[Solved] Captive Portal Thru Lan -> Wireless AP



  • Hi All,

    I am new to PFSense 2.3 and working out my pfsensebox project for about 1 month now,

    *Squid3
    *Squidguard
    *fw rule bandwidth limiter

    i plan to setup Captive Portal.

    my current setup is:

    ISP1 –---> WAN1 (Public IP)     
                                                PFSense ----> LAN (192.168.0.1/24) ---> Switch ---> Clients
    ISP2 -----> WAN2 (Public IP)

    i want my setup to be like this:

    ISP1 ---> WAN1 (Public IP)                                                                                ---> Clients
                                                PFSense ---> LAN (192.168.0.1/23)  ---> Switch
    ISP2 -=-> WAN2 (Public IP)                                                                                ---> Wireless Router for Captive Portal

    My LAN DHCP config

    192.168.0.2 - 192.168.0.254 = static clients (pc + portable devices etc)
    available range: 192.168.1.2 - 192.168.1.254 for captive portal

    Is this setup possible or do i need another interface?

    thanks.



  • Hello ghinthsh,

    I believe you need another interface so that your static clients will not be captured by your captive portal.
    Or, you can manually add allowed IP addresses in the Services>Captive Portal>YourZone>Allowed IP Addreses.

    Hope it helps…



  • you're right benpal.

    i tried it a while ago, even the client is registered in dhcp it forces to cp authentication page.

    thanks.



  • @ghinthsh:

    i tried it a while ago, even the client is registered in dhcp it forces to cp authentication page.

    @benpal wasn't talking about adding known client to the DHCP server (which you should do also).
    This is what he said:
    @benpal:

    Services>Captive Portal>YourZone>Allowed IP Addreses

    Afterwards, clients with these IP's are NOT taken to the captive login page, they will have access right away.

    Btw :  if possible, run the Captive portal on a dedicated interface. Makes live easier … Captive Portal doesn't really belong on the LAN interface.



  • i @Gertjan:

    @ghinthsh:

    i tried it a while ago, even the client is registered in dhcp it forces to cp authentication page.

    @benpal wasn't talking about adding known client to the DHCP server (which you should do also).
    This is what he said:
    @benpal:

    Services>Captive Portal>YourZone>Allowed IP Addreses

    Afterwards, clients with these IP's are NOT taken to the captive login page, they will have access right away.

    Btw :  if possible, run the Captive portal on a dedicated interface. Makes live easier … Captive Portal doesn't really belong on the LAN interface.

    its clear to me now thanks :)


Log in to reply