Apply Captive Portal only on 1 internet



  • I have 2 links in my pfsense doing loadbalance, can I apply captive on only 1 of these links? and control who is registered with the MAC have the total speed of the 2 links and who is not only 1 link?



  • Hi !

    @lukas333 said in Apply Captive Portal only on 1 internet:

    I have 2 links in my pfsense doing loadbalance, can I apply captive on only 1 of these links?

    Links ?
    You mean WAN interfaces ?
    But yes, you could assign a gateway on your Captive Portal Interface (Some LAN or OPTx interface) so captive portal users will use a assigned WAN interface.

    @lukas333 said in Apply Captive Portal only on 1 internet:

    and control who is registered with the MAC

    Yep,.

    But for MAC controlled access you don't need to use a captive portal.
    Just inform the DHCP server running on the LAN or OPTx interface being used by the captive portal like this :
    b6c60f49-f9c0-4877-a2ee-022816fcff16-image.png

    Up to you to add their MAC's into the list (bottom of the DHCP server page).

    @lukas333 said in Apply Captive Portal only on 1 internet:

    have the total speed of the 2 links and who is not only 1 link?

    Come again ? You just lost me.



  • I'll try to explain the situation better, I'm using a translator so I'm sorry if I do not understand something.
    I have 2 WAN interfaces and need MAC restriction only on the WAN, and on my WAN 3 I need it to be released to anyone, remembering that the LAN will be connected directly to a wifi router, because all devices are wifi:
    pfsense.jpg

    But I did the test putting the Captive Portal on the WAN so the speed of this internet would be released only to those who have the MAC registered, but it did not work:
    pfsense22.jpg

    So the conclusion is that I need only WAN 3 running for anyone who connects to the network, and whoever has the MAC registered will also have WAN available.



  • Hi,

    Captive portal on a WAN interface ?
    Never saw that before.
    It should be on a LAN type interface.

    @lukas333 said in Apply Captive Portal only on 1 internet:

    and need MAC restriction only on the WAN

    Same thing. MAC restriction can be enforced by the captive portal MAC tab, or if you use FreeRadius.
    You can also enforce MAC access by setting up static leases for DHCP server - and refuse unknown MAC's. A DHCP server runs of course on a LAN type interface.

    edit : I don't have multiple WANs so I don't use and don't have expedience with load balancing.


Log in to reply