Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal authentication setup for a specific subnet

    Scheduled Pinned Locked Moved Captive Portal
    2 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jttodorov
      last edited by

      Hello there,

      I have a pfsense installation on a PC in a university library with wireless and LAN workstation PCs for Internet and I want to use its WAN connection for adding additional wireless points in the same building. For authentication I want to use the captive portal setup, the problem is that the PCs in the library also need a password and the users that come to log to the internet get confused about that.
      How can I setup two different subnets for the captive portal - one for the library users and another for the additional wireless anthenas?
      Notice that the library PCs do not need authentication.

      The setup is the following:

      WAN 62.xx.xx.xx
      room subnet 172.xx.xx.xx
      addtional anthenas 192.xx.xx.xx
      172.xx.xx.xx uses WAN 62.xx.xx.xx without authentication
      192.xx.xx.xx anthena users need authentication for internet through 62.xx.xx.xx

      How can I get the two subnets (172.xx.xx.xx and 192.xx.xx.xx) working?
      I think that can be managed through the firewall rules for PPTP VPN.
      Thank you in advance.

      1 Reply Last reply Reply Quote 0
      • S
        ssbaksa
        last edited by

        @jttodorov:

        WAN 62.xx.xx.xx
        room subnet 172.xx.xx.xx
        addtional anthenas 192.xx.xx.xx
        172.xx.xx.xx uses WAN 62.xx.xx.xx without authentication
        192.xx.xx.xx anthena users need authentication for internet through 62.xx.xx.xx

        How can I get the two subnets (172.xx.xx.xx and 192.xx.xx.xx) working?
        I think that can be managed through the firewall rules for PPTP VPN.
        Thank you in advance.

        Hi,
        Tu use CP on more than one interface you must go to PFS2.0.
        If I have get you idea correctly you wish to connect AP's this which are connected on 62.x.x.x by using PPTP to inside net, then use CP to control traffic from them.
        It will be much better if you create VLAN's, then put those AP's together on same (or different VLAN's to distinguish between AP for students and those for stuff) VLAN. PFS will be then between WAN and VLAN's inside campus.
        Each VLAN can have then different set of rules (firewall) and you can choose in what way will CP work on them.

        I hope that this is good explanation.

        Br

        Sasa

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.