pfsense colocation sharing the same mac address filter
-
There is no point to pfsense integration with packetfense because the blocking or allowing of devices happens at the switch level.. Not at the router level.
Sure you could put non auth devices into a different vlan - this fairly simple to setup and is can be done with freeradius package in pfsense and your switches and or AP need to support dynamic vlan assignment. The unifi AP can do that for sure - and can even do dynamic vlan assignment via psk network based on mac. This allows you for you to have say 1 ssid that guests use, and then specific devices via mac could connect to the same ssid auth with the psk, but be placed on a different vlan.
But the easier way to do it is just ssid1 puts you in guest network vlan, and ssid2 puts you in different vlan that has different access. No need for understanding any mac address or knowing them up front. You give your guest ssid1 and the psk, they auth and are in a guest vlan that has whatever access you want for that vlan - say just internet access. While other devices that need access to other stuff on other vlans auth to ssid2
-
@johnpoz Actually sir, First of all, I am using 3 SG3100 in different locations. According to my scenario, When the guest comes to location1 and he/she can connect to the internet after the captive portal authentication. Then the guest can go to location2 or location3 and he/she can connect to the internet directly without a captive portal or landing page.
So when ı configured my captive portals ı checked "Pass-through MAC Auto Entry ".
Here I just want to copy guest mac addresses from mac list of one captive portal and paste it to another one ( like using mac edit button in captiveportal>macs section)
I already create the script which is read the mac address and copy to config.xml
<passthrumac>
<action>pass</action>
<mac>11:22:33:45:98:b4</mac>
<username>5325555555</username>
<descr><![CDATA[Auto-added for user 5325555555(phone number)]]></descr>
</passthrumac>the script is running and writing the new mac to config.xml but without rebooting it is not effective.
to summarize, how can ı edit the config.xml without reboot the system?
-
@deniz-sahan said in pfsense colocation sharing the same mac address filter:
to summarize, how can ı edit the config.xml without reboot the system?
You could take some info from the config.xml on site A - but, as you already found out, if you store it in the config.xml on site B : the info isn't taken in account.
On site B, your script should be (partially) PHP based. You should use the PHP code that already exists, the same one that the GUI is using - to apply and store the info.
See this file http://your-pfsense//services_captiveportal_mac.php?zone=yourzone how it's done.