• Hello everyone,

    We are running a Pfsense firewall with Captive Portal to offer 30 minutes of free WIFI for our guests in a restaurant. At the moment they connect to the router and are redirected to the captive portal website that shows some terms and condition and also a accept button that connects them. They do not have to enter a voucher. After 30 minutes they are disconnected as it should be but they can easily log on again but trying to reach any website. They are then redirected again to the capitive portal.

    Is there any chance to block the corresponding MAC adress for a certain time?

    Thank you in advance for your suggestions.

    Best wishes,

  • Hi,

    This :

    Pass-through credits per MAC address.
    Allows passing through the captive portal without authentication a limited number of times per MAC address. Once used up, the client can only log in with valid credentials until the waiting period specified below has expired. Recommended to set a hard timeout and/or idle timeout when using this for it to be effective.

    Waiting period to restore pass-through credits. (Hours)
    Clients will have their available pass-through credits restored to the original count after this amount of time since using the first one. This must be above 0 hours if pass-through credits are enabled.
    Reset waiting period
    If enabled, the waiting period is reset to the original duration if access is attempted when all pass-through credits have already been exhausted.

    isn't what your looking for ?

  • Hi Gertjan,

    Thanks for your answer.

    Basicly that's exactly what I am looking for but everytime I enable the MAC pass through they users will not be redirected to the captive portal and they are online directly without accepting the terms of use. They process should be as follows:

    1. They connect to the open WIFI
    2. They are redirected to the captive portal and have to accept the terms but pressing accept
    3. They can use the connection for 30 minutes and will be logged off then
    4. They cannot log on for a certain time and will be redirected to a failure site.


  • @jlorenz89:

    2. They are redirected to the captive portal and have to accept the terms but pressing accept

    This means "Authentication method" must be set to "Local User Manager / Vouchers" or "Radius" so a login page (with hidden authorized user and password)  shows with your terms of use.
    Using a login page means : no more MAC temporary usage.

    What you want isn't possible.

    Are these terms of usage that important ? What about printing them on a paper, so you can skip this part..