WAN connection through hotel network (login page required)
-
So I have my laptop setup with vmware workstation and a pfsense install in a vm inside it.
I'm on the road a lot and would like to be able to run my vm environment for testing, however whenever I try and run pfsense and have the WAN interface be a connection out through something like a hotel network, I can't get it to connect to the internet…
The nic configuration in vmware is a bridged connection, so that pfsense appears as its own device...
I think the issue arises from the fact that in order to connect to the internet at places like hotels and such, you usually have to pull up a browser page and enter things like a password or a room number... since pfsense doesn't have a browser I'm a little stuck on how to do this.
Any thoughts?
-
Three options:
1. Set the VM to be NAT, not bridged – so that when you sign into the hotel network from the PC containing the VM it appears from the same MAC address
2. Load a client VM behind the pfSense VM with a browser and sign on from there
3. Try to use the console "links" browser to sign into the Hotel network -
You can do a few things.
1. Set up your workstation to be behind that vm in general. I do something similar with virtualbox on one of my work computers, and I have virtualbox using my NIC as the WAN for pfsense, and I have another virtual NIC that is 'LAN' or equivalent that my laptop uses as if it was it's only network interface. The pfsense VM's wan gets whatever is at the physical ethernet port of the machine, and then my laptop gets it's route through a virtual NIC and is behind pfsense.
Yes, pfsense has to be booted before packets flow at all, so that may not be ideal. Works great for me, pfsense boots fast enough it makes almost no difference. Once you do this, you can usually pass whatever captive portal exists because you are natted behind the MAC and IP they are seeing.
2. Create a script that uses cURL to do a POST or whatever action is normally taken to get you into the system. For example, pfsense captive portal just wants a POST to a certain URL (when it's configured with no auth), and so you could do something like
curl --data "" http://firewall.ip:port/
At that point, you figure out how long before they idle you off, and schedule your script to run accordingly.
3. Clone the MAC address of a device that already passed the hotel's auth
This is a little trickier, I use an old smartphone for this. Basically, use the mobile device to pass the portal, then make your pfsense WAN interface bound to that MAC. I've done this many many times over the years with varying success.