• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

RADIUS MAC authentication behind bridges

Scheduled Pinned Locked Moved Captive Portal
2 Posts 2 Posters 2.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R Offline
    rhy7s
    last edited by Aug 3, 2010, 12:45 AM

    I'm looking around at the moment trying to figure out a RADIUS solution to allow data-based voucher access for the pfSense captive portal. Something I was wondering was whether I would have issues with the various wireless bridges I have deployed. In the ARP table multiple IPs share the same bridge MAC address, yet the DHCP table shows the correct individual MAC address for the various client adapters. On the captive portal configuration page it says:

    MAC filtering        Disable MAC filtering
    If this option is set, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in. This is required when the MAC address of the client cannot be determined (usually because there are routers between pfSense and the clients). If this is enabled, RADIUS MAC authentication cannot be used.

    Would the captive portal see clients' MAC addresses as they are listed in the ARP table, thus running into the issue mentioned above? Or the correct MAC addresses seen in the DHCP leases?

    1 Reply Last reply Reply Quote 0
    • C Offline
      cmb
      last edited by Aug 7, 2010, 9:12 PM

      @rhy7s:

      I'm looking around at the moment trying to figure out a RADIUS solution to allow data-based voucher access for the pfSense captive portal. Something I was wondering was whether I would have issues with the various wireless bridges I have deployed. In the ARP table multiple IPs share the same bridge MAC address

      Then your bridge isn't bridging, it's messing with MACs where it shouldn't be. That won't work if that's how it shows up.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received