Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Problem with the MAC filtering

    Captive Portal
    3
    13
    478
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fmohcine26 last edited by

      In my local network, I have a smart tv (android) connected via '' Ethernet '',
      the captive partail is activated and works without problems
      After authentication on the portal
      the activation of the Wi-Fi mobile hotspot of the TV, gives access to everyone without any control neither captive portal nor mac filter nor anything, it is as if these machines did not exist for the pfsense even if they are connected to the internet
      Help me please
      thank you very much
      ![Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png](/public/imported_attachments/1/Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png)
      ![Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png_thumb](/public/imported_attachments/1/Screenshot-2018-4-3 pro4545 electropro4545 click - Services Captive Portal compVolume Configuration.png_thumb)

      1 Reply Last reply Reply Quote 0
      • J
        jaspras last edited by

        Makes total sense. Your Tv acts as a WiFi router
        Check your tv settings and see if you can make
        It act as an access point not a router

        That’s the easiest i can explain it to you

        1 Reply Last reply Reply Quote 0
        • F
          fmohcine26 last edited by

          @jaspras:

          Makes total sense. Your Tv acts as a WiFi router
          Check your tv settings and see if you can make
          It act as an access point not a router

          That’s the easiest i can explain it to you

          Thank you for your help
          are there any rules to apply on the pfsense and the captive portal to impose the control of the pfsene on the network diffused by the television

          1 Reply Last reply Reply Quote 0
          • jahonix
            jahonix last edited by

            pfSense only sees traffic originating from your TV. All WiFi clients are probably NATted behind the TV's IP so there's no way of telling who's who.
            Which TVs do have an AP built in? Strange idea to have a display device do network services.

            1 Reply Last reply Reply Quote 0
            • F
              fmohcine26 last edited by

              is there a package or setting for example configure the '' PAT '' of such a lot that controls all machine clients

              1 Reply Last reply Reply Quote 0
              • jahonix
                jahonix last edited by

                What? pfSense interacting with a TV-set manufacturer's bad dream? No way. Unless you program it yourself.

                1 Reply Last reply Reply Quote 0
                • J
                  jaspras last edited by

                  Just buy an access point man (an access point not a router) stick it behind your TV
                  Shutdown the WiFi from the TV and you are done

                  1 Reply Last reply Reply Quote 0
                  • F
                    fmohcine26 last edited by

                    I think the best way is to block the MAC address of the ethernet TV network card by applying a mac filter to allow only the wifi connection of the TV

                    1 Reply Last reply Reply Quote 0
                    • jahonix
                      jahonix last edited by

                      Well, good luck then.
                      pfSense is a Layer 3 device an cannot filter on Layer 2. But that's where MACs are.

                      What do you want to allow with "only the wifi connection of the TV" when the TV itself is hardwired and WiFi clients from there are your problem?

                      1 Reply Last reply Reply Quote 0
                      • F
                        fmohcine26 last edited by

                        if mac filtering does not work, should I assign a fixed IP address, for example 10.200.7.40 to the TV's ethernet adapter,
                        and set NAT / PAT
                        redirect this IP address (10.200.7.40) to port 3200 for example
                        but I do not know how to do that, and I do not know if it works?
                        anyway I should at all costs forbid the connection of the television via the Ethernet port
                        thank you so much

                        1 Reply Last reply Reply Quote 0
                        • jahonix
                          jahonix last edited by

                          Assigning a semi-static IP to that device seems like a good idea. You can do that at the DHCP server settings.

                          I have no clue what you want to do with NAT/PAT for your TV. Do you want to reach your TV from the outside?
                          And forwarding port 3200 is needed for what?? From where??

                          1 Reply Last reply Reply Quote 0
                          • F
                            fmohcine26 last edited by

                            I do not control the room where there is television, and
                            There are two possibilities for the TV to connect to the network via wifi or cable via the Ethernet port, the connection by the latter opens a flaw in my network when the TV user activates the mobile hotspot Wi-Fi
                            That's why I should force users to connect the TV by wifi and only by wifi

                            1 Reply Last reply Reply Quote 0
                            • jahonix
                              jahonix last edited by

                              Does the TV need access to internet? Otherwise just block everything from that TV to everywhere else.

                              @fmohcine26:

                              … connect the TV by wifi and only by wifi

                              Unplug the wired ethernet.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post

                              Products

                              • Platform Overview
                              • TNSR
                              • pfSense Plus
                              • Appliances

                              Services

                              • Training
                              • Professional Services

                              Support

                              • Subscription Plans
                              • Contact Support
                              • Product Lifecycle
                              • Documentation

                              News

                              • Media Coverage
                              • Press
                              • Events

                              Resources

                              • Blog
                              • FAQ
                              • Find a Partner
                              • Resource Library
                              • Security Information

                              Company

                              • About Us
                              • Careers
                              • Partners
                              • Contact Us
                              • Legal
                              Our Mission

                              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                              Subscribe to our Newsletter

                              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                              © 2021 Rubicon Communications, LLC | Privacy Policy