PFSense as a Captive Portal in a Virtual Machine Guest
-
Hello everyone. I've just joined the community so I'm sorry if this question has been asked before, and also I'm not sure this is the right section of the forum… :-[
It would be possible to have a configuration like this?
[img]http://www.idioblast.it/public/TestNet.pngI just want to know if it's possibile to configure pfSense in a Virtual guest machine and force the user to connect to the VM captive portal for authentication. Otherwise I will have to buy a new PC to put between the wif hotspot and the router? (The Windows 7 PC is used for managing antennas and the unifi controllers)
Thanks in advance for any suggestion.
Daniele -
Yes but generally your access points are bridges and are not considered a "hop."
Captive Portal doesn't care if it is virtual or physical.
Depending on how many interfaces you have you might need a managed switch VLANs.
I would create two VLANs sending the management VLAN untagged to the ubiquiti software and the access points. I would send a tagged VLAN out the same interface for the SSID and create an interface on the same VLAN and give it to pfSense as the CP interface.
That and I would probably do the whole thing in XenServer and not bother with Windows 7 but that's just me.
-
Hello, thank you for your reply.
I now have only one NIC installed, do you think it's possible with only one? Based on what you said I'll need at least 2 NIC… Makes more sense actually...Thank you for your XenServer suggestion, I'll give it a glance
-
Wait ….
WAN-IP = 192.168.1.1
LAN-IP = 192.168.1.2
AP = 192.168.1.4This will never work. You are breaking "Network rule number one".
Do a "VLAN trick" - or change the WAN-IP to (example) 10.0.0.1 or LAN IP to 192.168.2.1 (and think about not checking "Block private networks" on both interfaces LAN and WAN)
A "new PC" should be typically an old (== means not expensive) one, with some spare slots so you can put in some 5 $ NIC extension cards ... No more need to "VLAN" - you'll be having your portal on a separated (non LAN) interface. All will be perfect.
-
You will probably need a managed switch to do this with one physical interface. I don't get it though. With only one NIC how are you connecting both the AP and the modem?
