VLAN ID from custom Captive Portal
What is the best way to get the client's VLAN ID from a custom captive portal page? For example, if I have a location with 100 AP's, each with a different VLAN id, how can I see which VLAN the client is connecting to the network on? This is useful so I can see where the client is connecting from, and I can create custom rules in my redirection page for various levels of access. I need this to work with a single CP instance, we can't create a CP instance for each VLAN, that'd get unmanageable very quickly.
Has anyone tried doing this before? As it is, I pull the MAC from the Pfsense ARP table, but now I need the VLAN port id.
As I understand it, you want a way to see from what accesspoint a client is connected and then assign access rules based on what access point they are connected to? And you only want one captive portal connection for these multiple levels of access?
Do you always know exactly what access point a user is going to be connected to? What if they walk over to another and get other access privilegies? Isnt it better to base privilegies depending on what group they belong to? Do these users belong to different groups within the organization or are they public users? Maybe a mix?
I dont know if i have understood what you are trying to do here and I feel that there is probably a better way than connecting vlan to users and try to set access rules based of that information.
In most cases you probably cant even get the vlan information from the client itself. Clients usualy dont know what vlan they are on, only the switches and APs knows about vlans and strip off the information before the frame is sent of to the client.
What if you configured one vlan per ssid, made a captive portal for each ssid and each group of users having the same privilegies could connect to that ssid using its captive portal?