You are on page 1of 8

Captive portal trn nn Pfsense 1.

/gii thiu: Captive portal l 1 tnh nng thuc dng flexible, ch c trn cc firewall thng mi ln. tnh nng ny gip redirect trnh duyt ca ngi dng vo 1 trang web nh sn, t gip chng ta c th qun l c ngi dng (hoc cm khng cho ngi khc dng mng ca mnh). Tnh nng ny tin tin hn cc kiu dng nhp nh WPA, WPA2 ch ngi dng s thao tc trc tip vi 1 trang web (http, https) ch khng phi l bng ng nhp kh khang nh kiu authentication WPA, WPA2.

2./ci t: Tnh nng captive portal nm mc Services/captive portal

Captive portal c cc tnh nng chnh: Captive portal: tinh chnh cc chc nng ca Captive Portal. Pass-though MAC: cc MAC address c cu hnh trong mc ny s c b qua, khng authentication. Allowed IP address: cc IP address c cu hnh s khng authentication. Users: to local user dng kiu authentication: local user Hai tnh nng Pass-though MAC v Allowed IP address c dng cu hnh server.

File Manager: upload trang qun l ca Captive portal ln pfsense.

3./ cc tnh nng trong menu Captive portal:

Enable captive portal: nh du chn nu mun s dng captive portal. Maximum concurrent connections: gii hn cc connection trn mi ip/user/mac Idle timeout: nu mi ip khng cn truyy cp mng trong 1 thi gian xc nh th s ngt kt ni ca ip/user/mac . Hard timeout: gii hn thi gian kt ni ca mi ip/users/mac. Logout popup windows: xut hin 1 popup thng bo cho ip/user/mac Redirect URL: a ch URL m ngi dng s c direct ti sau khi ng nhp (trang cm n...).

MAC filtering: nh du vo nu pfsense nm trc router. Bi v pfsense qun l kt ni theo MAC (mc nh). M khi d liu qua Router s b thay i mac address nn nu timeout th ton b ngi dng s mt kt ni. Authentication: chn kiu authentication. Pfsense h tr 3 kiu: No authentication: pfsense s iu hng ngi dng ti 1 trang nht nh m khng chng thc. Local user manager: pfsense h tr to user authentication. Radius authentication: authentication bng radius server (cn ch ra a ch ip ca radius, port, ...)

HTTPS login: dng https. https sever name: tn server cu hnh trong trang portal. https certificate/private key: kiu chng thc https. Portal page contents dng up file portal ln pfsense. Trang portal c dng: <form method="post" action="$PORTAL_ACTION$"> <input name="auth_user" type="text"> <input name="auth_pass" type="password"> <input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"> <input name="accept" type="submit" value="Continue"> </form>

4./ cu hnh captive portal dng tnh nng local users (tng t cho radius):

u tin ta chn interface p captive portal: chn LAN nu l mng ni b, hoc cc OPT cho vng DMZ... gii hn ngi dng ti file hoc dng trnh p2p ta ch cho 1 ngi dng 10 connections. Do pfsense thng ci trn cc my c, chm nn ta t idle time out khong 5 pht gim ti cho pfsense. Ta Hard timeout l 0 v c th nh du hoc khng nh du vo mc logout popup window nh du vo concurrent user login nu mun trong 1 thi im ch c 1 user ng nhp. v ta authentication kiu local user nn khng quan tm ti cc mc trong authentication with radius.

Sau , ta to trang index.htm c ni dung:

<form method="post" action="$PORTAL_ACTION$"> <input name="auth_user" type="text"> <input name="auth_pass" type="password"> <input name="redirurl" type="hidden" value="$PORTAL_REDIRURL$"> <input name="accept" type="submit" value="Continue"> </form> Ri chn browse trong portal page content ri up file ny ln. Ri bm SAVE lu li.

Cui cng ta to user trong tab user ca captive portal.

G th www.google.com.vn t 1 my trong mng ta thy pfsense a ta n bng ng nhp: Sau khi in user/pass vo ta s c a ti www.google.com.vn (nu nh khng cu hnh url directing)

You might also like