Can this be done, and how?
-
Ok - I am trying to extend the capabilities of my pfSense box (been using it since before 2.0 was released).
I just upgraded to 2.1. I have my WAN set for DHCP from my ComCrap cable modem, LAN set for 192.168.101.x, and an OPT1 interface that up til now I have not used.
I am looking to move my wireless access point (it is not a router, just an access point) off of my LAN interface, and onto the OPT1. I want the following behavior, if possible.
If I don't know you, then you can enter in a guest password that I provide, and you can have internet-only access, on a different subnet from my main network.
If I do know you, and I am feeling generous, I can pull your MAC off of the DHCP leases page, add a static lease to my LAN subnet, and you can then access my file server with lots of music, movies, etc., without ever seeing the captive portal page.
Is what I am wanting possible, and how would I go about setting it up? This is strictly for wireless clients, if you are wired then I already implicitly like you enough for you to be able to connect to my file server and other resources (printer, etc)
Thanks for your thoughts on this.
-
Can happen either with two access points or if the one you have supports multiple SSIDs and VLANs. You can't have both internal LAN and Guest network on single AP/SSID.
-
Hmm - I was thinking I could handle everything based on MAC - let's say that I want OPT1 to just be an extension of my LAN, then, in the same IP range as my other wired devices connected to the LAN side, so that I can have wireless clients segmented, and presented with the captive portal, but wired clients don't get the captive portal?
-
OK - got to looking at my wireless access point, which is a Tenda W300A model. It supports two SSIDs, so any ideas how to set this up, with the WAP on OPT1, all of my wired devices on LAN, and LAN and one SSID able to talk fully to each other, but have one SSID be blocked off to just internet access only, with the captive portal page?
-
With VLANs. One VLAN for the first SSID, another VLAN for the second SSID. I doubt Tenda supports VLANs.