Captive Portal No Authentication
-
Hi,
Scenario -: I'm using pfsense 2.1.
Problem -: I'm thinking something like that. I'm not sure is it possible or not?
I'm using two pfsense for no authentication thing, what is No Authentication? i will clear vision into this below -:Let us take 2 pfsense name as Pfsense A & Pfsense B. In this scenario, my goal is when user connect with Pfsense A then user need to authenticate with certain method of authentication after that user get internet access that already configured from my side. Same setting are configured in second pfsense.
When the same user tries to get connect with Pfsense B then user not need to authenticate at Pfsense B, they get directly internet access when they tries to connect with other box.For this purpose, i need to get entry of all mac address that are in Pfsense A to Pfsense B. How can I get directly entry into Captive Portal.db if entry is not goes into Captive Portal.db till device not getting internet access.
How can I make entry of same mac address in Pfsense B, so that user get directly internet access?
-
Maybe I got your problem wrong, but isn't that possible with both pfSense using a captive portal that share the same RADIUS server ?
You'll just have to modify your captive portal page so it checks for an existing authentication in the RADIUS database and then autologins. -
Maybe I got your problem wrong, but isn't that possible with both pfSense using a captive portal that share the same RADIUS server ?
You'll just have to modify your captive portal page so it checks for an existing authentication in the RADIUS database and then autologins.Thank you for the reply.
I'm not saying that both pfsense using a captive portal that share the same RADIUS server. Both pfsense uses different RADIUS server as well as Captive Portal.
Thing that i want to say that is when one user is authenticate at pfsense A & get internet access then same user will try to connect with pfsense B then they will get directly internet access without using authentication, if user is not new.
The possible solution for this is that if we are able to enter the same entries that are present in captiveportal.db in pfsense A is inserted into captiveportal.db in pfsense B. -
I personnaly think you should prefer using a common RADIUS server.
Anyway, if you really want to use your soluion: the captiveportal.db is an SQLlite3 file that contains only one table called captiveportal.
Why don't have a quick script extract that table, rsync the sql file to pfSense B and insert it ? -
I personnaly think you should prefer using a common RADIUS server.
Anyway, if you really want to use your soluion: the captiveportal.db is an SQLlite3 file that contains only one table called captiveportal.
Why don't have a quick script extract that table, rsync the sql file to pfSense B and insert it ?sorry for late reply,
I write a script to check the value present in captiveportal.db. The result are shown in this manner -:17342
172.16.96.18
34:51:c9:8f:c8:5e
34:51:c9:8f:c8:5e
ad6fff39338ff756
dGVzdGluZzEyMw==I'm trying to insert manual MacAddress into captiveportal.db but not able to successfully add into this.
According to you, I need to use common radius server. How can I use common radius server? Will u pls. elaborate more into this?
& i'm trying to open the captiveportal.db file in SQLite3 but it should not open & shows not supported this type of file.
-
If you want to use the captiveportal.db file, use the sqlite3 tool that comes with pfSense. It should allow you to import / export data.
As for a common radius server, just setup a FreeRADIUS server somewhere reachable from both pfSense A & pfSense B (might even be one on one of the pfSenses if they happen to communicate with each other, then setup the captive portal to use this server.
If you use MySQL as backend for FreeRADIUS, provision the database as explained in my Howto about RADIUS + SQL + Captive Portal in this forum.You could then modify my captive portal page (see the howto) to check whether the user already exists in the database, and if yes, auto login using the Login() function instead of showing the welcome page where you have to login.
Regards,
Ozy. -
If you want to use the captiveportal.db file, use the sqlite3 tool that comes with pfSense. It should allow you to import / export data.
As for a common radius server, just setup a FreeRADIUS server somewhere reachable from both pfSense A & pfSense B (might even be one on one of the pfSenses if they happen to communicate with each other, then setup the captive portal to use this server.
If you use MySQL as backend for FreeRADIUS, provision the database as explained in my Howto about RADIUS + SQL + Captive Portal in this forum.You could then modify my captive portal page (see the howto) to check whether the user already exists in the database, and if yes, auto login using the Login() function instead of showing the welcome page where you have to login.
Regards,
Ozy.I'm not able to find the sqlite3 tool in pfsense.
Can you please send me the any link which show how to import/export data from captiveportal.db. & also setup FreeRADIUS server for 2 pfsense box by which they can communicate with each other & captive portal to use this server, if possible.Sincere Thanks
Ashi -
The sqlite3 tool is a command line tool that is usable via ssh / console.
I don't have time to further explain the radius setup, and it is already well discussed in the forum, maybe you should seek some help from professionnal help.