Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can this be done, and how?

    Scheduled Pinned Locked Moved Captive Portal
    5 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jdelliott
      last edited by

      Ok - I am trying to extend the capabilities of my pfSense box (been using it since before 2.0 was released).

      I just upgraded to 2.1. I have my WAN set for DHCP from my ComCrap cable modem, LAN set for 192.168.101.x, and an OPT1 interface that up til now I have not used.

      I am looking to move my wireless access point (it is not a router, just an access point) off of my LAN interface, and onto the OPT1. I want the following behavior, if possible.

      If I don't know you, then you can enter in a guest password that I provide, and you can have internet-only access, on a different subnet from my main network.

      If I do know you, and I am feeling generous, I can pull your MAC off of the DHCP leases page, add a static lease to my LAN subnet, and you can then access my file server with lots of music, movies, etc., without ever seeing the captive portal page.

      Is what I am wanting possible, and how would I go about setting it up? This is strictly for wireless clients, if you are wired then I already implicitly like you enough for you to be able to connect to my file server and other resources (printer, etc)

      Thanks for your thoughts on this.

      1 Reply Last reply Reply Quote 0
      • N Offline
        nothing
        last edited by

        Can happen either with two access points or if the one you have supports multiple SSIDs and VLANs. You can't have both internal LAN and Guest network on single AP/SSID.

        1 Reply Last reply Reply Quote 0
        • J Offline
          jdelliott
          last edited by

          Hmm - I was thinking I could handle everything based on MAC - let's say that I want OPT1 to just be an extension of my LAN, then, in the same IP range as my other wired devices connected to the LAN side, so that I can have wireless clients segmented, and presented with the captive portal, but wired clients don't get the captive portal?

          1 Reply Last reply Reply Quote 0
          • J Offline
            jdelliott
            last edited by

            OK - got to looking at my wireless access point, which is a Tenda W300A model. It supports two SSIDs, so any ideas how to set this up, with the WAP on OPT1, all of my wired devices on LAN, and LAN and one SSID able to talk fully to each other, but have one SSID be blocked off to just internet access only, with the captive portal page?

            1 Reply Last reply Reply Quote 0
            • N Offline
              nothing
              last edited by

              With VLANs. One VLAN for the first SSID, another VLAN for the second SSID. I doubt Tenda supports VLANs.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.