OPNsense Forum

Archive => 15.7 Legacy Series => Topic started by: iosense on February 06, 2016, 09:49:12 am

Title: [SOLVED] Transparent Proxy and Captive Portal Authentication
Post by: iosense on February 06, 2016, 09:49:12 am

I have only "redirect traffic to proxy" NAT rule and this is not working properly with Captive Portal.
Traffic is not routed to the Captive Portal Login page.

How do I do that?

In addition, HTTPS traffic is not working at all, this is a separate issue!

Code: [Select]

# Ports     IP          Ports   Description
80 (HTTP)   127.0.0.1   3128    redirect traffic to proxy


Title: Re: Transparent Proxy and Captive Portal Authentication
Post by: iosense on February 12, 2016, 06:04:05 am

Does anyone have a knowledge of it?

Title: Re: Transparent Proxy and Captive Portal Authentication
Post by: FSY on September 13, 2016, 04:39:45 pm

I have the same problem. Can I use Captive Portal with Transparent Proxy in the same LAN ?

Do you have a solution ?

Title: Re: Transparent Proxy and Captive Portal Authentication
Post by: franco on September 18, 2016, 11:53:00 pm

There is an issue in the packet filter chaining in FreeBSD, which we use. ipfw (Captive Portal) and pf (NAT) are executed in a chain and pf makes packages disappear so users will not end up in the Captive Portal.

The problem is the FreeBSD stance is "use both at your own risk" and so we are now digging through the kernel code of FreeBSD to find a solution. There is a very similar issue with the Captive Portal and Multi-WAN.

It's not a simple scripting issue. We hope to fix this for 17.1.

Title: Re: Transparent Proxy and Captive Portal Authentication
Post by: franco on September 28, 2016, 02:21:40 pm

Ad found a better way for 16.7.5: one can how edit your captive portal zone to use the HTTP or HTTPS proxy directly. I'm marking this solved. :)

Title: Re: [SOLVED] Transparent Proxy and Captive Portal Authentication
Post by: wifimasters on November 21, 2016, 06:27:27 pm

thanks franco, will test later. More power