[ previous ] [ next ] [ threads ]
 
 From:  Peter Parnican <monowallboy at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Slow Captive portal & wifi DHCP issue when WPA2 used
 Date:  Thu, 10 Dec 2009 20:17:52 +0100
Hi guys, just want to share my experience with Captive Portal. (if you have
no time read just bold lines -> is font formating supported :))
I have used Captive Portal 3years, always used Passthrought Mac
authentification only . (known MAC were passed)

Yesterday i have decided to add *username and password autorization* (Local
user manager), it was time when my troubles started :)
It was very strange because *i coudn't get (sometimes yes sometimes no)
captive portal html login page *with name and password input fields.
...it was very unreliable.

I have tried experiment with browsers IE, FF, Opera etc. but same
behavior... (Google Chrome was the one where the login page was displayed
eg.  just 1 time from 10 tests...

I had to chage *"Maximum concurrent connections"! * Now -> there is this
value: *100 per client IP address  and 100 total an**d it start working*...let
say, with this settings my two PCs are always redirected to login page...im
little worried what if i put this into my network with 80people...?? ..i
hope the redirection to login page will work to each user if not they will
complain...

As soon as this was working i have tryed to experiment with wifi as AP ->
lets say monoWifi.
I have added CP to wifi, enabled DHCP and added WPA2.

On my notebook i have entered WPA key and I was able to connect to monoWifi
*but i didn't get IP from DHCP*...really strange, *i'm gettig IP from DHCP
only in case WPA is disabled*...  ...not sure but looks to me like a bug.

...just one more comment: *redirection to login CP page looks to be veeeery
slow*...i didn't understand why, then i have checked CPU and its clear to
me! Please see: http://www.monowall.procad.sk/images/CP_CPU.jpg  ...i have
clicked google.sk and first CPU peak is just one redirection to CP, second
peak are two clicks, one in IE second in FF... ..if 30people try to access
in one time it can be reeeeel issue.
.*...veeeery high CPU usage...*this is possible reason why im not redirected
to CP page correctly if Maximum concurrent connections not set to
100...maybe some sessions expire and browser connection - redirection  is
dead instead of waiting to mono cpu....

HW: wrap, 3xlan,1xCM9, v1.3
-- 
I'm using m0n0wall from 2004! Its great!

*Thanks for this great firewall!*
Peter