Joined: 30 Apr 2017
|Posted: Sun Apr 30, 2017 8:17 am Post subject: Help with Captive Portal and VLAN
|Hi to everyone.
I've a really a weird thing that happen when using Captive Portal in conjunction with VLAN in my network.
The fact is:
On VLAN 2 I've the PCs connected with IP 192.168.2.X the DHCP server is on VLAN2 (an Huawei AC controller with 5 AP)
On VLAN 1 I've the PC with Zeroshell on IP 192.168.0.75 and CP disabled, proxy enabled (with dansguardian) the PC with zeroshell has one internet card.
The switch is an Alcatel Lucent OS6450 with a default route 0.0.0.0 0.0.0.0 to 192.168.0.75, and in ZS a static route dest:192.168.2.0/24 gateway 192.168.0.253 (The gateway of switch for VLAN1).
The PCs can navigate on internet and all the other STAs (cell phone, tablet and so on).
On 1) I only activate the CP, with IP only authorization. PCs don't get the web autorization page from CP, just on the browser ther's the error no internet. I've tested on win10 (different browser), linux ubuntu (firefox) android phone.
BUT, BUT and that is the thingh that get me crazy, with a windows phone cell (lumia 950 and 630 tested) I can have the web authorization page and get in to the internet. WHY???
That is what I've from the captive portal log:
13:03:06 AS: Success: Captive Portal Authentication Server started
13:03:07 GW: Success: Captive Portal Gateway started (0 clients connected)
13:03:19 AS: http session (Client: 192.168.2.147) captured for authentication (Popup: yes). Browser: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
13:03:50 message repeated 10 times
13:03:59 message repeated 3 times
13:04:02 AS: http session (Client: 192.168.2.147) captured for authentication (Popup: yes). Browser: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0
13:04:17 message repeated 4 times
13:06:27 AS: http session (Client: 192.168.2.119) captured for authentication (Popup: no). Browser: Mozilla/5.0 (Windows Phone 10.0; Android 6.0.1; Microsoft; Lumia 950) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Mobile Safari/537.36 Edge/14.14393
13:07:03 AS: trying Radius authentication (PAP) for email@example.com (Client: 192.168.2.119)
13:07:03 AS: Success: user firstname.lastname@example.org (Client: 192.168.2.119) successfully authenticated (Username,Password)
13:07:03 GW: Success: user email@example.com (IP: 192.168.2.119 MAC: ) connected
13:13:23 GW: Captive Portal Gateway is disabled
Thanks in advance.
P.S. I haven't problem if ZS a PCs are on the same VLAN, I've tested it.