Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Reverse Captive Portal?

    Scheduled Pinned Locked Moved Captive Portal
    5 Posts 4 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      virtualliquid
      last edited by

      I have an internal webpage that I would like to have a pre authentication on it from pfsense before getting directed to the webpage. I am the only one who will use this page and need authentication. Is there someway to make PfSense ask for login credentials before directing to a internal server?

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        No, there's no reverse CP, plus you can authenticate anyone you want on your webserver natively, just why would you use CP for this?

        1 Reply Last reply Reply Quote 0
        • V
          virtualliquid
          last edited by

          It does not have to be CP, but what I am trying to achieve is more security for a internal HTTP server that is running a RDP server for all my my equipment. It is a open source software called Guacamole, and it basically runs a HTML5 VPN. I feel that even though it is on ubuntu server with https it is still not safe enough to just point out to the wild west. So I thought I would feel better if it has one more layer of security in front of it. If not pfsense then I might have to look into 2 factor authentication or token type stuff, I know there is some opensource for it, but I am sure it is a bit more than I want to deal with right now.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            The only way to authenticate before allowing a connection would be to run a VPN client to the firewall (like OpenVPN) and then connect to that server after.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • C
              chris4916
              last edited by

              I'm not sure this is the only way  although it does work.

              I don't really understand what the initial problem is neither what additional authentication will bring but if this is what you want to deploy, why not looking at reverse proxy  ???
              I don't know what pfSense reverse proxy package provides (in term of feature) but the is a lot of reverse proxy implementations (Nginx, HAproxy Vulture) that may solve your problem, kind of  ;)

              Reverse proxy will prompt user for authentication. Most of then will allow you to select among various kind of authentication mechanisms and some will also add capability to create tunnelling and encryption  8)

              What I really mean here is that captive portal wording is meaningless here (to me) as there is nothing captive. User may decide to access or not your interface.

              Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.