9

I recently got a raspberry pi. I have it set up as an access point in a standalone network (not connected to the internet). I can also serve a static website on this network. I've been trying to set up a captive portal so that when a user joins the network it automatically takes them to this website.

Looking at these tutorials:

This is how I set up the access point

For captive portal using nodogsplash

So the access point is working but honestly, I have no clue about how the captive portal works with this. I'm wondering whether the pi has to be connected to the internet for the captive portal to work? If anyone knows anything useful, I will forever be in your debt.

M. Rostami
  • 4,323
  • 1
  • 17
  • 36
global
  • 91
  • 1
  • 1
  • 5
  • I hope this helps you take a look: https://pimylifeup.com/raspberry-pi-captive-portal/ – realseanstorm Oct 06 '18 at 13:08
  • 1
    If you don't need Internet access and just want to serve an HTML page in the captive portal, I've published this MIT-licensed repo with a setup script for access point, captive portal and web server. – Splines Apr 25 '22 at 13:03
  • I found a lot of information on the Internet was out of date on how to set up a simple captive portal on the Raspi 4 (currently debian 11, bullseye). Here is a repo I've spun up to simplify the installation. – Splines May 02 '23 at 16:18

3 Answers3

5

Captive portals work because devices make a DNS request to specific URLS, depending on which operating system, and they expect a success response. If they get a redirect instead, then they will show that new site as a captive portal.

A list of some of the URL's can be found here: How Automatic Detection of Captive Portal works.

If you followed that tutorial, then you can change your DNS server to redirect any request to a domain that isn't yours to the Raspberry Pi. The /etc/dnsmasq.conf file controls the DNS server. Add the following line to redirect all requests (change the IP address if you chose not to use 192.168.4.1)

address=/#/192.168.1.1

You will then need to set up your webserver to redirect those requests. I suggest choosing a URL, like http://mysite/, and telling your webserver (such as nginx) to show your site for that domain, and send a redirect for all other domains.

For setting up redirects, see the following pages

Greenonline
  • 2,740
  • 4
  • 23
  • 36
Michael Smith
  • 51
  • 1
  • 2
  • Certainly efficient. But it also redirects all requests from the local system as well, not just requests from the Access Point. Effectively, you kill dns when logged in interactively. :-( – Robin Davies Aug 11 '21 at 09:42
5

Follow the instruction:

1. Config the RPi as a Wifi Access point or a Wifi Hotspot 

sudo apt-get -y install hostapd dnsmasq 

nano /etc/hostapd/hostapd.conf

Add the config below to the hostapd.conf file:

interface=wlan0
driver=nl80211
ssid=MyPiAP
hw_mode=g
channel=6
ieee80211n=1
wmm_enabled=1
ht_capab=[HT40][SHORT-GI-20][DSSS_CCK-40]
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_passphrase=raspberry
rsn_pairwise=CCMP

Edit hostapd:

nano /etc/default/hostapd

Change this part to: 

DAEMON_CONF="/etc/hostapd/hostapd.conf"

Then: 

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.bak
sudo nano /etc/dnsmasq.conf

Add these lines to dnsmasq.conf : 

interface=wlan0 
listen-address=192.168.5.1
bind-interfaces 
server=8.8.8.8
domain-needed
bogus-priv
dhcp-range=192.168.5.100,192.168.5.200,24h

Start the hostapd service: 

sudo service hostapd start

If you face to a problem in this step, check this link out.

Enable IP Forwarding: 

nano /etc/sysctl.conf

Uncomment: 

net.ipv4.ip_forward=1

Add these commands for the firewall and packet forwarding: 

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE  
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT  

sh -c "iptables-save > /etc/iptables.ipv4.nat"  



sudo nano /etc/rc.local

add these lines before Exit 0: 

iptables-restore < /etc/iptables.ipv4.nat  
ifconfig wlan0 192.168.5.1

Finally, reboot the device and check it out by a Wifi client. You must connect to the internet.
Note that, you need to connect to internet by eth0 interface.

2. Now, it's the time to using nodogsplash, which is the captive portal software: 

sudo apt install git libmicrohttpd-dev

git clone https://github.com/nodogsplash/nodogsplash.git

cd nodogsplash
make
sudo make install

sudo nano /etc/nodogsplash/nodogsplash.conf

Change the configuration to: 

GatewayInterface wlan0
GatewayAddress 192.168.5.1
MaxClients 250
AuthIdleTimeout 480

Add nodogsplash command to rc.local: 

sudo nano /etc/rc.local

add this line before Exit 0: 

iptables-restore < /etc/iptables.ipv4.nat

Now, you can connect to the MyPiAP SSID and the splash page will appear. Tap the Continue button for connecting to the internet.
Done.

M. Rostami
  • 4,323
  • 1
  • 17
  • 36
1

In case of you need a customizable captive portal you can install all using this project Kupiki https://github.com/pihomeserver/Kupiki-Hotspot-Script

Once installed you can replace the captive portal by what ever you want using the Nginx configuration.

Internet is not mandatory. It's usefull if you want the page to be closed automatically once you are authenticated as it tries to reach a specific page to confirm that Internet is up

Pi Home Server
  • 111
  • 4