Enter TV MAC address on CP login in page?
-
@Gertjan Does france still have the hotel requirements about wifi and identification and logging of traffic and logs of mac and IPs for like a year.. Or is that no longer a thing.
I wouldn't provide any wifi that is for sure if had to meet those requirements.
-
I guess it's still mandatory
It's also common knowledge that Europe has a strong 'protect the consumer' laws. Collecting loads of data from a person isn't allowed. Like : as a hotel we collect client names and some times phone numbers, addresses, mail, etc. These have to be protected. I'm not allowed to start a spam cycle with them. Etc.I thinks our national courts are now aware of the fact that people that
- use public wifi
- and have things to hide,
- use a VPN.
My point of view : as long as the government didn't made public a complete howto setup guide how to activate a complete MITM setup, where I can see and log all data as send and received by the 'client', I can't and won't spend my time doing so.
If I do, and I have the data, I risk to go to prison as I broke all the RGPD laws.
So .. what will it be ?
Today : the client uses an RFC1918 IP I assigned to them. The only unique ID I get back from the client is the MAC address, which is by default randomized, so 'worthless'.
I can 'see' where they go, true .... toctoc, facebook netflix google or some VPN end point, but this info is already RGPD protected.
Do I need to collect info that can be used against myself ?I'm from Holland, live in France and I've a 'personal' rule : I leave it up to the french to deal with France's rules/laws. It always takes time as they talk a lot, but they'll figure it out eventually.
-
Thank you for all your replys,
Yes having users enter there tvs MAC address is a little far fetched, could the ip address work, been the system uses ip address now to get mac address? e.g a user uses there phone to go the captive portal logon page enter these user or voucher code, then press a tick box or whatever to have get a input box appear so they can enter the tvs ip address, this could be easier to get from the tv wireless network page.
-
@Adamzsite said in Enter TV MAC address on CP login in page?:
this could be easier to get from the tv wireless network page.
Maybe, maybe not - this prob same spot where you would see the mac address ;)
Has this actually been a problem? I mean really - I don't see why this should be your problem to be honest.. I am having a hard time believing that users could be this dumb.. I have a wifi tv that I travel around with in my RV, and I don't know how to connect to a wifi network that uses captive portal? Is use of captive portal not a thing in UK in RV parks? I mean either the device/tv supports it.. Rokus for example have a specific hotel mode that allows for captive portal auth.
https://support.roku.com/en-gb/article/215058118
How do I use Hotel & Dorm Connect to connect to the internet?Or they would of come up with a better solution already, ie hotspot off phone or travel router.
If I had a RV, I for sure would have a travel router in it - for one just to provide a local network for my devices to use, even when not connected to the internet. Ie for example viewing media off a media server I would run in the RV ;) And this would also allow for all my devices would have with me, phones, tablets, laptops, console gaming systems, etc. etc. To just auto connect when I connected the travel router to some internet connection.
I can't image connecting multiple devices to a captive portal wifi, or even if not a captive portal every time I move around.. When me and the wife go to a hotel, we have our phones, tablets and normally a roku to plug into the tv in the hotel room.. And sometimes my work laptop, sometimes a chromebook etc. if I had to connect all of them to a captive portal, most likely require reauth ever 24 hours it would be horrible!!
I take a couple of minutes to setup the travel router, and boom all my devices auto connect to the known wifi.. Saves frustration and quite a bit of time. And normally provides for much better connectivity.
-
Thank you again for all your replays.
Again, it might not be every person's idea of what is needed, but for me, it's the only idea I could think of to make the captive portal work better for my situation.
I think the IP address might work because looking at most UK WiFi-enabled TVs when you connect to the network, it shows your Mac and IP address, i could easily instruct users to copy the ip address and enter it on a page, possible situation a tick box that opens a new entry box, and then you type the IP address, and then that would ask the script to get the Mac and enter it for that user or voucher.
I understand that it's never that easy to just do that, and not being a PHP or HTML coder, I don't have the skills to implement this myself.
Thank you again.
-
Maybe the real solution is to switch to a generally available wifi connection for all customers (either static or mobile). Maybe also use rate limiting so all users get a fair share.
Build in a nominal ยฃ into your pricing, but make it reasonable & attractive.
Your time can then be better spent meeting & building customer relations, rather than helping non-techie customers with CP stuff.
Promote the fact that Internet is included as a reason to stay on your site & potentially increase occupancy.
Presumably you have electrical outlets for each plot ? Make sure they are metered & reflect current supplier costs.
-
Just been looking into other ways I could solve this issue. Could PPSK and RADIUS be the answer? Has anyone set up a RADIUS system on pfSense with PPSK codes that can act like a pre made voucher codes?
e.g., I make a list of PPSK codes that my OpenWRT access points use from my pfsense router to get the user on the wifi. I could then also use RADIUS for my long-term users and add MAC addresses for seasonal and TV, but temp users will just work; no web page needed.
Any help or pointer would be greatly appreciated.
-
Hi all.
I have looked into the FreeRADIUS server in pfSense and seem to hit a wall. I can use my OpenWrt access points to use PPSK and link to the FreeRADIUS server in pfSense, but I'm having trouble using the tunnel-password option in the pfSense GUI or user.conf file to just use a PPSK passcode.
I'm hoping to use just a passcode and not link it to a Mac; no VLANs needed.
the aim is
Staff passcode on staff SSID VLAN1
Guest (lots of unique passcodes) on Guest SSID VLAN 10: I can generate passcodes and import them into the user config file once I have a template to use.
Can anyone help?I'm not sure if I can use the PPSK option in OpenWrt and use a personal PSK or if I have to move over to an enterprise PSK to get it to work (enterprise PSKs are not TV or IoT friendly).
Thank you for any help.
-
@Adamzsite If you are using ppsk, why do you need a captive portal at all? Or radius? Your staff can use a ppsk that puts them on vlan X, and clients where you change and delete old ppsks go on vlan Y.
I just moved to ppsk, to allow me to trim down the number of ssids I was broadcasting. If you log in with ppsk A, you get put on vlan A, if you login with ppsk B you are on vlan B, etc..
I trimmed down 3 ssids to 1 this way.
-
@johnpoz Sorry didn't exsplain myself im not using ppsk at the moment I trying to get it to work, then i can turn captive portal off.
I was wondering if anyone has setup ppsk with tunnel-passcode as the login in freeradius and openwrt APs?
