pfSense Support Subscription

Author Topic: Captive Portal & Firewall  (Read 1211 times)

0 Members and 1 Guest are viewing this topic.

Offline yayo78

  • Newbie
  • *
  • Posts: 3
    • View Profile
Captive Portal & Firewall
« on: April 03, 2012, 01:58:05 am »
Hi, this is my first post on this forum.
I write because I just installed pfSense to use as a captive portal for a wi-fi.
This is the configuration:
- WAN 10.0.1.173 configured with static ip, with default gw 10.0.1.1
- LAN 10.30.30.1 configured with static ip. This network interface is connected directly to the access point wifi (10.30.30.254) and is also an active DHCP server (range: 200-250) for the release of addresses of wifi devices.
I enabled the CaptivePortal (on LAN) and everything seems to work, in the sense that if I put an address on the browser opens the page with the request (10.30.30.1:8000) authentication.
The problem is that once authenticated text remains "Redirecting to http://www.google.com."
Surely i must configure the firewall to allow PC to exit the Internet LAN. In fact if I try from a machine connected to the wifi network (the address issued by the dhcp server is 10.30.30.201) to tell me to ping 8.8.8.8 Request timed out. Instead, if i "Ping" 10.30.30.254 I reply packets.

Can you help me?!?!?!?!?! Where is that wrong?
Thanks in advance to all those who "marry" my cause!

Offline asmat

  • Newbie
  • *
  • Posts: 18
    • View Profile
Re: Captive Portal & Firewall
« Reply #1 on: April 03, 2012, 03:07:48 am »
Hi, from the authenticated client try to ping the default gateway. Also try from inside pfsense webgui to ping any known website and see the response you get.

Offline Nachtfalke

  • Hero Member
  • *****
  • Posts: 2753
    • View Profile
Re: Captive Portal & Firewall
« Reply #2 on: April 03, 2012, 09:46:10 am »
Clients behind the Cpative Portal need the CP interface IP as gateway and as DNS server.
On firewall rules you must allow traffic to the internet on the interface on which CP is running.
It's not 100% correct but firewall rules will first take effect if an user is authenticated on CP.

Offline adzaky

  • Newbie
  • *
  • Posts: 17
    • View Profile