Topics

1

19.1 Legacy Series / Captive Portal: Allowed addresses/MACs has no effect

« on: May 02, 2019, 05:38:49 pm »

I need to allow some MAC addresses to access internet connection without authentication on captive portal.
I allowed this MAC addresses on captive portal configuration and I can see these MAC addresses on session logs, but they can't access internet connection because captive portal is shown and they can't bypass authentication.

Looking at logs I can only see this error:

configd.py: [889b1245-acd0-4e33-8062-c62cf18f1537] Script action failed with Command '/usr/local/opnsense/scripts/OPNsense/CaptivePortal/listClients.py /zoneid '0' /output_type 'json'' returned non-zero exit status 1 at Traceback (most recent call last): File "/usr/local/opnsense/service/modules/processhandler.py", line 481, in execute stdout=output_stream, stderr=error_stream) File "/usr/local/lib/python2.7/subprocess.py", line 190, in check_call raise CalledProcessError(retcode, cmd) CalledProcessError: Command '/usr/local/opnsense/scripts/OPNsense/CaptivePortal/listClients.py /zoneid '0' /output_type 'json'' returned non-zero exit status 1

Can this be the problem?

2

18.1 Legacy Series / NAT with multiple public ip

« on: February 21, 2018, 03:20:55 pm »

I upgraded from 17.x to 18.1.2 and everything is OK except one thing: now all lan computers use different public IP (I have 8 public ip).
With 17.x all lan computers use as public ip (checked with http://www.whatsmyip.org/) the one I gave to the WAN interface. After the upgrade they start use randomly all the 8 ip.
What's changed?
How can I obtain the same behavior as before?
Thanks.

3

General Discussion / Captive Portal sessions after reboot

« on: September 06, 2017, 12:02:16 pm »

Everytime I made an upgrade to a new Opnsense version that needs a reboot users connected to wifi network through Captive Portal (with Radius Authentication) needs to logout from Captive Portal and login again because network connection doesn't work.

Is it a normal behaviour of Captive Portal?
What can I do to keep users connected after a reboot?
Thanks

4

17.1 Legacy Series / PHP Warning vpn_ipsec_phase1.php on line 364 on IPsec site to site tunnel

« on: February 14, 2017, 01:51:53 pm »

After 17.1.1 upgrade I have problems with IPsec site to site tunnel:

[14-Feb-2017 13:45:29 Europe/Rome] PHP Warning:  implode(): Invalid arguments passed in /usr/local/www/vpn_ipsec_phase1.php on line 364

I already submitted the report and my vpn isn't working.

Could someone help me?
Thanks.

5

16.7 Legacy Series / RADIUS MAC authentication on Captive Portal

« on: November 21, 2016, 11:28:19 am »

I configured Captive Portal with Radius authentication.
Users can normally login without any problems.
Next, I configured my radius server (freeradius 3) to use MAC filtering and i enabled some devices.
Than I tried to use Captive Portal with a device that wasn't enable: the captive portal ask me to enter the credentials (username and password) and can normally login and have network access.
This wasn't what i expected: i need to give network access through Captive Portal only to the devices enabled in my radius server.
Am I missing something?
Thanks.

6

16.7 Legacy Series / [SOLVED] captive portal ldap authentication error

« on: November 10, 2016, 03:46:11 pm »

After last update to 16.7.7 version, i noticed that captive portal with ldap authentication started to give me an authentication error on login page (see attached screenshot).
Even if i have this error, i can access and use internet connection.

I checked ldap connection on System-->Access-->Tester and everything is OK, no errors.

I check errors on System-->Firmware-->Reporter and i have this PHP error:

[10-Nov-2016 15:28:14 Europe/Rome] PHP Notice:  Undefined index: name in /usr/local/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php on line 257

Is it a known bug?

7

16.7 Legacy Series / Setup IPsec Road-Warrior: Peer identifier doesn't appear

« on: October 24, 2016, 03:23:57 pm »

Hi, i'm new here. I just finished to setup my first OPNsense firewall and all the configurations i made start working as expected EXCEPT IPsec Road-Warrior for mobile client.
I follow this guide https://docs.opnsense.org/manual/how-tos/ipsec-road.html but i didn't find in webgui configuration the "Peer identifier" voice as shown on "Phase 1 proposal (Authentication)". I attached my screenshot.
Is it a bug? How can i setup "Peer identifier" in order to have a working configuration?
Could please someone help me?
Thanks!