User Authentication per IP Range Is there a better way?
I just wanted to ask if this is the best way to do it.
I'm planning on using the pfSense capitve portal in a student dorm. Every Room has is own IP Range. This is realised through Option 82 with Cisco Switches and our DHCP Server and ( unfortunately not the pfsense dhcp :( ) So every room is uniquely identified through a IP Range. We have a mysql database with holds the information if a room has paid to use the internet.
Now i have written a php script that gets the information out of the mysql database and does the same thing as the captive portal page to add or remove IPs from the allowed IP list. And i dont want to have them input any login credentials. Authentication should be based on their IP range.
The point of this is allow rooms which have paid to allow access through the captive portal or deny if they have not. If they have not they gonna be redirected to a page where they can find payment options.
Is this the best way to do this? And i would like to add another feature, but i don't know how to do. It would be nice if although its an allowed IP if its a new mac address, the first page they gonna see is a terms and conditions page. Where there just accept them and then can surf the web.