Set pfsense captive portal in a hospital

  • Hello,
    I'm working in a hospital and my project is to set a captive portal to secure a wireless connection. I chose to install pfSense on a machine (2 network cards) that will be the server and which will be located between the WIFI controller (LAN interface) and the switch (WAN interface). The network is segmented with VLANs, we have two access points (VLAN27 : Internal , VLAN28 : Visitor), I have to manage that when somebody wants to connect on Visitor, it's redirected to the pfSense authentication page (only Internet Access) and when somebody wants to connect on Internal, it's not secure (instant acess to internal network + Internet). My problem is about pfSense configuration, do I have to configure VLANs ? I would like that according to the VLAN where we connect, the DHCP server gives an IP address that matches (I would like to use the DHCP relay because there is already a working DHCP server). Also, I'm wondering about authentication, am I forced to pass through a RADIUS server or can I directly pass through pfSense (add users) and keep logs in a file ?

    Thanks in advance for your answers, I hope that I have been clear enough.

  • We tested the captive portal with a laptop, it's working now but we aren't redirected to the authentication page automatically…

  • I don't usually post but I know this forum can occasionally be idle when you have an urgent need.

    How are you authenticating users?  Our users were skipping the authentication page until we found that PFSense was not authenticating with our RADIUS server.

    We are a Medical University using PFSense (2 NICS) with multiple AD servers configured to work with RADIUS.  We do not have any VLANS set for the traffic since our wired traffic is on a different network.  PFSense is also acting as the DHCP server.

Log in to reply