Mac address confusion in Captive Portal
-
Greetings Fellow Guru’s,
I have my system up and running. I am using Tranzeo APs. Shooting 5.8 one mile and redistribute with 2.4 to Tranzeo clients CPE on members location.
My goal is to only enable one user per username and password. Right now I am using the PfSense captive portal to manage the users. DHCP shows different MAC addresses per client.
When I use the feature Disable concurrent logins, only one user can access the system at a time from the last mile. Is the concurrent login option look at MAC addresses in the DHCP records? It seems that the same MAC appears for different users on the widget.
I am wondering, do I need select the Disable MAC filtering, or should I use a Freeradius setup? If I use Disable MAC filtering, what is the systems reaction?
Thank you for any pointers on this subject, Ken
-
does Diagnostics>ARP show the same MAC address for all the IPs in a given last mile? Assuming it's bridged over, you should see the real MACs, but that's not always the case (even when DHCP does see them as such).
-
There are multiple users who share the same MAC in the ARP Tables.
-
And is that mac address your wirelees ap's mac?
-
Yes the ap does show the same MAC address.
-
So that might be the reason for the multiple listings of same mac-adddress
-
You will need to disable MAC filtering in that case (though that's less than ideal, I'd check your wireless gear to see if you can fix it so the real MAC comes through).
-
What would be the down side to Disabling MAC address? Would it not be better to have the arp get info from DHCP? Thanks, Ken
-
IP to MAC associations would no longer be enforced, and it's just ugly to have everything upstream on your network showing a single MAC for all those clients if it's in any way avoidable.