Pre-authentication redirect URL

  • OK, I need to set up a Captive Portal whereby users can access a specific website without authenticating. The website is CMS, Joomla actually, and lives at a hosting provider, although it does have its own IP.

    Ideally, I will simply add a link to the website "access the internet"  which takes the user to a Terms and Conditions page. When they agree to the T&C, they are online!

    I know I can create a default user, enable concurrent logins, and hide the input. I just don't get how to set a default website which is displayed before the user logs in. I think uploading a copy of our Joomla website to the captive portal is a bit ridiculous.


  • So, basically you want to create a captive portal with RADIUS logins, but have the actual page be nothing more than a redirect to an external page that you've excepted from the Captive portal, then have the user log-in or otherwise generate something that gets flipped back around with RADIUS to pfSense to authenticate and allow passage.

    How you do all that, I haven't a clue.  But I think that's the general idea, right?

  • Hi,

    Captive Portal –> Allowed IP Adresses:
    any x.x.x.x All connections to the IP address are allowed

    This could be, that they can enter this site without login.
    Not you could add a link on the general Captive Portal login site so that they could brwose to your website, read the Terms and Conditions and then have to go back to the Captive Portal Login Page to get full access to the internet.

  • Sorry for the delay in reply, and thanks for consideration. Basically my non-profit would like to present our CMS (which is joomla) as the captive portal landing page. Somewhere on our site, we would want a link which says "free internet access" which points them to the captive portal page, where they could agree to T&C, then press submit.

    • I need the initial "landing page" to be a simple redirect to my URL, which would be allowed by IP or DNS

    • I need to be able to return from my website to the part where they agree to Terms and Conditions, then press submit

    Any ideas?

  • Rebel Alliance Developer Netgate

    The pre-auth URL will do that, but you need a captive portal page that actually does the redirect to the CMS page, and the CMS server's IPs need to be added as captive portal bypass IPs or hostnames if it's on a separate subnet.

    The pre-auth URL field probably needs a better note saying it requires a special captive portal page be uploaded. You really just need a bit of code at the top of the page (it can be a .php file)

    $request_uri = urldecode(str_replace("/index.php?redirurl=", "",  $_SERVER["REQUEST_URI"]));
    $portal_redirurl = urldecode("$PORTAL_REDIRURL$");
    if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) {
    	Header("Location: $PORTAL_REDIRURL$");

    That does require that your landing page on the CMS server redirect them back to the direct CP URL, http://x.x.x.x:8000/index.php - but it could be rewritten to check for a referer or some other scheme. It isn't as easy as doing a post-auth redirect to another page.

  • Cool, thanks a bunch!

Log in to reply