Netgate SG-1000 microFirewall

Author Topic: Captive portal without needing to login  (Read 136 times)

0 Members and 1 Guest are viewing this topic.

Offline ttsumak

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Captive portal without needing to login
« on: May 22, 2017, 03:38:39 am »
Hey,

Captive portal has the option for "no authentication", but it still gives user the login page.


Can someone advice  me to use captive portal (redirect to a site) without interaction from the user?

So it would just throw the user to my designated site and then be able to browse the internet.

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 1693
  • Karma: +136/-5
    • View Profile
Re: Captive portal without needing to login
« Reply #1 on: May 22, 2017, 05:31:00 am »
Captive portal has the option for "no authentication", but it still gives user the login page.
Exact.
But, clicking the (only ?!) button on that page without filling in whatsoever - user or password - will grant access.

That's why the possibility exists to put in place (upload) another (simplified) html 'captive portal login page'....

Fill in "After authentication Redirection URL" and the user will get redirected to that site.

Offline ttsumak

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Captive portal without needing to login
« Reply #2 on: May 22, 2017, 05:56:26 am »
Yes it will, but it requires unnecessary user interaction.


Are there any example html what to upload? I would like to get an example page to just redirect without any need for pressing buttons.

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 1693
  • Karma: +136/-5
    • View Profile
Re: Captive portal without needing to login
« Reply #3 on: May 22, 2017, 08:32:54 am »
Yes it will, but it requires unnecessary user interaction.
Are there any example html what to upload? I would like to get an example page to just redirect without any need for pressing buttons.
A captive portal always has a page with a user action - if you do not want a page and the action : de-activate the captive portal ;)

This => "it would just throw the user to my designated site" becomes pretty impossible then ....

edit :

Hummm : I guess creating a page with some java scripting that auto clicks  the portal Accept button might be your solution.
A simple Google : html auto click button will help you.

Offline ttsumak

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Captive portal without needing to login
« Reply #4 on: May 22, 2017, 09:45:51 am »

edit :

Hummm : I guess creating a page with some java scripting that auto clicks  the portal Accept button might be your solution.
A simple Google : html auto click button will help you.

i actually tried this. 80% it works, but sometimes users get stuck on that javascript and then its not working.

Would be glad to know what i'm doing wrong here.

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 1693
  • Karma: +136/-5
    • View Profile
Re: Captive portal without needing to login
« Reply #5 on: May 22, 2017, 09:57:12 am »
For instance : users use a navigator without any 'script' support .... All those "10 $" devices can't be
Users could have chosen to disable Javascript ... (making their live on the net, impossible, I agree)
Or : whatever - YOU do not control how users setup THEIR devices ...

In that case, those people have to click for themselves the old fashioned way.

"Stuck" on the portal page should not exists these days. ALL devices I saw, since before 2006 when I started to use pfSense, are "captive portal aware".
No one comes to me any more (a hotel) to ask how it works .....

Offline ttsumak

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Captive portal without needing to login
« Reply #6 on: May 22, 2017, 11:02:35 am »
Well this location is a public place. And i get a lot of complaints about people not getting past the redirect page.

i have a page with simple javascript to "press" the continue/login button. But few people get stuck on the page.

Sometimes even rebooting the pfsense helps.

Wonder if the issue is somewhere else in the pfsense?

edit:

Is it possible that the redirect page is working, but there is some problems with DNS? I'ts basically quite default DNS settings.
« Last Edit: May 22, 2017, 11:22:36 am by ttsumak »

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 1693
  • Karma: +136/-5
    • View Profile
Re: Captive portal without needing to login
« Reply #7 on: May 23, 2017, 12:02:20 am »
Well this location is a public place. And i get a lot of complaints about people not getting past the redirect page.
i have a page with simple javascript to "press" the continue/login button. But few people get stuck on the page.
Script, or not, clicking, tapping, or whatever on the Accept button works for me - or actually, my clients.
https://www.test-domaine.fr/munin/brit-hotel-fumel.net/pfsense.brit-hotel-fumel.net/portalusers.html
And believe me, if the "Wifi" (== Internet) connection doesn't work, people tent to contact the reception immediately.

Sometimes even rebooting the pfsense helps.
Rebooting ?
I only do that when an upgrade comes in ...

Wonder if the issue is somewhere else in the pfsense?
Noop.
You and I and thousands of others use the same code.
Only your setup is unique.


Is it possible that the redirect page is working, but there is some problems with DNS? I'ts basically quite default DNS settings.
As said here : https://doc.pfsense.org/index.php/Captive_Portal_Troubleshooting - this helps by gives you info about how to test and check.
These days more and more people use the most exotics setups, if not a totally impossible "solution" for a setup. Or, they often break the rules.
Possible is also that that devices that clients use just don't accept 'strange' networks (and thus won't work with your network, and that is NOT your problem ..).
Always use the golden rule : keep it simple.

If needed, but I don't do it often anymore :
I run to the shop in front of my hotel, and I take this brand new iPhone, the latest Samsung or that very recent - of not new - Dell laptop PC.
This as a proof that the device hasn't been setup and tampered with.
I can connect with this device  to my wifi network (pfSense captive portal) right away.  A browser will popup, we see the login page, we can click on that button (after filling in the user name and four letter password : already quiet a hassle for some people). All this to show to my clients that "it works out of the box". So something else is bothering them ... ;)
« Last Edit: May 23, 2017, 12:07:13 am by Gertjan »

Offline ttsumak

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: Captive portal without needing to login
« Reply #8 on: May 23, 2017, 11:23:44 am »
Have say for starters, thanks for the help you're giving.

Nice graphs. What is the antivir thing? Is Munin part of pfsense package manager or?

Yes, rebooting seems to sometimes fix the captive portal.


Here's my html which i put on the pfsense. https://pastebin.com/AdSrX86J - can you check if its ok?


Im still curious why does users get stuck on that HTML page. There seems to be some sort of issue with people not getting past it.

I'm kind of new to pfsense. But you seem to have lot less users. I get about 200 clients on a network.