Hello everybody!
I have an OPNsense server on a remote network and I'm trying to configure the Captive Portal.
My Opnsense
version: OPNsense 25.7.6 (amd64)
The
setup is as follows:
- Interface wg0 is configured for WireGuard.
- I have a WireGuard client configuration on my local machine that connects successfully.
- When I access http://192.168.45.1:8000 after connecting, I expect to see the Captive Portal login page, but instead I get an "Empty reply from server."
DetailsThe interface wg0 is up and active, with IP 10.20.0.1/24.
The
firewall allows access to the portal:
root@opnsense:~ # pfctl -sr | grep 8000
pass in log quick on wg0 proto tcp from any to (self) port = 8000 flags S/SA keep state label "x"
WireGuard client it's correct, I think, (local and endpoint IPs)
The OPNsense
GUI shows the Captive Portal zone enabled on the WireGuard interface.
However:
When I open the portal URL --> http://192.168.45.1:8000
I get "Empty reply from server."
No logs are produced when restarting the Captive Portal.
The directory --> /var/etc/captiveportal does not exist although I don't know if it should exist
Would appreciate guidance on how to make the Captive Portal actually start and serve content when accessed through the WireGuard interface.
It sounds like the Captive Portal service isn't binding correctly to the WireGuard interface. First, verify that the interface `wg0` is assigned under *Interfaces > Assignments* and enabled. Then, in *Services > Captive Portal*, confirm the zone explicitly includes `wg0` and that its IP (10.20.0.1) matches your WireGuard subnet. Restart both the Captive Portal and `lighttpd` services. Also, check `/var/log/system.log` for startup errors — missing `/var/etc/captiveportal` usually indicates the portal never initialized. Re-saving the zone often regenerates this directory and fixes binding issues.