I am currently working on something like a Captive Portal with my TP-Link TD-W8980 v1 running v18.06.1 using Nodogsplash. The setup and config itself seems pretty straightforward but there is some problem with the connectivity to internet.
If I stop the NDS I can just connect fine to internet on the system but with NDS running my phone asks me to sign in to the WiFi but when I click on Continue button on the splash page it shows as authenticated in the logs but it fails trying to access the redirect page and so does not finish the login process. Now if I forcefully ask it to use the connection it lets me connect to internet but it should be a more streamlined process as it tries to check for connectivity it should not fail there.
My config for NDS is here:
# The options available here are an adaptation of the settings used in nodogsplash.conf. # See https://github.com/nodogsplash/nodogsplash/blob/master/resources/nodogsplash.conf config nodogsplash # Set to 0 to disable nodogsplash option enabled 1 # Set to 0 to disable hook that makes nodogsplash restart when the firewall restarts. # This hook is needed as a restart of Firewall overwrites nodogsplash iptables entries. option fwhook_enabled '1' # Serve the file splash.html from this directory option webroot '/etc/nodogsplash/htdocs' # Use plain configuration file #option config '/etc/nodogsplash/nodogsplash.conf' # Use this option to set the device nogogsplash will bind to. # The value may be an interface section in /etc/config/network or a device name such as br-lan. option gatewayinterface 'br-guest' option gatewayname 'Internet Point for Public' option maxclients '5' # Enables debug output (0-7) option debuglevel '7' # Client timeouts in minutes option preauthidletimeout '30' option authidletimeout '120' # Session Timeout is the interval after which clients are forced out (a value of 0 means never) option sessiontimeout '120' # The interval in seconds at which nodogsplash checks client timeout status option checkinterval '600' # Your router may have several interfaces, and you # probably want to keep them private from the network/gatewayinterface. # If so, you should block the entire subnets on those interfaces, e.g.: #list authenticated_users 'block to 192.168.0.0/16' #list authenticated_users 'block to 10.0.0.0/8' # Typical ports you will probably want to open up. #list authenticated_users 'allow tcp port 22' #list authenticated_users 'allow tcp port 53' #list authenticated_users 'allow udp port 53' #list authenticated_users 'allow tcp port 80' #list authenticated_users 'allow tcp port 443' # Or for happy customers allow all list authenticated_users 'allow all' # For preauthenticated users to resolve IP addresses in their # initial request not using the router itself as a DNS server, # Leave commented to help prevent DNS tunnelling #list preauthenticated_users 'allow tcp port 53' #list preauthenticated_users 'allow udp port 53' # Allow ports for SSH/Telnet/DNS/DHCP/HTTP/HTTPS list users_to_router 'allow tcp port 22' list users_to_router 'allow tcp port 23' list users_to_router 'allow tcp port 53' list users_to_router 'allow udp port 53' list users_to_router 'allow udp port 67' list users_to_router 'allow tcp port 80' # Allow ports for SMB #list users_to_router 'allow tcp port 0' # MAC addresses that are / are not allowed to access the splash page # Value is either 'allow' or 'block'. The allowedmac or blockedmac list is used. #option macmechanism 'allow' #list allowedmac '00:00:C0:01:D0:0D' #list allowedmac '00:00:C0:01:D0:1D' #list blockedmac '00:00:C0:01:D0:2D' # MAC addresses that do not need to authenticate #list trustedmac '1C:3E:84:5D:D2:CF' list trustedmac '3C:CD:5D:55:2F:66' list trustedmac '74:86:7A:0B:7A:C3' #list trustedmac '' # Nodogsplash uses specific HEXADECIMAL values to mark packets used by iptables as a bitwise mask. # This mask can conflict with the requirements of other packages such as mwan3, sqm etc # Any values set here are interpreted as in hex format. # # List: fw_mark_authenticated # Default: 30000 (0011|0000|0000|0000|0000 binary) # # List: fw_mark_trusted # Default: 20000 (0010|0000|0000|0000|0000 binary) # # List: fw_mark_blocked # Default: 10000 (0001|0000|0000|0000|0000 binary) # #list fw_mark_authenticated '30000' #list fw_mark_trusted '20000' #list fw_mark_blocked '10000' # This should be autodetected from /proc/net/route on a OpenWRT system, but if # not: set ExtrnalInterface to the 'external' interface on your router, # i.e. the one which provides the default route to the internet. # Typically vlan1 for OpenWRT. #option externalinterface 'pppoe-wan' # After authentication, normally a user is redirected # to their initially requested page. # If RedirectURL is set, the user is redirected to this URL instead. #option redirecturl 'http://www.google.com/' # Nodogsplash's own http server uses GatewayAddress as its IP address. # The port it listens to at that IP can be set here; default is 2050. # option gatewayport '2050' # Set to yes (or true or 1), to immediately authenticate users # who make a http port 80 request on the GatewayInterface (that is, # do not serve a splash page, just redirect to the user's request, # or to RedirectURL if set). # option authenticateimmediately 'no'
Can anyone suggest something to fix this?