Autologin with systemuser



  • Hi,
    I'm running a W2K3 PDC and a pfSense-Firewall with Squid an Captive Portal. Now I want the Browser to login automatically on Captive Portal, if the user who opened the browser is existing in the db pfsense is using. If the User is not existing in that db, the login-page should be displayed.

    Is that possible ? how can I put that into effect ?

    Thx !



  • You could set up a MAC to IP static in the DHCP server then add the MAC and IP address to pass, this way when there computer with the wireless card can connect without login or being redirected. If it is a USB wireless card it can be used in any device and pass.

    This is true for any network card be it wireless or Ethernet (NIC) because the CP is looking for the MAC address which is unique to all network devices.



  • This is true for any network card be it wireless or Ethernet (NIC) because the CP is looking for the MAC address which is unique to all network devices.

    Thats not true … its possible to fake MAC-Adresses ... as the AP is filtering MAC-Adresses, a intruder needs to fake his MAC.

    I Would like to grant via a user- and password-list. Isn't that possible in such a way ?

    THX!

    P.S.: Sorry for my bad english ;-)



  • Yes you are correct about the MAC spoofing.

    If you do not want to authenticate via the MAC address I do not think there is a way as the PFsense server would need some way to identify the user connecting.



  • You could turn off hard and idle timeouts in the CP so they only need to login once, the problem with this is if they use a different network card/computer they must login again.



  • @SiY11:

    You could turn off hard and idle timeouts in the CP so they only need to login once, the problem with this is if they use a different network card/computer they must login again.

    Ok, this solution sounds good. I think, that ought to work. I'll try this. :)

    Thx!

    Edit:
    hm,
    ok I tried … next problem ... each user can now access the internet from this pc. I thought only the user, who was logged in, can access without a new login.


Log in to reply