4. [Solved] Captive Portal Thru Lan -> Wireless AP

[Solved] Captive Portal Thru Lan -> Wireless AP

  • G

    Hi All,

    I am new to PFSense 2.3 and working out my pfsensebox project for about 1 month now,

    *Squid3
    *Squidguard
    *fw rule bandwidth limiter

    i plan to setup Captive Portal.

    my current setup is:

    ISP1 –---> WAN1 (Public IP)     
                                                PFSense ----> LAN (192.168.0.1/24) ---> Switch ---> Clients
    ISP2 -----> WAN2 (Public IP)

    i want my setup to be like this:

    ISP1 ---> WAN1 (Public IP)                                                                                ---> Clients
                                                PFSense ---> LAN (192.168.0.1/23)  ---> Switch
    ISP2 -=-> WAN2 (Public IP)                                                                                ---> Wireless Router for Captive Portal

    My LAN DHCP config

    192.168.0.2 - 192.168.0.254 = static clients (pc + portable devices etc)
    available range: 192.168.1.2 - 192.168.1.254 for captive portal

    Is this setup possible or do i need another interface?

    thanks.

    0
  • B

    Hello ghinthsh,

    I believe you need another interface so that your static clients will not be captured by your captive portal.
    Or, you can manually add allowed IP addresses in the Services>Captive Portal>YourZone>Allowed IP Addreses.

    Hope it helps…

    0
  • G

    you're right benpal.

    i tried it a while ago, even the client is registered in dhcp it forces to cp authentication page.

    thanks.

    0

  • @ghinthsh:

    i tried it a while ago, even the client is registered in dhcp it forces to cp authentication page.

    @benpal wasn't talking about adding known client to the DHCP server (which you should do also).
    This is what he said:
    @benpal:

    Services>Captive Portal>YourZone>Allowed IP Addreses

    Afterwards, clients with these IP's are NOT taken to the captive login page, they will have access right away.

    Btw :  if possible, run the Captive portal on a dedicated interface. Makes live easier … Captive Portal doesn't really belong on the LAN interface.

    0
  • G

    i @Gertjan:

    @ghinthsh:

    i tried it a while ago, even the client is registered in dhcp it forces to cp authentication page.

    @benpal wasn't talking about adding known client to the DHCP server (which you should do also).
    This is what he said:
    @benpal:

    Services>Captive Portal>YourZone>Allowed IP Addreses

    Afterwards, clients with these IP's are NOT taken to the captive login page, they will have access right away.

    Btw :  if possible, run the Captive portal on a dedicated interface. Makes live easier … Captive Portal doesn't really belong on the LAN interface.

    its clear to me now thanks :)

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy