Portal + Freeradius + VLAN + Unifi
-
Hi All,
I'm looking for a captive portal solution for my unifi's site.
Unifi captive portal is missing a lot of feature so I can't use it.I heard about pfsense portal and after reading it turns out
this I what I need.I need a captive portal for dorms,
I want to be able manage network access with radius.
That way my users will have only one username/password
for all of their device.
And with the radius assign vlan, they will be isolate from others
and they will be able to stream to their appleTV, xbox, etc.
I also want to add a common vlan for everyone, where they will be
able to access shared printer.Is there a way to do this and keep my Unifi Security Gateway (router)
Or I absolutely need pfsense as router?Regards,
iLevac -
I'm looking forward to a more extensive answer on this as well.
My limited understanding is that there is a difference between captive portal and radius assigned vlans. If any solution you choose requires a captive portal, you can assume that devices such as AppleTV and Chromecasts (lacking browsers) will have to bypass the captive portal and be assigned to the proper vlan somehow (usually manually).
As for radius assigned vlans, they require a radius server which happens to be built into both pfsense and the USG in the form of freeradius https://community.ubnt.com/t5/UniFi-Routing-Switching/RADIUS-Server-on-USG-s/td-p/1664486. Radius assigned vlans have many parts which can break your client's access. More importantly, the client configuration becomes non-trivial which can lead to many support issues especially with consumer devices.
Please somebody else chime in and correct me where I'm wrong. Meanwhile, none of this answers your basic question which seems to be whether you can use pfsense's captive portal on a USG to which I can simply answer no. If you want the pfsense captive portal, you have to run pfsense.
-
Unifi already support dynamic vlan over radius.
I just need to make it work thru the captive portal.
Anyone has succed with this?