Captive Portal on Blue

I am doing my final project, and i am doing a basic configuration of ipfire on virtual box.

I am trying to do a captive portal with the blue interface, but it doesnt work. I have some rules in the firewall.

This is the Ips that im using:


Virtual box adapters:

green: internal network
red: bridged
blue: nat

Can someone help me?

It would help if you could show the error messages that you are getting when it doesn’t work for you.

I would get the basic captive portal working first. You don’t need any additional firewall rules to make the captive portal work with blue. You should get the basic captive portal on blue working first before trying to add additional traffic control rules.

Are you using T&C’s or Coupons for the portal?

1 Like

Blue should not be NAT in VirtualBox. It should be a different internal LAN from green or bridged to a separate physical NIC on the VirtualBox host.

im trying to do the T&C’s

But the problem is: if i activate the web proxy and the url filter it doenst work without the rules (i saw a video), I have the ipfire machine doing the DHCP server (

I dont know how to put the captive portal working with blue.

In the client machine i use the internal LAN from green to access to ipfire, should i add to cleint machine another internal network for blue, or bridged?

If Blue is going to be your captive portal interface, then it needs to be on a separate subnet and interface and LAN. Your setup suggests you want another internal LAN which is bridged to Blue and you need another VM on this new internal LAN to test the Captive Portal functionality.

1 Like

How i do that?

In VB your VM needs three interfaces. It needs a bridged or NAT’d interface from Red to external (so to the VM hosts network). Internally you need two more LANs, one to connect to Green and one to Blue.

Green is you normal LAN from which you plan to administer your captive portal. In reality, as yours is all a testing set up internal to your bigger LAN, you could just open port 444 and whatever else you need to manage the captive portal to red and you can then manage the captive portal from red. Otherwise you need some sort of VM on green to manage the captive portal.

Blue is your captive portal. To test it working, I assume you need a VM on the Blue LAN. As this Blue LAN is inside VB and not a physical LAN, it will have to be a VM to test if it is working. If you VB host has a second NIC, you could use that NIC bridged to Blue instead and then use a phusical machine connected to that NIC to test the captive portal functionality.

Red could be set up either Bridged (easier) or NAT’d. If NAT and you want to manage IPF from the external LAN you will then have to do port forwarding in VB which makes it more complicated. If you are going to manage IPF from Green then it does not matter if Red is bridged or NAT’d.

1 Like

do you have discord or something that we can talk? i am very new at IPFire and its struggling me, there i can send you some prints if you dont mind

You can do everything through here. Remember it is your project so it is of no real help if you are spoon fed everything.


Yes I know, I want to try to do everything myself, but those things you said about the blue interface, I have no idea how to do them.

How do you plan to test the captive portal? presumably you need a machine on the captive portal LAN?


i already find a way to do it, thanks for help Nick <3