[HOWTO] Captive portal + FreeRADIUS + local MySQL user friendly single step

deajan · Aug 31, 2016, 3:29 PM

I'm pretty sure that you have two instances of mysql running. Check with ps aux.

astatine · Oct 12, 2016, 8:57 AM

Hi deajan,

First thank you very much for this perfect HOWTO.

But I got a problem when i import the admin.sql script. Please have a look below:

 mysql radius < admin.sql
ERROR 1064 (42000) at line 31: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'PRIVIELGES' at line 1

Do you have any idea how to fix it? I am running a brand new pfsense 2.3 on a PC. Thank you in advance.

deajan · Oct 12, 2016, 10:08 AM

There was a typo in admin.sql, should read PRIVILEGES and not PRIVIELGES.
Corrected on github. You may redownload the latest archive at https://github.com/deajan/pfSense-cp-auth-onestep/archive/master.zip

astatine · Oct 12, 2016, 2:05 PM

@deajan:

There was a typo in admin.sql, should read PRIVILEGES and not PRIVIELGES.
Corrected on github. You may redownload the latest archive at https://github.com/deajan/pfSense-cp-auth-onestep/archive/master.zip

Merci!!! Problem solved!!

xAm56 · Oct 27, 2016, 1:42 PM

Hello deajan,

First thank you a lot for your work, the system works great !

I try to use your template only with the "room number" field to log in on the portal.

I successfully disable the others fields (familyName, surName, emailAddress and newsletter) but when i validate the form, I've a blank page.

However, I pass the portal and I can access to the web but the result is not very clean

Could you please explain me which modifications I have to make in ozy-captive.php and perhaps in captiveportal-config.php .

Thanks in advance !

deajan · Oct 29, 2016, 1:03 PM

Hello xAm56,

As far as I remember, the username is a combination of emailAdress and roomNumber and password is a combination of familyName and surName, in order to get some degree of randomness.
Basically, only using room number would mean that Radius records would not be unique.

I'll have a to push an update until monday which adds the language parameter in the url.
I'll try to check your usecase in the same time.

Regards,
Orsiris.

deajan · Oct 30, 2016, 9:19 AM

Have a look at the latest commits on github at https://github.com/deajan/pfSense-cp-auth-onestep/releases/tag/v0.44

saygon · Nov 1, 2016, 4:54 PM

Hi @deajan and thank you for your amazing work!

Unfortunately I'm not able to run mysql server.
I have made a clean install of pfSense 2.3, configured wan and lan, internet works. I'm also able to install all what do you mentioned on this guide.
Each time I try start mysql server it comes some error:


[2.3.2-RELEASE][admin@pfSense.localdomain]/root: service mysql-server.sh start
Starting mysql.
Bad -c option
/usr/local/etc/rc.d/mysql-server.sh: WARNING: failed to start mysql

I have already research on Google regarding to this error, but don't found nothing useful.
Please let me know if you need some additional info or log output.

deajan · Nov 1, 2016, 8:50 PM

@saygon I remember having dealt with that error while developping this project.
Don't remember the exact root cause… probably a bad mysql version installed.

Remove and reinstall the version corresponding to your setup.
If the problem still occurs, post the content of your mysql_server.sh file, and mysql -v output.

astatine · Nov 3, 2016, 7:33 AM

+–--+----------+-------+---------------+---------------------+
| id | username | pass | reply | authdate |
+----+----------+-------+---------------+---------------------+
| 1 | testu | testp | Access-Accept | 2015-09-29 15:13:24 |
+----+----------+-------+---------------+---------------------+

Hello deajan,

would you please tell me , how can I set MD5 encrypt here for user password?

deajan · Nov 3, 2016, 11:32 AM

@astatine Your question isn't in the scope of this howto. Please make your own question regarding FreeRADIUS + MySQL setup only.

joel.dq · Nov 4, 2016, 9:39 PM

Hello !

I'm new to pfSense and forum. I was tasked to set up this type of access for an organization and I'm having a small trouble that I probably think it's pretty stupid but can't make it work.

I followed the instructions to the letter and I got the captive portal working as is- No modification of the files except for mysql password etc.

On the LAN PC I get successfully forwarded to the Captive Portal but as soon as I press Connect nothing happens, the form is cleared (as if new connection) and remain there.

I tried to see if the PHP inserted something in the radius DB but I found nothing there and for the life of me I can't find in the logs, or where in the logs, I can tail if there are connectivity errors with mysql + php etc.

I do want t thank you though, the guide is very detailed and I was able to set everything up quick. I just now need to to make that work.

Thanks !

deajan · Nov 9, 2016, 10:33 AM

Hello joel.dq,

Can you activate debug mode in captiveportal-config.php ?

joel.dq · Nov 10, 2016, 11:22 PM

I think I did already. Where should I see that logging?

deajan · Nov 11, 2016, 9:07 AM

There's no logging, it's about getting the error messages onscreen.
What version of the captive portal code are you using ? What user input do you ask for to connect ?

joel.dq · Nov 12, 2016, 11:52 PM

@deajan:

There's no logging, it's about getting the error messages onscreen.
What version of the captive portal code are you using ? What user input do you ask for to connect ?

Hello

I'm using 2.3.2-RELEASE-p1 version.

The inputs I'm asking are

Room # (renamed to Age) . I put it because I can read in the code that the room# is used to create the radius account.
Name
Surname
Mail

Debug is enabled

/usr/local/captiveportal: cat captiveportal-config.php | grep DEBUG
DEFINE("DEBUG", true);
DEFINE("DEBUG", true);

What is happening is that I do get the Captive Portal. I fill the details and click Connect. Nothing happens, no error on the screen and simply clears the form as if first reaching the CP page.

http://i.imgur.com/a/TfTn4

and form gets cleared

http://imgur.com/a/Z8Udw

I normally try to debug myself, I have rudimentary php skills to understand what code does, but I'm lost when JS is involved.

deajan · Nov 16, 2016, 12:00 PM

Hello,

What version of captiveportal do you use ? Latest from git ?

Can you mail me your captiveportal-config.php file at ozy at netpower dot fr ?

Also, assuming you did a Spanish translation, can you give me that so I add it to git ?

joel.dq · Nov 16, 2016, 12:33 PM

@deajan:

Hello,

What version of captiveportal do you use ? Latest from git ?

Can you mail me your captiveportal-config.php file at ozy at netpower dot fr ?

Also, assuming you did a Spanish translation, can you give me that so I add it to git ?

Latest from GIT. Sending and many thanks for your assistance.

I'll send you the spanish translation a bit later. Modified it outside hotel for educative institute.

deajan · Nov 16, 2016, 2:51 PM

Your config file does not come from the latest git, there have been at least 7 commits since your version.
Please UPDATE ALL files before posting about this again.

joel.dq · Nov 18, 2016, 1:11 PM

@deajan:

Your config file does not come from the latest git, there have been at least 7 commits since your version.
Please UPDATE ALL files before posting about this again.

I found the issue.

When I put the terms of use as false, no matter what other options I try with true or false, it won't go on.

$askForTermsOfUse = false;

While the option to put it false is there, apparently it has to always be true to work.

Regards