External MultiCP without FreeRADIUS
-
I'm trying to think up a solution to the current deployment that I'm using. Basically, I'm watching over 10 or so pfSense boxes, don't have client access at many of the locations, and I'm trying to eliminate some of the certificate errors. Now, each site is configured to use their local user database for authentication in the captive portal. But, because of this, they all use self-signed certs that throw up all sorts of warnings. What I'd like to accomplish is:
1. User navigates to http page (since https to https redirect will always throw an error).
2. User is redirected to captiveportal.mydomain.com where I've installed a ssl cert that is signed by a trusted CA
3. The external hosted domain sends their entered login info back to the pfSense machine, authenticating the user, and allows them to begin navigationNow, the big bottleneck in my figuring this out is the connection to the firewall and authentication occurring on the firewall. The FreeRADIUS guide is nice but that's all assuming you have a freeradius server set up which we do not. I just wanted a secure subdomain of my domain reserved to handling captive portal logins.
Thoughts? Solutions?