Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Clients -> Captive Portal

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fannet
      last edited by

      My VPN clients connect into OpenVPN for everything (LAN+Internet) however I would like to authenticate them via captive portal before allowing them "on" the network - is this possible? If so how?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        No, Captive Portal happens at Layer 2, and even if you run OpenVPN in tap mode so you'd actually get layer 2 info, its GUI doesn't have a way to tie into the OpenVPN interface.

        There is a ticket open I believe to expand the function in the future so it will work at layer 3 and above so it could be used on any interface, but that isn't possible yet.

        Though if you setup OpenVPN to use user+pass auth, there isn't much point in making them login again through a portal.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • F
          fannet
          last edited by

          Thanks - I figured so I managed a bit of a work around -

          ovpn Client -> pfsense (load balance) -> debian ovpn instance -> pfsense captiva -> lan/internet

          this worked…. and its all on a single VM machine..

          Why the madness? We can do more flexible pre-authentication things w/ captiva than w/ radius.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.