Captive Portal behind router
pfSense 01 = Captive Portal
pfSense 02 = Router with VLANS
if I change the settings to default I have a nice login page when I want to use the internet. But if I check the log in the web interface it registers the MAC and IP of pfSense 02 instead of the client MAC and IP.
How can I change this so I see the client MAC and IP address instead of the pfSense 02 MAC and IP address.
I already changed things in NAT with outbound and static routers but can't get it working correctly.
Maybe someone can help me with this.
If pfsense 1 is the real firewall, pfsense 2 probably doesn't even need to be doing NAT - disable NAT entirely on that unit. I think you do this by enabling AON, and the editing the rule it shows you, clicking on the "no NAT" checkbox. This basically turns the unit into a firewalling router. That still won't help you with the MAC issue, since MAC addresses are not going to be passed across subnet boundaries. Do you really need the MAC?
mac is not needed.
But do i need to make static routes? Because if i disable nat i can't access the pfsense 01 of course.
Oh yeah, sorry, forgot about that. Yes, pfsense 1 would need the requisite static route(s) for any subnets behind pfsense 2.
on pfsense 02 i selected Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))
I removed the auto created rule.
on pfsense 01 i made this static rule:
Destination network: 172.16.0.0/16
But it isn't working. someone ideas?
Why did you remove the auto-created rule? That wasn't what I said.