Captive Portal - Allowed IP Addresses = Bypass Bandwidth Restrictions?

bebop_man

I have a PFSense box set up. Public WiFI AP's serve clients, but on the same LAN are some infrastructure devices.

I have a /26 blocked out in Allowed IP Addresses, and while the PC that's in that range doesn't need to authenticate to the CP, it seems to be limited in bandwidth as per the CP settings.

Was I incorrect in thinking that 'Allowed IP Addresses' removed all restrictions on the IP address in question?

How can I tag IP addresses in a specific range to bypass CP limits ?

Gertjan

@bebop_man said in Captive Portal - Allowed IP Addresses = Bypass Bandwidth Restrictions?:

Was I incorrect in thinking that 'Allowed IP Addresses' removed all restrictions on the IP address in question?

Yes.
Bandwidth Restrictions on the captive portal settings page are valid for all devices on the captive portal interface.

@bebop_man said in Captive Portal - Allowed IP Addresses = Bypass Bandwidth Restrictions?:

How can I tag IP addresses in a specific range to bypass CP limits ?

I tend to say : put them on another interface (other LAN, VLAN)

The golden rule is : only "clients with BJOD" == non trusted devices on a captive portal.

Btw : a captive portal solution using FreeRadius can give you a bandwidth control per device.