-----
====== Introduction to pfSense ======
* We will configure the Captive Portal available in pfSense to integrate with RADIUSdesk and use RADIUS for authentication.
* To do this, we will start with the simplest possible configuration, which we will build on later.
===== Our setup =====
* As already mentioned, we have a very simple pfSense VM that acts as a router.
* There is a WAN port that is connected to the network with internet access.
* There is a LAN port where we want to activate the captive portal.
To access pfSense via the WAN port, you can temporarily disable the firewall with the following command
#Disable packet filter
pfctl -d
# Enable packet filter
pfctl -e
* Here you can find instructions on how to permanently open HTTP access to the WAN port: https://www.vdtutorials.com/enabling-pfsense-2-5-2-administration-via-the-wan-interface/
* You will probably also need to add a similar rule for HTTPS.
===== System -> User Manager =====
* pfSense groups the configuration of LDAP and RADIUS servers under User Manager.
* You can specify multiple RADIUS servers under the **Authentication Servers** applet.
* We add our RADIUSdesk server here and select the **PAP** protocol.
{{:technical:pf:pf_um_radius.png|}}
* Now everything is ready for the configuration of the captive portal.
{{:technical:pf:pf_um_radius1.png|}}
===== Add Captive Portal =====
* Go to the **Services** -> **Captive Portal** menu entry.
* Select **Add** to add a new zone.
{{:technical:pf:pf_captive_add.png|}}