Multiple Logins On One/Same UID?



  • Hi There,

    New to pfSense.

    I'll try to be as brief as possible.  I have a need for two captive portal solutions: A simple one at work (one AP) and an only slightly more involved one for the sail club to which I belong.  I'm currently thinking of using Netgate m1n1wall devices for the hotspot controllers, and Ubiquiti PicoStation M2-HPs for the APs.  If you're interested in the details, you can see them here: "Guest" Hot Spot? and Small Club Hot Spot WLAN?, in the Ubiquiti forums.

    In both cases, though we will certainly want to have some "non-guest/non-regular-user" logins, the vast majority of the users we would like to be able to use a common login.  E.g.: The one at work: "User: guest," "Password: foobarbaz."  Will pfSense's captive portal tolerate multiple simultaneous logins using the same user i.d. and password?

    Basically the entire captive portal thing is as an alternative to a fully-open-access WiFi network.  I'd prefer to make clients have to use WPA-PSK, or at least WEP, but the Powers That Be at each site nix that idea as too much trouble for (prospective) users.

    Thanks,
    Jim



  • I didn't try it myself, but the GUI has an option for that.




  • @Nachtfalke:

    I didn't try it myself, but the GUI has an option for that.

    Okay.  Thanks.

    Can anybody confirm this option makes the portal behave the way I need it to behave?

    Thanks,
    Jim



  • SemiJim…

    I am glad you posted this and (sorry - a bit off thread) I am checking out the suggestions on the other thread. There are some feature sets on the hardware that look promising...

    Regarding your question, I have only just now started working with 1 wireless guest hotspot using the CP setup. So far it works fine with a few exceptions I am working through. If you get this working please post as it looks interesting. It sounds like you may possibly check out bridging your private lan to your private wireless if I am following you....

    Thanks...

    H.



  • @hmeister:

    If you get this working please post as it looks interesting.

    Will do.

    @hmeister:

    It sounds like you may possibly check out bridging your private lan to your private wireless if I am following you….

    In the application at work the WLAN will be connected, via the router/hot spot controller, directly to a "utility" network port on the border router.  This is regarded as an "unsafe" network, as it's outside the corporate firewall.  So, no, I won't be bridging the guest WLAN to our private WLAN.

    In the application at our sail club: The WAN side of the router/hot spot controller will be connected to our LAN, thence to the 'net via our cable modem.

    Jim



  • @SEMIJim:

    Basically the entire captive portal thing is as an alternative to a fully-open-access WiFi network.  I'd prefer to make clients have to use WPA-PSK, or at least WEP, but the Powers That Be at each site nix that idea as too much trouble for (prospective) users.

    I know if you setup the open public Wireless on a specific port using pfSense you can basically tunnel that port right out the firewall to the DSL/Cable by using the "Any" rule and blocking your LAN. You could eliminate a passphrase and run wide open with the SSID broadcasting or as you already know you can use a public login with a known user/passphrase.
    However the other point to your scenario will take some further study and I don't know if it can be done or if I fully understand what your end result will be.
    I do know that you can use multiple logins as I have already tested this in my lab. I just created a user group "Wireless Users" and then created the User Account "Guest" who is a member of the "Wireless Users" group - with a setup passphrase and have logged in with multiple connections from 2 different laptops. So, yes to that question…. and if I remember you can control this on the CP interface but I will need to check this again... Perhaps someone else can chime in....

    I wanted to have two wireless segments on my second customer I am now working with but want to control both public and private wireless using separate ports which goes back to bridging the private wireless to private lan. The other part to this would be to eliminate the port on the pfSense appliance and hang a WPA-PSK wireless AP off the switch for the private wireless network. (no CP)


Log in to reply