Squid & Captive Portal.. but not captive portal

  • Hello all pfSense Guru's out there..

    I will keep this simple…

    I want to be able to send all users who open a browser on a computer connected to my LAN to be directed to a home page that is branded for our company.
    On this page I will have three links: -

    1. External based Intranet - that they should be allowed to without authenticating
    2. Internal Web based system - That they should be allowed to without authenticating
    3. A link to "the internet" ie www.google.com that should pop up a authentication box.

    I will be authenticating with local user dir within squid on pf box.

    I also need their internet access logged via squid light against the username/password they enter.

    I have been throwing this around for awhile... completely ignoring the fact that if I use transparent proxy there is no option to "authenticate".
    Not a big fan of the Captive Portal page/route.

    Can anyone advise the best way of acheving this.


  • Rebel Alliance Developer Netgate

    If you don't like using CP, then your only choice would be to somehow (hardcode, group policy, WPAD, etc) put the proxy settings on every workstation directly.

    That is also the only way you'd be able to control access to HTTPS/SSL sites.

Log in to reply