Bypass Captive portal on Pfsense using a unify SSID



  • Hello there.
    I use pfsense for a captive portal (also DHCP and DNS forwarder).I also installed unify controller on the box to control my AP's.
    The SSID has no security on it (open) and the users land to captive portal.
    I have a situation that i have 400 devices that i want them to bypass the captive portal.Of course i can whitelist 400 hundred mac addresses in the captive portal, but i was wondering if i can add another SSID to the unify ap's via the controller, use this SSID for these 400 devices,and "whitelist" that SSID on pfsense somehow.
    Can i accomplish this?



  • Ok.
    So i configured a second ssid to unify controller with a vlan tag.
    I also configured a vlan to pfsense attached to the same hardware interface as the normal wifi.I also entered the same vlan tag.
    I set up dhcp, but when connecting to the new SSID i get no dynamic ip from pfsense.
    The whole network runs on Layer 2 Gbit switches.

    You think that this is the problem?


  • LAYER 8 Global Moderator

    So you setup the vlans on your switches, with the tag setup for your new vlan.



  • Thank for your time answering this topic.
    The switches are all unmanaged layer 2.
    So no vlan information can "travel" through them.

    My regards.


  • LAYER 8 Global Moderator

    its not so much that vlan tags can not travel through them.  Many dumb layer 2 switches will carry the vlan tags through the switch.  But its not the correct way to do it, and possible that the switch strips it or doesn't pass the tagged traffic.

    The correct solution to using vlans is use a switch that understands them and correctly set them up on said switch(es)..



  • you'll need a layer 3 switch to achieve this with trunk ports facing the AP's and FW.


Log in to reply