OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: gaurovsoni on March 09, 2017, 07:38:40 am

Title: Captive Portal with Blacklisting WEbsites
Post by: gaurovsoni on March 09, 2017, 07:38:40 am

> Having a single interface LAN

> Captive Portal Is RUNNING AWESOME in LAN Interface
      Allowed Addresses - 8.8.8.8 / 8.8.4.4
      Transparent proxy (HTTP) - UNCHECKED
      Transparent proxy (HTTPS) - UNCHECKED

> No WEB PROXY configured

AIM - I just want my users to have restriction to certain website like social networking, porn, etc etc (i have blacklist)

The Real Problem -

1> if i enable WEB PROXY [Default, no settings], & then goto captive portal & check the boxes to use transparent proxy (http/https), the captive portal stops working - no redirection, manual redirection lets to no internet working after login.

2> if i enable WEB PROXY [With Transparent Mode Setting USING OFFICIAL GUIDE] the portal becomes unstable , even i cannot login to LAN using WEBUI, it keeps on scanning. bt I can ssh.


Please Check Attachment as well

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: gaurovsoni on March 09, 2017, 07:39:47 am

One More Attachment

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: franco on March 09, 2017, 07:46:05 am

Hi there,

You have two possibilities...

For 1) You need to set up transparent proxy without the redirect NAT rule and then set the captive portal setting. If the transparent proxy mode is not enabled, the traffic will be rejected like you said.

For 2) You can probably get this working by setting Firewall: Settings: Advanced: [ x ] Shared forwarding. But this setting may have other side effects. Use with care.


Cheers,
Franco

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: gaurovsoni on March 09, 2017, 07:52:14 am

the ANS 1) option looks sensible, without NAT setting, ill try and let u know thanks.

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: gaurovsoni on March 09, 2017, 11:08:05 am

ok the problem is solved of using CAPTIVE PORTAL with TRANSPARENT proxy, thanks man,

but somehow im stuck with a new problem :"(

New Problem :
 i open distrowatch.com >> redirected to portal >> login >> then im stuck on logout screen, the internet is working, bt it does'nt redirect me to distrowatch. com . i have to manually open another tab & then go to distrowatch.com :'( any idea

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: fabian on March 09, 2017, 11:33:47 am

This comes from the template. It is not doing an redirect but you can use a custom template.

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: gaurovsoni on March 09, 2017, 11:52:24 am

no man , earlier it was redirecting to https website & http websites like distrowatch on CUSTOM & DEFAULT (none) Template . now me manually have to redirect :'( on default template none as well.

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: ackahforson on March 10, 2017, 08:35:54 pm

I have a similar setup, after the work around to make CP and webproxy work, the login page fails to redirect .

Title: Re: Captive Portal with Blacklisting WEbsites
Post by: gaurovsoni on March 12, 2017, 02:09:57 pm

can some1 please tell me how to work with https with captive portal... with transparent ssl proxy captive portal seems not to work