• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Assign IP and Limit mac address

Scheduled Pinned Locked Moved Captive Portal
2 Posts 2 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    TheT
    last edited by May 5, 2009, 7:58 AM

    Hello Everyone,

    I have pfsense with multi-ports  WAN, LAN, OPT1, OPT2,  I use OPT1 and OPT2 as additional subnets.

    WAN - Public IP /30
    LAN:  192.168.1.0/24
    OPT1: 192.168.2.0/24
    OPT2: 192.168.3.0/24

    I would like to use captive portal and based on account login,  pfsense should give the user one of the configured ip addresses belonging to one of the subnets above.  And only allow one account to login using 1 computer but not multiple computers.

    In doing so, it allows me to be able to control what subnet a user account is allowed to login and use.

    1. One Account Login (only allow 1 mac address to connect per account, if login using another computer, disconnect the previous one)

    2. Able to control what subnet to put the user on in based on account login information.

    Is this possible?

    Regards,

    TheT

    1 Reply Last reply Reply Quote 0
    • G
      GruensFroeschli
      last edited by May 5, 2009, 9:39 AM May 5, 2009, 9:38 AM

      Please do not post the same question multiple times.

      No this is not possible.

      But even if it where possible.
      Beginning by having multiple subnets on the same physical layer.
      This is bad practice. Someone could assign himself directly an IP and have access to everything (in his subnet).
      Also its not good for your security to identify users based on MAC.
      Do you know how easy it is to sniff some traffic on a network and fake one of the "authenticated" MACs?

      Maybe if you could elaborate on what you're trying to do in the end someone could provide a better solution.

      We do what we must, because we can.

      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

      1 Reply Last reply Reply Quote 0
      1 out of 2
      • First post
        1/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received