Assign IP and Limit mac address

TheT · May 5, 2009, 7:58 AM

Hello Everyone,

I have pfsense with multi-ports WAN, LAN, OPT1, OPT2, I use OPT1 and OPT2 as additional subnets.

WAN - Public IP /30
LAN: 192.168.1.0/24
OPT1: 192.168.2.0/24
OPT2: 192.168.3.0/24

I would like to use captive portal and based on account login, pfsense should give the user one of the configured ip addresses belonging to one of the subnets above. And only allow one account to login using 1 computer but not multiple computers.

In doing so, it allows me to be able to control what subnet a user account is allowed to login and use.

1. One Account Login (only allow 1 mac address to connect per account, if login using another computer, disconnect the previous one)

2. Able to control what subnet to put the user on in based on account login information.

Is this possible?

Regards,

TheT

GruensFroeschli · May 5, 2009, 9:39 AM

Please do not post the same question multiple times.

No this is not possible.

But even if it where possible.
Beginning by having multiple subnets on the same physical layer.
This is bad practice. Someone could assign himself directly an IP and have access to everything (in his subnet).
Also its not good for your security to identify users based on MAC.
Do you know how easy it is to sniff some traffic on a network and fake one of the "authenticated" MACs?

Maybe if you could elaborate on what you're trying to do in the end someone could provide a better solution.