Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    block clients from entering internet but with easy way to unblock

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 473 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pcprice
      last edited by

      Hi
      we need to setup squid ( or any other solution) to filter web traffic (http and https) from lan clients .
      BUT , we would like to have an easy way to permit for a local pc admin to get access to web navigation , simply by tipying a login username / pwd .
      Is there any way to setup such a system , using squid or using other pfsense pkg/configurations ?
      All the machines are in a domain , all the local users are limited users .
      The admin should be able to grant access temporarily to a local , limited user , by typyng the login info or something like that , but he should not need to access pfsense configuration to enable or disable rules .
      Maybe a captive portal should be used ?

      thanks

      A 1 Reply Last reply Reply Quote 0
      • A
        akuma1x @pcprice
        last edited by

        @pcprice said in block clients from entering internet but with easy way to unblock:

        The admin should be able to grant access temporarily to a local , limited user , by typyng the login info or something like that

        That's exactly what the Captive Portal does, you could even use the Voucher feature. That let's you setup and hand out "authenticated" time-limited access.

        https://www.netgate.com/docs/pfsense/captiveportal/captive-portal.html

        https://www.netgate.com/docs/pfsense/captiveportal/captive-portal-vouchers.html

        There will, however, be some admin level management work, either on the pfsense machine itself, or on your RADIUS server. You still have to manage all of these users somehow.

        Jeff

        1 Reply Last reply Reply Quote 0
        • leobozziL
          leobozzi
          last edited by

          Hi Captive Portal is an option.

          Check oficial docs about:

          https://www.netgate.com/docs/pfsense/captiveportal/captive-portal.html

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.