Website logging radius

skipzoid

Hello All.

General request for ideas and suggestions;

We have a solid state, (CF Disk) pfsense firewall that authenticates the users via the captive portal against a remote radius server.

We had a request from one of the users to give them a list of all the websites they accessed under their login, which i dont think we can do under the base install.

The question is, does anyone have any ideas how to impliment logging that will log site access against a username so that we can tell who went where ?

Its a solid state system with no moving parts at all. We could put a USB disk on the system but it would be preferable if the logging could be done remotely to the SQL server hosting the radius server.

ideas / suggestions.

thanks in advance..

MindfulCoyote

You've probably already worked this out, but squid + sarg will tell you by IP address (not user). But, you can assign IP addresses to specific MAC addresses with DHCP. Captive Portal by default links the usernames to the MAC and IP addresses… so the squid report should work for you.

As for storing the data off the firewall I would use rsyslogd or failing that look at options for a network mount (NFS or SMB/CIFS).

https://doc.pfsense.org/index.php/Copying_Logs_to_a_Remote_Host_with_Syslog