Use pfsense as a wifi captive portal
-
Hi,
I'd like to use pfsense as a wifi captive portal: authorised users may connect to it via an external access point and go to internet
Therefore I have installed it with two nics: one on the WLAN network, say 192.168.2.x and one on the LAN network, say 192.168.1.x.
WLAN network has an access point (192.168.2.253) that handles Wi-fi connection, LAN has internet connection, i.e. there is a firewall and a router to internet.
What I'd like to do is assign a daily ticket to a user, so this user connects to wifi, is forced to authenticate, and only after that is allowed to use internet, i.e. I have to allow some sort of routing (I think) between 192.168.2 and 192.168.1.254 (the internet firewall on LAN).My question is: how can I do that? Is it correct to do that? Can you point me to a correct solution???
Thanks
-
The routing stuff seems straightforward:
The WLAN side is your pfSense LAN 192.168.2.0/24
Your LAN is the pfSense WAN 192.168.1.0/24
On the pfSense WAN you could:
a) specify a WAN interface IP that is not used in 192.168.1.0/24 - e.g. 192.168.1.253/24 - and set the WAN gateway to 192.168.1.254 and DNS server to whatever; or
b) use DHCP on WAN and your real internet firewall at 192.168.1.254 can give you an IP, gateway and DNS.
If you can modify your real internet gateway to add a route back to 192.168.2.0/24 then you can turn off NAT on the pfSense - no need to end up with "double NAT" if you don't have to. -
It works.
Thanks!!! :)