Hi Sorry for the confusion. The diagram is just the current setup and how i would like it to work as it looks like my only option. I am not saying that the iphone MAC address is passing through 2 routers.

I would like to however know how it is possible that companies like purple wifi and wifi spark can get it to work like the way in the diargram

https://purple.ai/?utm_source=google&utm_medium=cpc&utm_campaign=764304889&ppc_keyword=purple%20wifi&gclid=EAIaIQobChMIx_z_j7mI3gIVCZ3VCh29KwZIEAAYASAAEgK-I_D_BwE

https://www.wifispark.com/

What type of server would they be using, windows, linux, cloud based?.
When i tested with purple wifi, my iphone mac address was passing through me router and then through purple wifi's router then onto their server. Unless it was carried out another way.

Im just looking for a free open source way of achieving this as i have over 2500 AP's which can be costly if i go with purple wifi. Thanks

The sha256 file is a text file containing the expected checksum.

The checksum of that txt file is not expected to be the same.

Steve

thanks man I solved XDDD

@grimson Thanks for your time, but I usually don't trust people enough to send screen shots. I usually don't want anyone to know 'anything' about my firewall settings.

But it's solved so unfortunately I'm afraid you've wasted your time. Sorry for that.

I tend to not respond to anyone I really don't want to help, so as to alleviate such "wasted time," if in fact I decide to deem it such. Though I usually don't see helping someone as wasted time. We each decide for ourselves what is and is not wasted time, as such we each should act accordingly. I would hope that everyone understands this fact, because it'll usually yield more happiness during ones lifetime.

Have a good one my friend! And thanks again for your time!

OK, I got it working! Here is what I did,

Found the needed script, it's at https://svn.nmap.org/!svn/bc/3320/nmap/scripts/make-mac-prefixes.pl Downloaded the latest file from the IEEE, at http://standards-oui.ieee.org/oui.txt Ran said script ... :-). It's perl make-mac-prefixes.pl oui.txt nmap-mac-prefixes

And it works - thanks for the help!

Would it make sense to include this latest file in pfSense somehow?

I want to setup multiple OpenVPN servers using a common CA, with the ability to revoke users from a central location.

An Ethernet connected modem is by far the best way to do this.

If the delay is simply in the USB modem booting you can set a longer boot delay in pfSense to allow for that. Maybe use:
https://www.netgate.com/docs/pfsense/hardware/boot-troubleshooting.html?highlight=kern%20cam%20boot_delay#booting-from-usb

You can also add 'ue' to the list of interfaces to ignore in the mismatch check but that's an ugly workaround.

Steve

Are you elsewhere when you do that? If you do that from your local LAN, it's normal.

@swmcl_pf -- I powered off by momentarily pressing the power button and then re-powered. The system says it is doing a backup or re-install in the background. This is the same as before. The process finished and I confirmed the message as read.

I then did a backup.

I'm not entirely convinced that it was doing anything in the background at the time of my post but I am happy that the backup has been completed.

Case closed ?

in the interface options section just change the snaplen to something only a few bytes vs the default of the whole thing.. We really just need to see the headers we don't need all the data to troubleshoot what is going on.

@johnpoz
Thank you so much.

I will do the changes by monday and let you know.

Once again thanks for your time.

Lokesh Kamath

@hiranuk said in Wifi MAC authentication:

behind another router.

As I said if there are any routers in between the access points and pfSense, you will never see the original MACs. MAC addresses are only valid on the local link. The Ethernet frames, which carry the IP packet have the MAC addresses. When those frames reach a router, the IP packet un-encapsulated and forwarded via a new Ethernet frame and the original frame is discarded. All you'll see at pfSense is the MAC address of the last router the packet passed through.

It was already in Hybrid mode. I duplicated the NAT for WAN to WAN2 but it didn't help.0_1539361340308_wan2nat.png

Edit: Clarification

Ahh, Thanks for the reply. I'll open it up and see what's going on and probably end up swapping the CPU. Thanks again for the input!

Thank you very much.

Thanks very much. It's looking good now.

The only way to do what you want is Captive Portal. And that would only be at the start of their login session, not a random time in the middle. Though I suppose you could keep CP off, then enable it to show a message to everyone. Kinda ugly though.

Otherwise you get into things like squid and intercepting HTTP/HTTPS and doing MITM on TLS, which is a mess.

@bxueye4 said in NST or SecurityOnion for log analysis?:

@tim-mcmanus said in NST or SecurityOnion for log analysis?:

I have used SecurityOnion for excellent results. I set it up as an ESXi VM and then mirrored the traffic from two different WAN ports to it as well as two different physical LANs. Very helpful with pcaps and analysis in near-real time, which is what I was mostly using it for.

Easy to download, setup, and start working with. I will use it again if the occasion arises, I still have the VM floating around somewhere...

glad to hear it worked well. i plan on mirroring too. the VM installed on its own SSD easy enough and seems ready to go. that's as far as i've gotten, will drill down into it soon.

thx

Remember to set the VM NIC to promiscuous so you actually see traffic.

Hey @Derelict thanks for the video explaining how to configurar the HA. The manual that I was looking at is a bit out dated that is why I was having so many doubts.
Now things are way more clear.