Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Assign ip for portal users $50

    Scheduled Pinned Locked Moved Expired/Withdrawn Bounties
    13 Posts 4 Posters 8.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kapara
      last edited by

      I would like to be able to assign a user login a specific IP.  We are looking at using a netequalizer between the pfSense and our network and are excluding an IP from the bandwidth shaping for services that require it to be excluded.

      When a user loggs into the portal with the specific username and password we would like him to automatically receive the specific IP.  This is for an enviroment which does not have on site IT so trying to figure out his IP and then modifying the config in the netequalizer is problematic and time consuming.

      A similar function is available in PPTP users….

      Skype ID:  Marinhd

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        This probably wont be easy, since you first need an IP to be able to access the portal.

        I'm not sure if there is any way to tell a DHCP client from the serverside that he has to get a new IP.

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          This probably isn't feasible. As GruensFroeschli stated, they need an IP address to access the portal already, so it's too late.

          However, you could instead run PPPoE server on LAN instead of captive portal, but that requires a bit more setup on the client side. Though XP, Vista, 7, Mac, Ubuntu, etc, all have a client that could access it. You can specify what IP address a client gets through the PPPoE server.

          If you tie that into a RADIUS server for authentication and accounting, you could also keep track of overall usage per account.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • K
            kapara
            last edited by

            What if I get the users MAC address first?  Can I then use DHCP to staticly map a specific IP under DHCP for the portal?

            Thanks,

            Skype ID:  Marinhd

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              If you know their MAC address and put in a static DHCP entry, that would work to lock them into that IP regardless of whether or not the portal was there.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • K
                kapara
                last edited by

                I will pmost likely end up going with that solution.

                Maybe something of this nature could work.  Only issue is not many people may be interested.

                under the user you put the static IP you want the user to use.  This would automatically do several things.

                1. Record he MAC address for that user and put it as a static mapping in the DHCP table with the IP assigned under the user.
                2. Redirect them to a custom page which notifies them to disconnect and reconnect to the wireless.
                3. Then delete the previous mapping to the temp ip assigned originally.
                4.  Log in again.

                Skype ID:  Marinhd

                1 Reply Last reply Reply Quote 0
                • jimpJ
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  You can't do that though, because you can't have static IP addresses inside of your pool.

                  http://doc.pfsense.org/index.php/Why_can%27t_I_have_static_mappings_inside_my_DHCP_range%3F

                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • K
                    kapara
                    last edited by

                    ok.  So the IP assigned would not be in the DHCP range… Then would that work?

                    Skype ID:  Marinhd

                    1 Reply Last reply Reply Quote 0
                    • jimpJ
                      jimp Rebel Alliance Developer Netgate
                      last edited by

                      It would except then it wouldn't take effect until they released/renewed or rebooted, which kind of defeats some of the purpose.

                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                      Need help fast? Netgate Global Support!

                      Do not Chat/PM for help!

                      1 Reply Last reply Reply Quote 0
                      • K
                        kapara
                        last edited by

                        I am just looking for a way to acheive it without asking someone who is not tech savvy to find and or locate the MAC or IP for a gueast and or have a non tech savvy guest try to find it also.

                        I would think asking a guest to disconnect and reconnect would be easier….

                        Then an IT person would not have to get involved in the process everytime it happened.

                        Skype ID:  Marinhd

                        1 Reply Last reply Reply Quote 0
                        • K
                          kapara
                          last edited by

                          Another possibility is to use a separate SSID with separate scope and allow anyone logging into that SSID to be assigned an IP wich is not effected by the shaping policy….

                          Too many ways to skin a cat!

                          Skype ID:  Marinhd

                          1 Reply Last reply Reply Quote 0
                          • J
                            JorgeAldoBR
                            last edited by

                            or just write a small program that does this on client side ?

                            client not known -> dhcp gives an dynamic ip
                            client goes to the portal -> clicks a download button
                            downloads and runs a program -> program communicates with the pfsense box
                            another program changes pfsense config and creates a new entry for the user -> client program isses a renew (ipconfig /renew on windows)
                            client now has an "valid" ip…

                            should i start writing the program or you will withdraw the bounty ?

                            1 Reply Last reply Reply Quote 0
                            • K
                              kapara
                              last edited by

                              How would the program communicate the changes?  Would it be encrypted?  If yes how?  Are you talking about an executible that the user would have to run on there PC..ie download locally?

                              Skype ID:  Marinhd

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.