Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 40 subscribers
  • Views 3316 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Captive portal from VLAN to access LAN

Panagiotis Vakerlis

Hello everyone,

I've just started playing with VLANS and successfully set one up for guest users. I have 2 rules for this guest network, 1 GUEST -> WAN without restrictions and 1 GUEST -> LAN with captive portal and show captive portal for unauthenticated users.

Problem is, from the guest network when I try to access a web page on LAN I don't get the captive portal page. If I go manually to https://x.x.x.x:8090 (x.x.x.x is the internal XG ip, 8090 is the captive portal port) it will show the captive portal and when I log on I have full access.

Any ideas?



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to lferrara

    Sorry about that, should elaborated more. Captive portal is enabled on the newly created zone with all the tickboxes. DNS does not apply since I have the filtering on LAN, not WAN. Nevetheless I created a test fw rule to forward DNS to no avail. 

    Just to note if this helps: I have let's encrypt ssl on the XG for the hostname it uses (Meaning if I go to https://mydnsname.com:4444 my connection is secure. Don't know if this screws up things on the inside 

Children
  • 0 in reply to Panagiotis Vakerlis

    On Log Viewer, I can see the Guest address trying to reach a LAN address and get rejected with the firewall rule I've created

  • 0 in reply to Panagiotis Vakerlis

    Hm strange thing. Went to Captive Portal settings, changed login prompt to custom message, included the link to direct captive portal ( in a form of <a href=https://x.x.x.x:8090> Click To Authenticate</a>). The IP used is the XG gateway of the Guest network.

    Now I get the page from captive portal saying that I can't login because I'm not authenticated. Good thing is since I included the captive portal link, I can click that and then I get to the proper user portal and login.

    A bit dirty but until we can find a solution it works!

    Strange thing that on the login method "Include link to the captive portal in the user notification message", I get a timeout trying to load the page. But on the moment I switched to "Display a custom message" it worked.

Unfiltered HTML