Maintaining access points in captive portal



  • I have a bunch of access points in my captive portal. My pfsense is 1 wan and 1 lan with captive portal on the lan. I can remotely VPN to the pfsense using ipsec or openvpn but I cannot access the access points' web interface, ever. The goal is to remotely check the access point for proper operation.

    Is this a feature of captive portal? Is my configuration incorrect or do I need to make some other adjustment with firewall or vpn settings


  • Netgate

    The captive portal operates by forwarding traffic for which it doesn't have an entry to the portal page instead of the destination the user asked for.

    I have never tried it but I'm pretty sure pfSense will allow connections out a captive portal-controlled interface and will set up the states.

    A better way to do it would be to tag two (or more) VLANs to the interface with your access points on it.  Have the access points listen on one VLAN for management traffic (the management VLAN) and tag traffic for various SSIDs to other VLANS.  You can then have one SSID controlled by a captive portal, another open, another to whatever.



  • I have it working. Thanks!