4. How secure is Captive portal?

How secure is Captive portal?

  • S

    Hi All,

    Prelude

    A little while ago I was tasked with deploying secure WiFi.

    Soon after I came to a realisation that there is only 2 ways you can go with this

    Wifi + SSL authentication
    Wifi + Captive portal (CP)

    SSL authentication does not fit my specification so I had to go captive portal > pfsense

    My implementation is now complete, I have wifi gateways that authenticate clients via CP, with a radius server pointed to AD. So all my WiFi traffic is routed through pfsense and thus Lan services can be firewalled.
    Security is managed in 3 ways.

    1. Wifi Association
    2. CP Authentication
    3. Access restriction (Firewall)

    Question:

    In my understanding when a client authenticates with CP its mac address is added to a list of allowed addresses through CP. But if I can associate with a network I can ARP for MACs and spoof my mac. What then?

    Thank you.

    0
  • C

    It's as secure as you're going to get at the gateway level. Your infrastructure at layer 2 (switch and/or AP) has to handle any other bad things that people try to do as that's beyond the firewall's control.

    0
  • C

    @cmb:

    It's as secure as you're going to get at the gateway level. Your infrastructure at layer 2 (switch and/or AP) has to handle any other bad things that people try to do as that's beyond the firewall's control.

    +1 - Get better switches

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy