Captive Portal redirection does not work without internet connection



  • Hello,

    im on pfsense version 2.2.4 with LAN,WAN interface and the captive poral enabled on LAN interface.

    I have a routerboard with LTE connected on the WAN side.

    Whenever the internet drops on the WAN, the captive portal redirection does not work anymore. With internet connection the redirection works without problems.

    Does anyone have the same problem? What could be tne problem?

    Thanks.


  • Netgate

    If the browser cannot resolve a name it does not make an HTTP connection and the portal has nothing to redirect to the portal page.

    When the internet is down, try http://10.1.1.1/



  • @Derelict:

    If the browser cannot resolve a name it does not make an HTTP connection and the portal has nothing to redirect to the portal page.

    When the internet is down, try http://10.1.1.1/

    Thanks.

    But shouldn't the captive portal redirect every http request to the captive portal landing page not matte if the internet connection is connected on the wan or not?


  • Netgate

    If the browser cannot resolve DNS, it makes no HTTP connection to be redirected.  Which is why I asked you to try an HTTP connection to an IP address (bypassing the DNS lookup phase) when the connection is down.

    CP doesn't care if the internet is up or not.  You are confusing browser behavior with CP behavior.



  • @Derelict:

    If the browser cannot resolve DNS, it makes no HTTP connection to be redirected.  Which is why I asked you to try an HTTP connection to an IP address (bypassing the DNS lookup phase) when the connection is down.

    CP doesn't care if the internet is up or not.  You are confusing browser behavior with CP behavior.

    Thanks for your reply.

    I've tried it with the ip. The redirection works. So the captive portal only works when the browser can resolve the DNS name to an IP? Is it possible to set the DNS resolver in pfSense to resolve every DNS request to an IP?

    EDIT: The redirection worked with the IP for some minutes after i unplugged the WAN cable. Now it does not work anymore.



  • @amiyou:

    So the captive portal only works when the browser can resolve the DNS name to an IP?

    Yes - the firewall has to resolve a target in order to initiate the redirect to the CP page.
    @amiyou:

    Is it possible to set the DNS resolver in pfSense to resolve every DNS request to an IP?

    Not while the WAN is disconnected. Unless you fancy trying to populate every IP address on the internet within your own DNS, which would probably take longer than it's worth.



  • So there is no way to create an offline captive portal?



  • You can create a captive portal but the redirect to the CP page won't work with the WAN down.


  • Banned

    @amiyou:

    So there is no way to create an offline captive portal?

    The only way to create "offline" CP (whatever that means) it to make your DNS server resolve everything to some bogus IP.

    https://doc.pfsense.org/index.php/Creating_a_DNS_Black_Hole_for_Captive_Portal_Clients#Create_the_configuration_file

    (If you want to run this on pfSense, do NOT follow the rest of the howto, use the Bind package and GUI instead.)



  • @doktornotor:

    @amiyou:

    So there is no way to create an offline captive portal?

    The only way to create "offline" CP (whatever that means) it to make your DNS server resolve everything to some bogus IP.

    https://doc.pfsense.org/index.php/Creating_a_DNS_Black_Hole_for_Captive_Portal_Clients#Create_the_configuration_file

    (If you want to run this on pfSense, do NOT follow the rest of the howto, use the Bind package and GUI instead.)

    Thanks. I will try the black hole. What will happen when the clients authenticate through the captive portal?

    My problem is that the internet is not stable with LTE, but the captive portal redirection to a landing page should still work, although the internet is not available.