Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VLAN ID from custom Captive Portal

    Scheduled Pinned Locked Moved Captive Portal
    2 Posts 2 Posters 744 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      ehayon
      last edited by

      Hi,

      What is the best way to get the client's VLAN ID from a custom captive portal page? For example, if I have a location with 100 AP's, each with a different VLAN id, how can I see which VLAN the client is connecting to the network on? This is useful so I can see where the client is connecting from, and I can create custom rules in my redirection page for various levels of access. I need this to work with a single CP instance, we can't create a CP instance for each VLAN, that'd get unmanageable very quickly.

      Has anyone tried doing this before? As it is, I pull the MAC from the Pfsense ARP table, but now I need the VLAN port id.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • T
        thurines
        last edited by

        Hi!

        As I understand it, you want a way to see from what accesspoint a client is connected and then assign access rules based on what access point they are connected to? And you only want one captive portal connection for these multiple levels of access?

        Do you always know exactly what access point a user is going to be connected to? What if they walk over to another and get other access privilegies? Isnt it better to base privilegies depending on what group they belong to? Do these users belong to different groups within the organization or are they public users? Maybe a mix?

        I dont know if  i have understood what you are trying to do here and I feel that there is probably a better way than connecting vlan to users and try to set access rules based of that information.

        In most cases you probably cant even get the vlan information from the client itself. Clients usualy dont know what vlan they are on, only the switches and APs knows about vlans and strip off the information before the frame is sent of to the client.

        What if you configured one vlan per ssid, made a captive portal for each ssid and each group of users having the same privilegies could connect to that ssid using its captive portal?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.