Configure a Captive Portal (credit to MindTap)
Information given...
Explanation:
example...
You are a security analyst for a small corporate network. Make sure that guests that visit your company have limited access to internet. Use pfSense's captive portal feature. Guest must pass through this portal for internet access.
- Access pfSense managementconsole:
>Password: P@ssw0rd
- Add captive portal zone named WiFi-Guest
- Using GuestWi-Fi interface, configure your portal as follows:
> disconnect user from internet if inactive 15 minutes
>disconnect user after 45 minutes regardless of activity.
>Limit users downloads and uploads to 7000 and 2400 kbits
>force a pass through your portal prior to authentication,
- Allow the following MAC and IP address to pass through portal:
> IP: 198.28.1.100/16
-Give the IP address description Security analyst's laptop.
Complete as follows:
1. Sign into pfsense management console
a. Username: admin
b. Password: P@ssw0rd
c. sign in
2. Add a captive portal zone
a. menu bar select Services>Captive Portal
b. Add
c. Select zone name, enter WiFi-Guest
d. For zone description, enter Guest wireless access zone
e. Save and continue.
3.Enable and configure captive portal
a. under Captive Portal Configuration, select Enable.
b. >Interfaces, and select GuestWi-Fi
c. For maximum concurrent connections select 50.
d. Idle time out select 15
e. Hard time out enter 45
f. Scroll down and select Per-user bandwidth restriction.
g. For default download enter 7000
h. For default uploads select 2400
i. Under authentication select none, don't authenticate.
j. Save.
4. Allow MAC address to pass through the portal.
a.> Captive Portal> edit using the pencil
b. under Services > MACs
c. Add
d. Action field set to PASS
e. MAC address: 00:00:1C:11:22:33
f. Save.
5. Allow IP address to pass through portal.
a. Under Services, >Allowed IP addresses
b. Add
c. IP address: 198.28.1.100
d. drop down menu select 16
e. Description select Security analyst's laptop
f. direction set for both
g. save.
Comments
Post a Comment