The pfSense Store

Author Topic: Captive Portal and Mobile  (Read 195 times)

0 Members and 1 Guest are viewing this topic.

Offline bebop_man

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Captive Portal and Mobile
« on: November 13, 2017, 01:14:54 pm »
I have a Pfsense box setup with a simple captive portal that has a terms and conditions page, an accept button and a redirect URL.  No vouchers are being used

When users on mobile phones (personally tested on Android 8, 2nd hand reports rom iOS), reach the captive portal and click 'Accept', the page just stays there.  No redirect, or anything.

If I close the landing page after clicking accept, then open up a browser or any web access, it works as normal.

Any ideas?  I don't think it's an issue with Pfsense, just trying to compensate for the oddities of a mobile device.  Or, if anyone has any code that can be added to the Portal to make it render better for a mobile device?

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 2158
  • Karma: +166/-9
    • View Profile
Re: Captive Portal and Mobile
« Reply #1 on: November 13, 2017, 04:28:27 pm »
Go one step back : use the build in portal page first.
When that works for you - and it will, you'll be very close that the reason why redirection is been taken  ;)

Offline bebop_man

  • Newbie
  • *
  • Posts: 6
  • Karma: +0/-0
    • View Profile
Re: Captive Portal and Mobile
« Reply #2 on: November 13, 2017, 05:21:32 pm »
But why would I have different results mobile vs. desktop PC?  And the issue is that redirection ISN'T happening from mobile phones.

Offline seanpearman

  • Newbie
  • *
  • Posts: 11
  • Karma: +1/-0
    • View Profile
Re: Captive Portal and Mobile
« Reply #3 on: November 14, 2017, 03:32:12 pm »
I can't explain why it would work differently on mobile (must be a coincidence), but the $PORTAL_REDIRURL$ variable should be called, and forward you on after auth.

Make sure you have the zone set as well.

Offline bear410hk

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: Captive Portal and Mobile
« Reply #4 on: December 13, 2017, 07:57:13 pm »
what is the redirect page  ?
I had this problem before when I redirect to https web site. pfsense has notice it can't redirect to https. (I saw the doc before, but don't know does it fix in new version)

I fix it(not a fix just try the other way). I redirect user to http site not a https site. after then all mobile and website can be reach the page.

for example, redirect to http://www.google.com. , it can pass to google. and google will auto change it to https.

hope my suggestion can help you.

Bear

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 2158
  • Karma: +166/-9
    • View Profile
Re: Captive Portal and Mobile
« Reply #5 on: December 15, 2017, 04:47:47 pm »
I had this problem before when I redirect to https web site. pfsense has notice it can't redirect to https.
;D
Euh ... wrong !
See my "After Authentication Redirection URL" : see attachment. This one works for many years now.
This URL is used after successful authentication. So, it will work. https, or not. Every Internet destination is open, only restricted to the GUI firewall you setup for your captive portal.

Btw : pfSense does not need to redirect (or intercept) initial https URL's because :
It can't - and no one on planet earth will break or make that situation.
It's your device that makes it work - togerther with pfSense of course.
All devices always through out an initial 'hidden' basic http request as soon as his NIC commes up with a IP connection - and this hidden request WILL trigger the captive portal ... and all will live happy for the rest of their lives.

Those devices that do not make this initial http request :
Owners should :
Update them - devices with an IP connection should do work like described
Or : owners should know then that they should open with a http://.... requests, NOT a https:// .... (this is workable, though, as it happened often, years ago, with the first stupid Android stuff etc)
Or : throw away the device - to old.

These days, MAC, iOS, Windows (all recent versions), Debian, FreeBSD, whatever, they are "captive portal aware". Not "pfSense Captive portal aware", but universal  "captive portal aware" (many others do exist apparently).

The last enemy exists : those who use one of those "commercial 'device' firewall" that lock down 'Ethernet' port on their device, not accepting 'strange networks' (as per owners order !) and after that they complain that they can't connect no where else as their own place ..... Well .....
« Last Edit: December 15, 2017, 04:59:29 pm by Gertjan »