Differences

This shows you the differences between two versions of the page.

--- technical:pf-intro [2024/02/29 09:43] – [Introduction to pfSense] system
+++ technical:pf-intro [2024/02/29 10:44] (current) – system
@@ Line 9: / Line 9: @@
   *  We will configure the Captive Portal available in pfSense to integrate with RADIUSdesk and use RADIUS for authentication.
   * To do this, we will start with the simplest possible configuration, which we will build on later.
+===== Our setup =====
+  * As already mentioned, we have a very simple pfSense VM that acts as a router.
+  * There is a WAN port that is connected to the network with internet access.
+  * There is a LAN port where we want to activate the captive portal.
+<alert type="success">
+To access pfSense via the WAN port, you can temporarily disable the firewall with the following command
+<code sh>
+#Disable packet filter
+pfctl -d
+# Enable packet filter
+pfctl -e
+</code>
+</alert>
+  * Here you  can find instructions on how to permanently open HTTP access to the WAN port: https://www.vdtutorials.com/enabling-pfsense-2-5-2-administration-via-the-wan-interface/
+  * You will probably also need to add a similar rule for HTTPS.
+===== System -> User Manager =====
+  * pfSense groups  the configuration of LDAP and RADIUS servers under User Manager.
+  * You can specify multiple RADIUS servers under the **Authentication Servers** applet.
+  * We add our RADIUSdesk server here and select the **PAP** protocol.
+<panel type="primary">
+{{:technical:pf:pf_um_radius.png|}}
+</panel>
+  * Now everything is ready for the configuration of the captive portal.
+<panel type="primary">
+{{:technical:pf:pf_um_radius1.png|}}
+</panel>
+===== Add Captive Portal =====
+  * Go to the **Services** -> **Captive Portal** menu entry.
+  * Select **Add** to add a new zone.
+<panel type="primary">
+{{:technical:pf:pf_captive_add.png|}}
+</panel>