News: This forum is now permanently frozen.
Pages: [1]
Topic: PPTP to access AP's behind Captive Portal Interface  (Read 2134 times)
« on: December 24, 2008, 18:34:04 »
utopas *
Posts: 5

Hello

I would like to access the monowall from the wan over a pptp connection to configure access points connected to the captive portal interface.

I have a 3-port alix board and activated the captive portal on 3rd interface.
I was able to get a pptp connection from the wan and manage all devices in lan segment.
As soon I modify the connection to a captive portal interface ip address and connect, I can only access the monowall itself, but no devices behind.

I did already a lot of testing with different firewall rules on the captive portal side, but unsuccessful.

Any ideas ?
thanks
« Reply #1 on: January 28, 2009, 17:28:59 »
dNide *
Posts: 14

I am having a similar issue and I have tried to add the MAC address for the device behind the captive portal to the "Pass-through MAC" section.

Any insightful suggestions?
« Reply #2 on: January 28, 2009, 18:46:25 »
dNide *
Posts: 14

ANSWER:  Add the device's IP number in the "Allowed IP addresses" to give it access to and from the captive portal.

Nota Bene:  This is also what needs to be done when allowing devices to be accessed outside the LAN, in conjunction with setting up the proper Port and NAT mappings.  I almost feel that I should create a thread in the captive portal section just because I'm sure this particular issue is something many people will run into, without clear reasoning that it is the captive portal acting as a pseudo-firewall.


I'm guessing it is a "bug" or an oversight in the design that the "Pass-through MAC" list doesn't work for this and  the "Allowed IP addresses" does.  Maybe someone could pass this along to the dev team.


(Reference: http://forum.pfsense.org/index.php/topic,1088.0.html)
« Last Edit: January 28, 2009, 18:51:35 by dNide »
« Reply #3 on: January 28, 2009, 20:49:30 »
utopas *
Posts: 5

I found for myself a solution:

- in PPTP I did reserve a IP for my user account
- in Captive Portal, Allowed IP addresses I added this address as "to" rule

works now for me, I get access...
sometimes the ap's login cgi's time out while accessing over pptp, but I thinks it's ap specific, i.e. ZYXEL NWA-1100

If somebody is interested, I enhanced the Captive Portal with following features(only in the embedded 1.3b15 changed):
- added free hosts, so hostnames may be entered
- added news, so dynamic messages can be displayed on Start Page
- added last login feature for user accounts

please mail me utopas (at) gmail.com if somebody is interested in testing it, I am running it on a alix 3port board.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines