility to upgrade in place, I always re-install from scratch, using the XML backup file as a guide how to set up my new system.  But I'm pretty sure created vouchers can still be used after an system change. In a worse case situation, created roles have to be abandoned.

    Btw : I'm using pfSense in a hotel, we never 'sell' Internet time (its like water, TV, etc a free resource from our point of view) so the voucher system is the 'hard way' for us to propose a simple Internet access, the "room number" + related password is much easier for us ,and the client, who do not have to run to the reception again because their FB chat lasted longer then the voucher-time.
    "Vouchers" means : more complicated, not only for the end-users, but also for YOU ;)</roll>



  • i altered the export file and add the correct zone info.
    but when restoring the original file or the altered file.

    in both ways the used voucher aren't beeing updated.
    all voucher are valid even the one's that are used and expired.

    so what can i do about this.

    do i realy need to start from scratch.



  • Well,

    I created two 'roles', easy with 2 vouchers. I used one voucher of one of the roles.
    I created a backup of my config (captive portal vouchers).

    I de-activated the voucher system. Used "viconfig" to remove ALL settings
    <voucher>…</voucher>
    and rebooted pfSense.

    .....
    I imported the "voucher" config.
    Activate voucher system.

    I couldn't use the "used" voucher (ok), but could use a new one (ok).

    I tested this on the same pfSense - so I don't know if my test is valid......



  • Stop your captive portal.
    Export the xml backup of your captive portal in DIAGNOSTICS>BACKUP & RESTORE. Select just captiveportal in the area: field.

    If your captive portal zone name is cpzone, add just this after <cpzone> in the downloaded xml

    <captiveportal>
    <cpzone>
    <zone>cpzone</zone>
    <descr>Your description</descr>

    Save it. Import it back to pfsense.
    Fixed.


  • Rebel Alliance Global Moderator

    Please do not reply to thread when so old.. OP found a solution, and anyone else looking such old threads are going to be based on OLD versions so might not even apply any more or work differently, etc... Thanks


Locked