Captive Portal behind existing firewall

  • I already have a wired and wireless LAN network behind a firewall.

    wired devices –----------------------------------------[ switch ] –----- [firewall] –--- internet
    wireless devices --- [access points] –---------------------

    i want to force all connected devices (wired and wireless) to go through a captive portal. How can I achieve that using PFSense?

    My initial thought is I will need to put PFSense between switch and firewall. But, I am not sure how to configure PFSense to do that. I don't want PFSense to perform NAT or DHCP, want to only use its captive portal functionality. Any pointers will be appreciated.

