Exclude an Interface from DNSBL
Hope someone will be able to point me in the right direction here, Here's my network layout.
LAN 1 - 10.10.1.0/20 - Guest Network
LAN 2 - 192.168.1.0/24 - Admin Network
WAN - PPPoE
I'm running Captive Portal on LAN 1. I have installed and configured pfblockerng to block certain websites on the Admin Network, But my problem is the same blocking applies to the Guest Network. My question is, How do I exclude the LAN 1's (Guest Network) traffic from being filtered by pfblockerng? I already tried using 220.127.116.11 to bypass blocking as the default DNS for LAN 1 but this breaks the redirection to the Captive Portal page.
Just pass 18.104.22.168/22.214.171.124 in the captive portal.
Apologies if I posted on the wrong topic. If I bypass 126.96.36.199 and 188.8.131.52 on the captive portal do the clients still get redirected to the Captive Portal even in I use those DNS on the interface where the CP is enabled?
Captive portal clients have to be able to resolve names to make the initial connection that triggers the redirect to the captive portal.
If you do not want them set them to use the DNS resolver in pfSense because you are using DNSBL there, you must tell them to use something else.
You must pass those DNS servers using the Allowed IP addresses in the Captive Portal or they will not be able to resolve names prior to authentication through the portal.