OPNsense Forum

English Forums => Zenarmor (Sensei) => Topic started by: mcmahoc on September 25, 2020, 10:37:02 am

Title: Sensei using Captive Portal to track user names
Post by: mcmahoc on September 25, 2020, 10:37:02 am: Hi,

Is there a guide for configuring Captive Portal for use with Sensei? Currently all traffic is dedicated to anonymous users. I don't have the AD / LDAP integration feature on my subscription and it would be great to know who is doing what.

Not sure what other details anyone would need if they are able to assist other than:
OPNSense v20.7.2
Sensei v1.6
Currently monitoring LAN network

One other question: Should I look at adding my WAN interface to Sensei?

Thanks,
Chris
Title: Re: Sensei using Captive Portal to track user names
Post by: mb on September 25, 2020, 05:31:20 pm: Hi Chris,

No need for any configuration. If you've enabled Captive Portal; and started authenticating users; Sensei should be able to pick up user information automatically.

For the WAN interface, we do not recommend that, since Sensei is better meant for inner-facing interfaces like LAN. We suggest you use Suricata for the WAN interface.
Title: Re: Sensei using Captive Portal to track user names
Post by: mcmahoc on October 09, 2020, 11:00:38 am: Hi,

I think I'm missing something fairly fundamental about Captive Portal configuration (apologies for being a bit dim). I have enabled it Captive Portal for one my interfaces that Sensei is monitoring, and I assume it's working because I had to "log in" to get access to the internet from the clients connected to that network zone. I know Sensei is monitoring the interface because I get the sensei block page when visiting a restricted page.

However, Sensei still only shows anonymous egress / ingress.

Captive Portal config screenshot attached.
Title: Re: Sensei using Captive Portal to track user names
Post by: mb on October 09, 2020, 04:05:45 pm: That's not expected. As soon as you get Captive Portal working, Sensei should be able to pick user information.

Let's have a closer look. Can you send a PR through the "Report Bug" menu (upper right corner of the screen)?
Title: Re: Sensei using Captive Portal to track user names
Post by: mcmahoc on October 09, 2020, 05:16:18 pm: Hi mb,

Sent a bug report.

Thanks
Title: Re: Sensei using Captive Portal to track user names
Post by: A_V on March 01, 2022, 10:29:12 am: Hi together,

I know Im a bit late, but I guess Im facing the same problem right now too.

Im logged in into the Captive Portal, but in Zenarmor Reports there are no usernames.

Is there a public solution for this Problem?

Thanks
Adrian
Title: Re: Sensei using Captive Portal to track user names
Post by: sy on March 01, 2022, 03:38:29 pm: Hi,

Normally, it's working as expected. Can you share a bug report to look into closer?
Title: Re: Sensei using Captive Portal to track user names
Post by: A_V on March 02, 2022, 08:25:55 am: Hi,

Ive created a Bug Report.

Thanks
Title: Re: Sensei using Captive Portal to track user names
Post by: dant98 on March 26, 2022, 01:09:51 am: Is there a link to the bug report for tracking? I'm having the same issue it seems. Completely new opnsense w. a licensed copy of zenarmor. I also see all the traffic by IP, but all egress users are anonymous even though the opnsense captive portal is tracking sessions.
Title: Re: Sensei using Captive Portal to track user names
Post by: sy on March 29, 2022, 09:43:04 pm: Hi,

This is solved with 1.11 that will be published this week.