Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Clients -> Captive Portal

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F Offline
      fannet
      last edited by

      My VPN clients connect into OpenVPN for everything (LAN+Internet) however I would like to authenticate them via captive portal before allowing them "on" the network - is this possible? If so how?

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        No, Captive Portal happens at Layer 2, and even if you run OpenVPN in tap mode so you'd actually get layer 2 info, its GUI doesn't have a way to tie into the OpenVPN interface.

        There is a ticket open I believe to expand the function in the future so it will work at layer 3 and above so it could be used on any interface, but that isn't possible yet.

        Though if you setup OpenVPN to use user+pass auth, there isn't much point in making them login again through a portal.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • F Offline
          fannet
          last edited by

          Thanks - I figured so I managed a bit of a work around -

          ovpn Client -> pfsense (load balance) -> debian ovpn instance -> pfsense captiva -> lan/internet

          this worked…. and its all on a single VM machine..

          Why the madness? We can do more flexible pre-authentication things w/ captiva than w/ radius.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.