Allow certain domains through captive portal

  • At the moment I am using captive portal and voucher system to let my guests on the restaurants wifi. I would like to add the feature below and I cannot seem to find some info on how to do that, so I would be grateful for any help.

    I would like to give everyone an access to my wifi without typing in the voucher but only allow my domain i.e. my website through the captive portal. How would I go about this? I am thinking firewall. Would the guest still be presented with captive portal page or not?

    Someone shed some light :) Thank you!


  • So you want everybody to be able to browse your website and nothing else from www and this to happen transparent ?

    Have a look at Allowed Hostnames panel and Allowed IP addresses and also at:
    Pre-authentication redirect URL & After authentication Redirection URL
    from main settings, maybe you can edit only captiveportal-index.html page to redirect to your vebsite page index.

    and maybe you will not have to redirect any other traffic to your website IP / name via firewall/NAT rules.

  • LAYER 8 Netgate

    Yes ^^ Allowed hostnames and allowed IP addresses in the portal config

    Note that allowed hostnames doesn't look at the actual URL request like a proxy. It only periodically resolves the name and populates a table of IP addresses so you have to include all hostnames referenced by the pages you're loading and hostnames that they reference, etc..

    This is commonly called a "Walled Garden."

  • Thank you guys for quick response. I've been playing with the options for a while and it kinda works.

    I've added my domain to the allowed hostnames. The website has links to google map and restaurants facebook page but I cannot allow those two or else I will be giving them access to surf either of these freely (right?).

    So the part that is not working is redirection to the restaurant website before CP page. I would like to redirect guests to my website right away and only if they want to leave my garden I would present them with the CP page asking them to input their voucher. I set the Pre-authentication redirection url to and it doesn't work. At the moment I am still using the default pfsense captive portal page tho. Furthermore I also tried to upload my own html page changing $PORTAL_REDIRURL$ to and it didn't work. I got redirected to after the authentication.

    However the after authentication redirection url works perfectly with the default CP page. What variable holds the value for redirection before authentication?