Captive Portal blocks my ssh trafic.
-
Hi everyone;
I have a problem about captive portal.
in a nut shell; i cant ssh my server behind the pf when the Cap. portal is enable in my test env.. When i disable the portal my ssh tries are successfull. I just want Captive Portal prevents me just http or https connections. my lab aims ssh tunnel over captive portal. so a ssh tunnel must be exist. I am trying to bypass captive portal authentication over ssh tunnel. so no need username or password or mac-filter bypass.Best regards.
-
Yeah, and this is exactly why the whole CP idea is broken by design. You MUST go thru the portal via a web browser for the other traffic (such as SMTP, IMAP, POP3, SSH) to start flowing and work. The only way around is the Allowed IP Addresses list. This however will NOT keep the CP functionality for HTTP/HTTPS either for those IPs. They simply will be allowed without going thru the portal.
-
You could try doing what Doktornotor suggested by adding the devices to "Allowed IP Addr" list and then allowing those devices to access only dns/ssh/etc OR deny http(s) etc using firewall rules/Aliases…depending on how you want to do it, its worth a try.
-
If you want seamless authenticated access, use PPPoE to connect to pfSense instead of a captive portal.