Captive Portal behind router
-
pfSense 01 = Captive Portal
pfSense 02 = Router with VLANSif I change the settings to default I have a nice login page when I want to use the internet. But if I check the log in the web interface it registers the MAC and IP of pfSense 02 instead of the client MAC and IP.
How can I change this so I see the client MAC and IP address instead of the pfSense 02 MAC and IP address.
I already changed things in NAT with outbound and static routers but can't get it working correctly.
Maybe someone can help me with this.
-
If pfsense 1 is the real firewall, pfsense 2 probably doesn't even need to be doing NAT - disable NAT entirely on that unit. I think you do this by enabling AON, and the editing the rule it shows you, clicking on the "no NAT" checkbox. This basically turns the unit into a firewalling router. That still won't help you with the MAC issue, since MAC addresses are not going to be passed across subnet boundaries. Do you really need the MAC?
-
mac is not needed.
But do i need to make static routes? Because if i disable nat i can't access the pfsense 01 of course.
-
Oh yeah, sorry, forgot about that. Yes, pfsense 1 would need the requisite static route(s) for any subnets behind pfsense 2.
-
on pfsense 02 i selected Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))
I removed the auto created rule.on pfsense 01 i made this static rule:
Interface: LAN
Destination network: 172.16.0.0/16
gateway: 192.168.1.4But it isn't working. someone ideas?
-
Why did you remove the auto-created rule? That wasn't what I said.