Assign ip for portal users $50
-
I would like to be able to assign a user login a specific IP. We are looking at using a netequalizer between the pfSense and our network and are excluding an IP from the bandwidth shaping for services that require it to be excluded.
When a user loggs into the portal with the specific username and password we would like him to automatically receive the specific IP. This is for an enviroment which does not have on site IT so trying to figure out his IP and then modifying the config in the netequalizer is problematic and time consuming.
A similar function is available in PPTP users….
-
This probably wont be easy, since you first need an IP to be able to access the portal.
I'm not sure if there is any way to tell a DHCP client from the serverside that he has to get a new IP.
-
This probably isn't feasible. As GruensFroeschli stated, they need an IP address to access the portal already, so it's too late.
However, you could instead run PPPoE server on LAN instead of captive portal, but that requires a bit more setup on the client side. Though XP, Vista, 7, Mac, Ubuntu, etc, all have a client that could access it. You can specify what IP address a client gets through the PPPoE server.
If you tie that into a RADIUS server for authentication and accounting, you could also keep track of overall usage per account.
-
What if I get the users MAC address first? Can I then use DHCP to staticly map a specific IP under DHCP for the portal?
Thanks,
-
If you know their MAC address and put in a static DHCP entry, that would work to lock them into that IP regardless of whether or not the portal was there.
-
I will pmost likely end up going with that solution.
Maybe something of this nature could work. Only issue is not many people may be interested.
under the user you put the static IP you want the user to use. This would automatically do several things.
1. Record he MAC address for that user and put it as a static mapping in the DHCP table with the IP assigned under the user.
2. Redirect them to a custom page which notifies them to disconnect and reconnect to the wireless.
3. Then delete the previous mapping to the temp ip assigned originally.
4. Log in again. -
You can't do that though, because you can't have static IP addresses inside of your pool.
http://doc.pfsense.org/index.php/Why_can%27t_I_have_static_mappings_inside_my_DHCP_range%3F
-
ok. So the IP assigned would not be in the DHCP range… Then would that work?
-
It would except then it wouldn't take effect until they released/renewed or rebooted, which kind of defeats some of the purpose.
-
I am just looking for a way to acheive it without asking someone who is not tech savvy to find and or locate the MAC or IP for a gueast and or have a non tech savvy guest try to find it also.
I would think asking a guest to disconnect and reconnect would be easier….
Then an IT person would not have to get involved in the process everytime it happened.
-
Another possibility is to use a separate SSID with separate scope and allow anyone logging into that SSID to be assigned an IP wich is not effected by the shaping policy….
Too many ways to skin a cat!
-
or just write a small program that does this on client side ?
client not known -> dhcp gives an dynamic ip
client goes to the portal -> clicks a download button
downloads and runs a program -> program communicates with the pfsense box
another program changes pfsense config and creates a new entry for the user -> client program isses a renew (ipconfig /renew on windows)
client now has an "valid" ip…should i start writing the program or you will withdraw the bounty ?
-
How would the program communicate the changes? Would it be encrypted? If yes how? Are you talking about an executible that the user would have to run on there PC..ie download locally?
