Download Apps behind a Captive Portal

  • Hello everyone,

    One of my clients brought me an interesting problem on pfsense and I need advice.

    My client made an App to improve experience of Public place (like Zoo, museum etc). Basically, they provide a box with pfsense and the place information. A user in the wifi zone of the box will get caught by the Capture Portal that ask him if he wants to download the app (WEB). If yes, the skeleton of the app is downloaded from app stores and the content install from the local box. he is not looking for authentification!

    The problem:

    • Often the capture page doesn't show or users ignore it, then users are stuck with no internet.
    • No internet is accessible until the form is not validated

    The solution would be where the CP is active and some domains are white-listed/accesses y the users even without the popup validation. Is it possible??

    Is it clear enough ? I don't have the detail of the need or environment, I just want to know if it's possible and how.

    Thanks for your advice.
    Good day

  • @mctimber said in Download Apps behind a Captive Portal:

    Is it possible??

    Use one of these, or both :

    Do not try to add domains like microsoft/google/facebook/apple/etc. That won't work (good).

    But, what you really want is the way you propose to use the portal should be "easy and logic" for end-users.
    People out there, also know as the lamda postal visitor, just start to understand what a portal is (took some decade or so).
    Now you want to setup a system where they have to download an app (the thing in your private phone that can do what you want with their phone .. so guess what, people are gona hesitate a lot ...).

    What about this : use normal portal authentication, and after login, redirect them to a page where your app is presented. At that moment, their device can access whatever IP is needed to install the app.
    The App should come from a trusted platform, so that would be one of Google's or Apple servers. I bet it's impossible to whitelist them. An App from a private site ? No way. No one sane will accept that.

  • Thank you for your answer.

    By the your second part, I think you misunderstood what the client want a little.

    1. The app itself is on the classic app store (google, apple), but the content is local (in the box). if the client is a museum for example, all the detail of the exposition are local. Like that, it can be change everytime an exposition change.

    2. The popup page is done by dev and already finish. I provide systems expertise, in that case pfsense. my client DONT want authentification.

    Like I say, I don't have all the technical detail but for the scenario would be (museum example) something like that:

    • Visitor come to museum, buy a ticket
    • Clerk sell ticket and say "You can have more info if you donwload the museum app"
    • Visitor connect to museum wifi
    • The popup pop up(?), with a link to the app stores (google or apple).
    • The user choose to download or not.
    • When he leave the front the front desk, he loose the wifi but the app with the museum info are in the phone so no 4G

    The issue is with the popup which doesn't pop or block the user.

    is it clearer? Frankly, I not sure I can do better because I don't have more information of the situation.

    Still thank you again for the reply