Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allow certain domains through captive portal

    Scheduled Pinned Locked Moved Captive Portal
    4 Posts 3 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      limona21
      last edited by

      At the moment I am using captive portal and voucher system to let my guests on the restaurants wifi. I would like to add the feature below and I cannot seem to find some info on how to do that, so I would be grateful for any help.

      I would like to give everyone an access to my wifi without typing in the voucher but only allow my domain i.e. my website through the captive portal. How would I go about this? I am thinking firewall. Would the guest still be presented with captive portal page or not?

      Someone shed some light :) Thank you!

      Rudi

      1 Reply Last reply Reply Quote 0
      • N
        n3by
        last edited by

        So you want everybody to be able to browse your website and nothing else from www and this to happen transparent ?

        Have a look at Allowed Hostnames panel and Allowed IP addresses and also at:
        Pre-authentication redirect URL & After authentication Redirection URL
        from main settings, maybe you can edit only captiveportal-index.html page to redirect to your vebsite page index.

        and maybe you will not have to redirect any other traffic to your website IP / name via firewall/NAT rules.

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Yes ^^ Allowed hostnames and allowed IP addresses in the portal config

          Note that allowed hostnames doesn't look at the actual URL request like a proxy. It only periodically resolves the name and populates a table of IP addresses so you have to include all hostnames referenced by the pages you're loading and hostnames that they reference, etc..

          This is commonly called a "Walled Garden."

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • L
            limona21
            last edited by

            Thank you guys for quick response. I've been playing with the options for a while and it kinda works.

            I've added my domain to the allowed hostnames. The website has links to google map and restaurants facebook page but I cannot allow those two or else I will be giving them access to surf either of these freely (right?).

            So the part that is not working is redirection to the restaurant website before CP page. I would like to redirect guests to my website right away and only if they want to leave my garden I would present them with the CP page asking them to input their voucher. I set the Pre-authentication redirection url to http://www.salas-ostrazica.com and it doesn't work. At the moment I am still using the default pfsense captive portal page tho. Furthermore I also tried to upload my own html page changing $PORTAL_REDIRURL$ to www.salas-ostrazica.com and it didn't work. I got redirected to www.salas-ostrazica.com after the authentication.

            However the after authentication redirection url works perfectly with the default CP page. What variable holds the value for redirection before authentication?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.