How to: Bypass Captive Portal for RDP connection



  • We have 2 additional networks through data lines 192.168.1.0 and 192.168.2.0, pfsense is in 192.168.0.0 network. The terminal server is on the psfense network, users from the other network can only connect to the terminal server if we add the users IP to the allowed IP addresses tab in captive portal. But by doing this, users can surf the internet without being prompted to login. Is there a solution to bypass captive portal for remote desktop connection only?

    Same thing happens when users from outside network using VPN connection cannot connect to the terminal server unless the terminal server is added to the allowed IP addresses tab in captive portal.

    Appreciate if anyone can guide me through a possible solution.

    Thanks!


  • LAYER 8 Netgate

    Instead of adding the clients to Allowed IP addresses why don't you add the server they need to RDP to.  You should be able to further restrict what ports on that host they can access with normal firewall rules.

    Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example.



  • Thanks for your reply Derelict…

    Did what you said, but the terminal server is still able to access the internet even when rules are added to block port 80.


  • LAYER 8 Netgate

    Instead of saying what you think you've done, post what you;ve done.


Log in to reply