4. OpenVPN Clients -> Captive Portal

OpenVPN Clients -> Captive Portal

  • F

    My VPN clients connect into OpenVPN for everything (LAN+Internet) however I would like to authenticate them via captive portal before allowing them "on" the network - is this possible? If so how?

    0
  • Rebel Alliance Developer Netgate

    No, Captive Portal happens at Layer 2, and even if you run OpenVPN in tap mode so you'd actually get layer 2 info, its GUI doesn't have a way to tie into the OpenVPN interface.

    There is a ticket open I believe to expand the function in the future so it will work at layer 3 and above so it could be used on any interface, but that isn't possible yet.

    Though if you setup OpenVPN to use user+pass auth, there isn't much point in making them login again through a portal.

    0
  • F

    Thanks - I figured so I managed a bit of a work around -

    ovpn Client -> pfsense (load balance) -> debian ovpn instance -> pfsense captiva -> lan/internet

    this worked…. and its all on a single VM machine..

    Why the madness? We can do more flexible pre-authentication things w/ captiva than w/ radius.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy