Help with Kids Voucher Access

oorickyoo

Hello Captive Portal Experts,

I have been using PFSense for a while now, and have become intrigued with the Captive Portal option.

With summer comming, and the kids ready to spend 24-7 on minecraft; I thought a CP with vouchers would be a good way to bribe them into helping out around the house during the summer.  This could also be incentive for them to get off the internet once and a while  :)

I am having some trouble executing this master plan of mine, I am not sure how to start.  What I'd like to happen:
-All of the kids devices (and there are lots) must connect to the internet through the Captive Portal, using vouchers provided by me - various times based on tasks completed
-Vouchers would be assigned by child, not device
-Access is allowed only for the time alloted on the voucher
-Access to other networked resources (ie - NAS, printers, etc) are allowed even when internet is blocked
-Any other device has free access to the internet, no Captive Portal required

My setup:
-Pfsense box with 2 interface cards (WAN and LAN)
-WAN connected to cable modem
-LAN connected to 24-port unmananged switch
-Switch connected to various devices and AP's through out the house
-DHCP Reservations are used (for everything); kids devices are limited to 192.168.1.10 through 192.168.1.39; all other devices will have an IP reserved that is greater than 192.168.1.39
-The kids have both wired and wireless devices
-The rest of the house has devices that are both wired and wireless

Am I asking to much, or is this something that is realistic?

Thanks to the community for any help!!

Gertjan

Hi,

Just activate the portal interface.
You have two NIC's, so the portal interface has to be on the LAN interface.
Hook all your 'devices' that the switch, all PC's (tablets, etc) can access these devices (NAS, printers, whatever). Understand that pfSense couldn't event forbid that, all passes through the switch without pfSense even seeing the trafic.
Visit the tabs "Pass-through MAC" and "Allowed IP adresses", us one or both of them to enable unconditioned Internet access for your devices.

Activate the Voucher system.
Play with it.

Understand that a perfect solution would be: a third NIC: Portal Interface only, so some firewall rules could strengthen the house rules.

You'll see, it will be functional at the end of the day.

To get the kids off-line: pull the plug.

The problem is: do not cluster to many kids on the same place, your troubles won't be related pfSense ;)
Btw: be ready to get your NAS hacked, your Printer printing in braille, etc.

oorickyoo

Thanks for the info Gertjan!  I will give it a go.

Pulling the plug would be the ultimate solution; unfortunatly they are home while I am at work.  This should be good incentive to get them to help out around the house a bit.

The plan is:

• Give each of them a chore or two to do each day
• Once they have completed said chore, the can text me with photo evidence
• I will then text them the appropriate voucher number to allow them access to the internet

Is there any way to schedule the portal to be active only during specific hours of the day?  All other hours are free for all use?