Zentyal Forum, Linux Small Business Server

Zentyal Server => Installation and Upgrades => Topic started by: c4rdinal on October 06, 2011, 11:08:32 am

Title: Captive Portal + Wifi
Post by: c4rdinal on October 06, 2011, 11:08:32 am
Hi,

I have a problem with my deployment with captive portal + wifi for my wireless clients.

My network looks like this:

Captive Portal (eth3), 192.168.100.1 ---> Wifi (internet Port), 192.168.100.2 | Wifi (LAN), 192.168.200.0/24

Users connected to the Wifi (LAN), 192.168.200.0/24 don't get the Captive Portal Login. Is this because it's in a different Subnet as the server?

Is this the expected outcome?

Thanks
Title: Re: Captive Portal + Wifi
Post by: ichat on October 06, 2011, 01:33:56 pm
hi, to make captive portal work, zentyal needs to be  dns, dhcp and router/gateway for the network.
to make this work ... this requires it to have an ip/interface in the target network,

to make this work  set captive portal on network interface, or a vlan interface...  if you want to work on a vlan only you will require lvl3 (smart) switches.  otherwise  any lvl2 switch  will do.    if you want it wireless than add a wap (wireless access point) to your network segment  if you use consumer based wireless routers, be sure to disable its dhcp and dns functions completly before connecting it to your   captiveportal network.

Title: Re: Captive Portal + Wifi
Post by: jsalamero on October 09, 2011, 11:10:03 am
Being the gateway is enough, DNS+DHCP could be another server. Anyway, my suggestion is just to put the AP in bridged mode so you have everything in the same network.
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on October 18, 2011, 12:45:20 pm
Being the gateway is enough, DNS+DHCP could be another server. Anyway, my suggestion is just to put the AP in bridged mode so you have everything in the same network.

This is exactly what I'm trying to accomplish; making the AP (Linksys WAP54G with DD-WRT Firmware) bridged with the Zentyal Interface but can't find ways to establish it.

Anyone have setup the same?

As a summary of my requirement:

Zentyal Captive Portal Interface (eth3) = 192.168.100.1
AP WAN Interface = Bridged to Zentyal eth3

So that LAN clients will be in the same subnet as Zentyal (192.168.100.0/24). DHCP+DNS will be Zentyal.

I'll appreciate any hint on how to do this.

Thanks
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on October 18, 2011, 01:02:43 pm
I think, I know the answer. I think i'll make the Zentyal Captive Portal (eth3) set as bridge and My AP WAN interface as 192.168.100.100/24?

Title: Re: Captive Portal + Wifi
Post by: stuartiannaylor on October 18, 2011, 01:51:25 pm
I am not sure why you need to bridge the wifi router. You can and it will work. Simpler way is to turn off the wifi router dhcp & dns and instead of connecting to a separate ethernet port just place it on your lan switch.

Stuart
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on October 19, 2011, 10:57:33 am
I am not sure why you need to bridge the wifi router. You can and it will work. Simpler way is to turn off the wifi router dhcp & dns and instead of connecting to a separate ethernet port just place it on your lan switch.

Stuart

Worked like a charm, thanks!
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on November 03, 2011, 09:40:16 am
By the way, this work-around did not work for my Linksys DIR-655 AP and Netgear WNR3500 Router.

In this case the Netgear WNR3500 is configured as gateway.

For some reasons disabling the DHCP Service on the AP/Router did not allow clients to get an IP coming from Zentyal.

Any thoughts?

Thanks
Title: Re: Captive Portal + Wifi
Post by: stuartiannaylor on November 03, 2011, 10:11:35 am
I have used one of the Netgear nMax routers and had it working.
I guess it must be configuration.
 
Make sure you turn off the internal dhcp server function in the advanced section but leave it to autoconfigure via a dhcp server. Also turnoff the spi firewall.
 
So to start from scratch reset the router to factory defaults and then just turn off the above two. Place the router on the lan switch via its wan port.
 
Boot it up and it should first pick up the zentyal dhcp infomation check you are getting that far.
If it isn't try entering a static IP address and use your server address for default gateway, dns...
 
There shouldn't be a reason why it didn't apart from possibly configuration.
 
Stuart
 
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on November 03, 2011, 11:33:45 am
Make sure you turn off the internal dhcp server function in the advanced section but leave it to autoconfigure via a dhcp server. Also turnoff the spi firewall.
 
So to start from scratch reset the router to factory defaults and then just turn off the above two. Place the router on the lan switch via its wan port.
 
Boot it up and it should first pick up the zentyal dhcp infomation check you are getting that far.

Hello Stuart,

Thanks for taking time to answer.

Actually, I already have taken those steps prior to posting here. (Disable = SPI, Disable DHCP (LAN), Router Reset). But still had no luck to gain Dynamic address from Zentyal. Unlike my Linksys WAP54G which worked flawlessly using the same settings.

Title: Re: Captive Portal + Wifi
Post by: stuartiannaylor on November 03, 2011, 01:10:39 pm
Its always hard to envisage remotely so please humour me and ignore if this sounds condescending.
 
Reset the router to defaults.
 
See if you get the DHCP from the server.
 
I think you might be turning off the DHCP in the basic settings which will stop you recieving DHCP.
In the advanced section turn off the DHCP server and SIP firewall.
 
Otherwise I am a bit stumped without looking myself.
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on November 04, 2011, 07:59:41 am
I think you might be turning off the DHCP in the basic settings which will stop you recieving DHCP.
In the advanced section turn off the DHCP server and SIP firewall.

Stuart, thanks for your reply.

Hehe, sorry for not explaining it clearly.
In Basic Settings = I can get a DHCP Address from Zentyal.
But my clients connected to the AP cannot get DHCP address from Zentyal. I'm expecting clients will get DHCP Leases from Zentyal and not from the Netgear AP, right?

In Advanced, DHCP and SPI Firewall are disabled.

Title: Re: Captive Portal + Wifi
Post by: christian on November 04, 2011, 09:55:50 am
Hehe, sorry for not explaining it clearly.
In Basic Settings = I can get a DHCP Address from Zentyal.
But my clients connected to the AP cannot get DHCP address from Zentyal. I'm expecting clients will get DHCP Leases from Zentyal and not from the Netgear AP, right?

In Advanced, DHCP and SPI Firewall are disabled.

So basic settings work for you or not  ???  I'm very confused. You wrote that you get IP from Zentyal DHCP isn't it? Or is it a typo?

Anyway, if it doesn't work, you may have also to enable an option permitting broadcast sent by clients to be relayed by your router. I can't help with details here because I'm not using Netgear but you may get the idea and look at config options.
Title: Re: Captive Portal + Wifi
Post by: stuartiannaylor on November 04, 2011, 09:57:46 am
I have a wrn2000 and if I get the chance I will replace the belkin one at a site I can get to this weekend.

Will report back.
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on November 04, 2011, 12:36:33 pm
So basic settings work for you or not  ???  I'm very confused. You wrote that you get IP from Zentyal DHCP isn't it? Or is it a typo?

Yes, DHCP is working on the Netgear AP (on Internet Interface/port) but clients, connected to the AP (Wireless/LAN), cannot Lease an IP address from Zentyal via the access point. This should be the case so that clients and Zentyal will be on the same subnet. Otherwise, Captive Portal won't work.

Quote from: christian
Anyway, if it doesn't work, you may have also to enable an option permitting broadcast sent by clients to be relayed by your router. I can't help with details here because I'm not using Netgear but you may get the idea and look at config options.

I'll try this and report back of any development.

Thanks!
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on November 05, 2011, 03:28:14 am
Being the gateway is enough, DNS+DHCP could be another server. Anyway, my suggestion is just to put the AP in bridged mode so you have everything in the same network.

jsalamero, thank you for taking time to answer.

I just wanna clarify how to accomplish what you said " just to put the AP in bridged mode so you have everything in the same network."
Shall I make the Zentyal Interface connected to the AP in bridge mode and assign an IP address to the AP the same subnet as the Zentyal server?

Thank you in advance.

Title: Re: Captive Portal + Wifi
Post by: Escorpiom on November 06, 2011, 09:52:15 am
The AP has DD-WRT on it, as I understand correctly?
It seems like you still do some sort of routing because you talk about WAN and LAN interface, just go into the DD-WRT configuration and make the WAN port part of the switch. Then it will just be an AP, no WAN interface.
Proceed to assign the IP address that will be only for the AP's managment purposes, for clients it will be transparent as they all sit on the same subnet.
If you can't do that, plug the network cable coming from Zentyal in one of the lan ports. Then it is bridged.

I have a DIR-300 flashed with DD-WRT and it is only AP. Clients get their IP from Zentyal and Zentyal is the gateway for the wireless clients.
The DHCP server of DD-WRT will still work (it can hand out IP's on that same LAN segment) but I prefer Zentyal handing out IP's.   

Cheers.
Title: Re: Captive Portal + Wifi
Post by: c4rdinal on November 09, 2011, 10:28:10 am
The AP has DD-WRT on it, as I understand correctly?
No, Netgear WNR3500 does not have DD-WRT firmware.

Quote
It seems like you still do some sort of routing because you talk about WAN and LAN interface, just go into the DD-WRT configuration and make the WAN port part of the switch. Then it will just be an AP, no WAN interface.
I'm sorry, I don't know what you mean by this. Do you mean WAN AND LAN will be of the same subnet?

Quote
Proceed to assign the IP address that will be only for the AP's management purposes, for clients it will be transparent as they all sit on the same subnet. If you can't do that, plug the network cable coming from Zentyal in one of the lan ports. Then it is bridged.

I did this but (AP connected to a switch together with Zentyal Server on the same VLAN) but did not get any DHCP IP Lease from Zentyal server for the my client PC or wireless and wired connection.

I disabled DHCP (advanced settings) on the AP and then plug a pc in the switch part of the AP. This setting doesn't give a DHCP Address from Zentyal server.

Any thoughts?

Thanks
Title: Re: Captive Portal + Wifi
Post by: vshaulsk on November 09, 2011, 03:31:22 pm
Just my 2 cents on how I have setup my AP and captive portal... maybe this will help you.

zentyal server (internal interface)------switch------AP-------client

Zentyal internal interface is using 802.1Q Vlan.   It is connected to a VLan capable switch.   One of the Vlans is designated for wifi guest.  In zentyal under captive portal I have this Vlan checked.  Under the DHCP module I have setup a range for this VLan.

From the VLAN switch (in the correct port) I have it connected to my AP.  The AP is set to AP mode and the DHCP server is turned off.   

I can see the AP device under zentyal DHCP leases and when clients connect to it they also get a DHCP lease from zentyal and they have to authenticate through captive portal. 

Now I have also done this setup using my Netgear WNDR3700 rounter.  The only thing is you cant connect from the VLAN switch to the WAN of the router..... you have to connect to the LAN of the router. 
If you connect to the LAN port of the router (make sure your netgear has DHCP turned off) it will become a regular switch.  After that your clients should start getting DHCP lease from the zentyal when they are connected to the netgear.

zentyal(internal interface 802.1Q)(captive port, DHCP,DNS Vlan13)-------(trunk port)VLAN switch(vlan13port)------(lan port)Netgear(Netgear DHCP turned off)--------client(the client receive DHCP, DNS and captive portal from Zentyal)
Title: Re: Captive Portal + Wifi [SOLVED]
Post by: c4rdinal on November 21, 2011, 08:56:07 am
Problem solved. Thanks for all the inputs!