Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem with the MAC filtering

    Scheduled Pinned Locked Moved Captive Portal
    13 Posts 3 Posters 849 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fmohcine26
      last edited by

      In my local network, I have a smart tv (android) connected via '' Ethernet '',
      the captive partail is activated and works without problems
      After authentication on the portal
      the activation of the Wi-Fi mobile hotspot of the TV, gives access to everyone without any control neither captive portal nor mac filter nor anything, it is as if these machines did not exist for the pfsense even if they are connected to the internet
      Help me please
      thank you very much
      ![Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png](/public/imported_attachments/1/Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png)
      ![Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png_thumb](/public/imported_attachments/1/Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png_thumb)

      1 Reply Last reply Reply Quote 0
      • J
        jaspras
        last edited by

        Makes total sense. Your Tv acts as a WiFi router
        Check your tv settings and see if you can make
        It act as an access point not a router

        That’s the easiest i can explain it to you

        1 Reply Last reply Reply Quote 0
        • F
          fmohcine26
          last edited by

          @jaspras:

          Makes total sense. Your Tv acts as a WiFi router
          Check your tv settings and see if you can make
          It act as an access point not a router

          That’s the easiest i can explain it to you

          Thank you for your help
          are there any rules to apply on the pfsense and the captive portal to impose the control of the pfsene on the network diffused by the television

          1 Reply Last reply Reply Quote 0
          • jahonixJ
            jahonix
            last edited by

            pfSense only sees traffic originating from your TV. All WiFi clients are probably NATted behind the TV's IP so there's no way of telling who's who.
            Which TVs do have an AP built in? Strange idea to have a display device do network services.

            1 Reply Last reply Reply Quote 0
            • F
              fmohcine26
              last edited by

              is there a package or setting for example configure the '' PAT '' of such a lot that controls all machine clients

              1 Reply Last reply Reply Quote 0
              • jahonixJ
                jahonix
                last edited by

                What? pfSense interacting with a TV-set manufacturer's bad dream? No way. Unless you program it yourself.

                1 Reply Last reply Reply Quote 0
                • J
                  jaspras
                  last edited by

                  Just buy an access point man (an access point not a router) stick it behind your TV
                  Shutdown the WiFi from the TV and you are done

                  1 Reply Last reply Reply Quote 0
                  • F
                    fmohcine26
                    last edited by

                    I think the best way is to block the MAC address of the ethernet TV network card by applying a mac filter to allow only the wifi connection of the TV

                    1 Reply Last reply Reply Quote 0
                    • jahonixJ
                      jahonix
                      last edited by

                      Well, good luck then.
                      pfSense is a Layer 3 device an cannot filter on Layer 2. But that's where MACs are.

                      What do you want to allow with "only the wifi connection of the TV" when the TV itself is hardwired and WiFi clients from there are your problem?

                      1 Reply Last reply Reply Quote 0
                      • F
                        fmohcine26
                        last edited by

                        if mac filtering does not work, should I assign a fixed IP address, for example 10.200.7.40 to the TV's ethernet adapter,
                        and set NAT / PAT
                        redirect this IP address (10.200.7.40) to port 3200 for example
                        but I do not know how to do that, and I do not know if it works?
                        anyway I should at all costs forbid the connection of the television via the Ethernet port
                        thank you so much

                        1 Reply Last reply Reply Quote 0
                        • jahonixJ
                          jahonix
                          last edited by

                          Assigning a semi-static IP to that device seems like a good idea. You can do that at the DHCP server settings.

                          I have no clue what you want to do with NAT/PAT for your TV. Do you want to reach your TV from the outside?
                          And forwarding port 3200 is needed for what?? From where??

                          1 Reply Last reply Reply Quote 0
                          • F
                            fmohcine26
                            last edited by

                            I do not control the room where there is television, and
                            There are two possibilities for the TV to connect to the network via wifi or cable via the Ethernet port, the connection by the latter opens a flaw in my network when the TV user activates the mobile hotspot Wi-Fi
                            That's why I should force users to connect the TV by wifi and only by wifi

                            1 Reply Last reply Reply Quote 0
                            • jahonixJ
                              jahonix
                              last edited by

                              Does the TV need access to internet? Otherwise just block everything from that TV to everywhere else.

                              @fmohcine26:

                              … connect the TV by wifi and only by wifi

                              Unplug the wired ethernet.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.