Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HTTPS User Auth w/ Captive Portal

    Scheduled Pinned Locked Moved Captive Portal
    3 Posts 3 Posters 8.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LostInIgnorance
      last edited by

      Hello all,

      I am looking for someone who can just help me out.  I have a few "rogue" neighbors who are trying to guess passwords and user names on my captive portal.  I would like to secure it, but haven't done anything besides the creation of the https for the configuration of the pfsense itself.  I am not sure what's supposed to go where in the configuration.  I am using 2.0, but if I remember correctly, the config is the same for any captive portal use (1.2.3 or 2.0).  I would like to use a non self signed cert for the web login (like one of the ones you can get from comodo or somewhere else [suggestions welcome]), but if it is easier with a self signed, so be it.  I am pretty much a little kid when it comes to understanding certs (all goes over my head on what does what no matter what I read).  If someone would be so nice to write up a how to for me, that would be super awesome.

      Thank you everyone for your support!  :D

      1 Reply Last reply Reply Quote 0
      • X
        XIII
        last edited by

        Heres a rough how to, if you need other info (screenshots etc) let me know:

        on the advanced page (https://pfSenseip/system_advanced.php) go to the webGUI SSL certificate/key section and click create certificates automatically, fill out the form, click save. The certificate and key fields will be filled in, copy those to certificate/key fields on the captive portal page, close the advanced page without clicking save, click save on the captive portal page.

        Another option is to use startssl.com, they provide free single host SSL certs

        -Chris Stutzman
        Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
        Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
        freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
        Check out the pfSense Wiki

        1 Reply Last reply Reply Quote 0
        • I
          ianb
          last edited by

          I run a captive portal with HTTPS auth that handles about 150 concurrent users on version 1.2.3.  If you can get it to run in 2.0 I would recommend it only because most certificate authorities use intermediate certs that you would need to put in the chained certs field.  In my case that meant patching the GUI because the webserver supports it but the GUI did not.  If you can't use 2.0, here's the link for the patch.

          http://forum.pfsense.org/index.php?topic=10888.0

          Worked great, now I can use the Comodo wildcard cert we bought for our domain.  Good luck.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.