External login page authentication

Reply to External login page authentication on Tue, 19 Apr 2022 08:07:33 GMT

Gertjan — Tue, 19 Apr 2022 08:07:33 GMT

Like https://www.youtube.com/watch?v=RS0nMVxPznY ?

It's not as simple as the classic local auth with the build in captive portal web server.
I've tried it ones, long time ago, just to see how it works and if I could make it work.

Reply to External login page authentication on Mon, 18 Apr 2022 21:09:23 GMT

guntery — Mon, 18 Apr 2022 21:09:23 GMT

Yeah the pre auth is the wrong option.

Our current captive portals all have external login pages for auth which use a form to send auth details back to the CP.

This way with a remote radius/web server we can better control the login pages and clients.

Don't know how to remotely run the auth so ended up keeping the login page in pfsense and enabling php-mysql to talk to the remote web server, cheers.

Reply to External login page authentication on Thu, 14 Apr 2022 15:49:25 GMT

Gertjan — Thu, 14 Apr 2022 15:49:25 GMT

@guntery said in External login page authentication:

The Pre-authentication redirect URL redirects to our radius

Well ....

a Radius server is a server process that listens on ports 1812 1813 and 1816.
Redirecting a web browser to a radius server .... you have a lot of explanation to do here / I don't get it.

I'm using FreeRadius myself.

Using Pre-authentication redirect URL is "not easy".
Click the link, read and only proceed if you are fully aware of what needs to be done.
I consider the "Pre-authentication redirect" usage very advanced.

Instead of seeing the small word "Connected", use the "After authentication Redirection URL" to a known page, like your own companies web site, where you explain that the visitor was just granted Internet access.