Apply Captive Portal only on 1 internet
I have 2 links in my pfsense doing loadbalance, can I apply captive on only 1 of these links? and control who is registered with the MAC have the total speed of the 2 links and who is not only 1 link?
Gertjan last edited by
I have 2 links in my pfsense doing loadbalance, can I apply captive on only 1 of these links?
You mean WAN interfaces ?
But yes, you could assign a gateway on your Captive Portal Interface (Some LAN or OPTx interface) so captive portal users will use a assigned WAN interface.
and control who is registered with the MAC
But for MAC controlled access you don't need to use a captive portal.
Just inform the DHCP server running on the LAN or OPTx interface being used by the captive portal like this :
Up to you to add their MAC's into the list (bottom of the DHCP server page).
have the total speed of the 2 links and who is not only 1 link?
Come again ? You just lost me.
I'll try to explain the situation better, I'm using a translator so I'm sorry if I do not understand something.
I have 2 WAN interfaces and need MAC restriction only on the WAN, and on my WAN 3 I need it to be released to anyone, remembering that the LAN will be connected directly to a wifi router, because all devices are wifi:
But I did the test putting the Captive Portal on the WAN so the speed of this internet would be released only to those who have the MAC registered, but it did not work:
So the conclusion is that I need only WAN 3 running for anyone who connects to the network, and whoever has the MAC registered will also have WAN available.
Gertjan last edited by Gertjan
Captive portal on a WAN interface ?
Never saw that before.
It should be on a LAN type interface.
and need MAC restriction only on the WAN
Same thing. MAC restriction can be enforced by the captive portal MAC tab, or if you use FreeRadius.
You can also enforce MAC access by setting up static leases for DHCP server - and refuse unknown MAC's. A DHCP server runs of course on a LAN type interface.
edit : I don't have multiple WANs so I don't use and don't have expedience with load balancing.