Captive portal and Vlans / subnets
-
I hope this hasn't been answered before, i have looked and quite find the answer.
I will have two wireless networks which will be on Vlan 2 and 3. I want to present 2 different landing pages and push them through to 2 different pages once authenticated. My solution:
each vlan will have different DHCP and assign different IP ranges, the webpages can run php that show a page depending on IP, the push through page defined on the CP interface will also be a simple if your IP is this then forward to this page…
My problem is that I have never got CP to work on different vLans (or more importantly different subnets). I have posted before and been told a simple firewall tweak is all that is required, however I can't get my head around it. Does anyone have a walk through or can elaborate on what this tweak would need to be?
-
I assume your pfsense box is the default gateway for your two wireless VLANs? If so, I know there's an option in release 2.0-RC1 that lets you select which interface to enable the portal on. It's right at the top of the Services > Captive Portal page. I'm brand new to pfsense, so maybe you've already tried this without success…
Hope this helps!
-
You have to code it yourself on the login page to do the differentiation.
-
The differentiation between the networks i can code easily enough using php.
The problem is that if the box is assigned a default IP of 192.168.200.1 the first subnet is 192.168.201.0/24 and the second subnet is 192.168.202.1/24 when i try and log on from either vLan i get pushed to 192.168.200.1 for the captive portal, however I can't see that page since it is on a different page.
I assume a firewall or route needs to be written, i can't seem to get it to work though.
-
You can configure a passthrough IP for this.
("Allowed IP addresses" on the CP config page)