Asking to enter vaucher when changing to another vlan

  • A strange thing occur.
    When a client, connected to the captive portal and go from a vlan to another, in the hotel, the authentication screen ask to enter the vaucher again.
    Any idea?

  • Rebel Alliance

    @phdemartin this is expected

    users are identified using their (IP,MAC) couple

    because of the VLANs, user are changing IP

  • @free4 Is it possible to identify the user based only on the MAC adress?

  • Noop.
    Not possible.

    Btw : why using multiple LAN's (same as multiple VLAN's) == multiple captive portals in a hotel ?
    Something like "Captive portal 1" has low speed, and "CP2" has better speed but is more expensive ?

    What went wrong with the idea that "access costs pretty much nothing" and is flat-rate priced anyway.
    So, I never 'sold' vouchers for Internet access, using a captive portal in a 32 room hotel for a decade or so.
    (a couple of 30 $ APs, some dumb switches, a very old PC equipped with pfSense and 3000 feet of Ethetnet cable ... costs about ... nothing).

    edit : and before you ask : pfSense can't, right now, lock a voucher to one device (and IP and one MAC) and forbid any other vouchers usage afterwards.
    It will, as per your settings, disconnect an initial (first) login so only the last (second) login persists. A voucher owner could have multiple devices (phone, pas, PC) and wants to use it on all it's devices.

  • @Gertjan Hi.
    We have a pretty poor connection 2X 15 meg down, 2x 2meg up here in the coast of Chile.
    In past years, the access points was accessible with wpa2 and password, but the crowded neighbors was always able to get the password from an employe or a guest and was stealling all the bandwidth.
    So we implemented a Pfsense (netgate 3100) to limit tha bandwidth per client and to control the internet acces.
    My client don't sale the Vaucher, the desk simply give a vaucher to avery guest acordingly to the time of stay in the hotel: 1,2,3,5,7,10 or 15 days
    We set various zones with diferents Vlan to have more than 254 address available for the clients and for private acces. Any sugestion ?

  • Rebel Alliance

    @phdemartin yes,
    given your usage, pfsense seems to not be the appropriate captive portal tool for your usage. pfsense does not support cross-vlan captive portal

    I would recommend you to look into other appliances dedicated to captive portal (such as PacketFence)

Log in to reply