Latest posts of: Richthofen

Welcome, Guest. Please login or register.
Did you miss your activation email?

pfSense Forum

Show Posts
Pages: [1]

1	pfSense English Support / Captive Portal / Re: Captive Poral Https Help	on: November 01, 2006, 01:59:00 pm
Hau! just did it here you must have openssl installed in my linux box I did: root@linux#> openssl req -new -nodes > cert.csr Answer the questions and when Common Name (CN) is required type the pfsense machine name and make sure captive portal clients can resolve this name in DNS. So probably you´ll need to update you DNS server config. Common Name (eg, YOUR name) []: pfsense.yournet.net after that 2 files will be created --> cert.csr and privkey.pem then you do: openssl x509 -in cert.csr -out cert.pem -req -signkey privkey.pem -days 999 and a third file will be created --> cert.pem In captive portal properties page you enable HTTPS Login, fill "HTTPS server name" with the same name you typed in CN above. Again in linux box you type: root@linux#> cat cert.pem copy and paste all the output in "HTTPS Certificate" --> including ---- BEGIN CERTIFICATE and ---- END CERTIFICATE Again in linux box you type: root@linux#> cat privkey.pem copy and paste all the output in "HTTPS Private Key" --> including ---- BEGIN RSA PRIVATE KEY and ---- END RSA PRIVATE KEY last step is to change the captive portal page content and change address to https:// and port to 8001 FORM action=https://pfsense.yournet.net:8001 SAVE and test now before load captive portal authentication page will be shown a warning about HTTPS conection and you can see the padlock down the browser. thats it

2	pfSense English Support / Captive Portal / Re: Captive Portal logging user twice	on: October 26, 2006, 04:27:33 pm
thnx for replying jeroen234!!! so... is it a normal action?

3	pfSense English Support / Captive Portal / Captive Portal logging user twice	on: October 26, 2006, 01:50:01 pm
Hi folks! Im using PF Release-1 as CP and a freeradius + mysql box to store users names, passwords and accounting logs. Freeradius dialup-admin interface shows that user has 2 open sessions, what is weird ´cause username appears only 1 time in "Online Users" both in Diaulup-Admin and PFsense CP Status Checking detail file in freeradius box I found out that PFsense is logging the user twice as logged below. Two logs with same date occured at the same time. So, that´s the question: Why Pfsense CP is logging users twice and sending this information to freeradius? Thnx in advance Thu Oct 26 15:41:52 2006 NAS-IP-Address = 192.168.253.2 NAS-Identifier = "pfsense.hnauth.net" User-Name = "antonieta.s" Acct-Status-Type = Start Acct-Authentic = RADIUS Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 12 Acct-Session-Id = "04c04ba7ca392f89" Framed-IP-Address = 192.168.30.248 Called-Station-Id = "00:14:2a:1c:2a:c5" Calling-Station-Id = "" Client-IP-Address = 192.168.253.2 Acct-Unique-Session-Id = "b90a52bc33ecd8b1" Timestamp = 1161888112 Thu Oct 26 15:41:52 2006 NAS-IP-Address = 192.168.253.2 NAS-Identifier = "pfsense.hnauth.net" User-Name = "antonieta.s" Acct-Status-Type = Start Acct-Authentic = RADIUS Service-Type = Login-User NAS-Port-Type = Ethernet NAS-Port = 12 Acct-Session-Id = "04c04ba7ca392f89" Framed-IP-Address = 192.168.30.248 Called-Station-Id = "00:14:2a:1c:2a:c5" Calling-Station-Id = "" Client-IP-Address = 192.168.253.2 Acct-Unique-Session-Id = "b90a52bc33ecd8b1" Timestamp = 1161888112

4	pfSense English Support / Captive Portal / Re: how to force Captive Portal to check user subnet before authentication?	on: October 04, 2006, 04:54:25 pm
Hau! me again Im not a PHP programmer and following mr. hoba suggestion I found a php script which verifies username and check it with ip addr where requisition for logon came from. But when I try to run PHP code nothing happens, as if PHP running in PF is not understanding php code. Where do I find PHP logs to see if there´s an error? Thnx p.s.: php code below - please remember "IM NOT A PHP PROGRAMMER" so if it´s crap is not my fault (yet) =P Code: <?php // checa user function check_user() { //verifica se o form foi enviado if(isset($_POST['auth_user'])) { // separa a string $rede_user = explode('.',$_POST['auth_user']); // sub_rede do usuário echo "sub rede do usuário = ".$rede_user[1]; // ip verdadeiro $ip = $_SERVER['REMOTE_ADDR']; //- DESCOMENTAR ESTA LINHA // pseudo ip do usuário - //$ip = '192.168.11.0'; //COMENTAR ESTA LINHA $ip_user = explode('.',$ip); echo "<br />"; echo "<br />"; echo "Conjuntos do ip do usuário"; echo "<br />"; echo "parte 1 = ".$ip_user[0]; echo "<br />"; echo "parte 2 = ".$ip_user[1]; echo "<br />"; echo "parte 3 = ".$ip_user[2]; echo "<br />"; echo "<br />"; // REDES IPS $rede = array(); $rede[10][0] = 'x'; $rede[11][0] = 'y'; $rede[20][0] = 'k'; $rede[21][0] = 'w'; $rede[22][0] = 'v'; $rede[23][0] = 'm'; echo "<br />"; // verifica se a sua rede do usuário pertence ao IP que ele está logado if(@in_array($rede_user[1] , $rede[$ip_user[2]])) { echo "O USUÁRIO PODE PASSAR <BR />"; echo "A sub rede ".$rede_user[1]." pertence a rede ".$ip"; }else { echo "PASSAGEM PROIBIDA <BR />"; echo "A sub rede ".$rede_user[1]." NÃO pertence ao ip ".$ip"; exit(); } } } check_user(); ?>

5	pfSense English Support / Captive Portal / how to force Captive Portal to check user subnet before authentication?	on: September 27, 2006, 12:35:08 pm
### ATTENTION \| ATENCAO \| ACHTUNG ### This message was posted in m0n0wall regular and dev lists too. So mr. admin dont get pissed of me ### ATTENTION \| ATENCAO \| ACHTUNG ### Hi folks! I´m running Captive Portal and I need a quite simple feature (not in my point of view =P ). How can I make CP authentication check user IP/subnet? Like this: user "dog" has an IP address from 192.168.1.0/24 subnet. That´s the only subnet he is allowed to authenticate from. If user "dog" try to authenticate in CP from other subnet than 192.168.1.0/24 then CP rejects the connection. Is it possible? Thnx in advance. p.s.: sorry my awful english =/

6	pfSense English Support / Captive Portal / Re: Allow users change their passowrd online	on: September 21, 2006, 03:10:45 pm
thanx

7	pfSense English Support / Captive Portal / Allow users change their passowrd online	on: September 21, 2006, 03:05:39 pm
Hi folks! Is there a way to allow captive portal users included on "local user manager" to change their password online? Thanx in advance. -------------------------------------------- "All you people are vampires!!" - by Arctic Monkeys

8	pfSense English Support / PPPoE Server / pppoe logged users	on: June 01, 2006, 09:04:15 am
Hau! Is there a way (or patch) to implement a page which shows users logged in pppoe-server allowing disconnect them? just like that page of captive portal... thnx

9	pfSense English Support / PPPoE Server / can´t shutdown pppoe server	on: May 24, 2006, 09:44:01 am
Hi guys! Why can´t I disable pppoe server in BETA4? Even after removing users on its configuration and chosing OFF button and then applying all NG´s interfaces still remain. After rebooting the SERVICES page shows PPPoE server enabled. Any help? Thnx in advance. ----------------------------------------------------------------------------- "All you people are Vampires!!!" --> Arctic Monkeys

10	pfSense English Support / Captive Portal / Re: Captive Portal + PPPoE server at the same time	on: May 22, 2006, 12:19:44 pm
Hi I´m using Samsung SWL-3300 AP´s. Is there a modified firmware to allow this solution on such hardware? Thnx

11	pfSense English Support / Captive Portal / Captive Portal + PPPoE server at the same time	on: May 20, 2006, 01:51:15 pm
Hi guys. I´m using PFsense BETA4 and I´d like to use Captive Portal and PPPoE server together so my clients will be separated from each other (pppoe tunnel) and must authenticate in CP. Is it possible? Thanx in advance.

Pages: [1]

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines

Page created in 0.031 seconds with 20 queries.