Date: Wed, 3 Dec 2008 14:25:20 -0800 From: Christopher Cowart <ccowart@rescomp.berkeley.edu> To: Olivier Nicole <on@cs.ait.ac.th> Cc: freebsd-questions@freebsd.org Subject: Re: Firewall with bridged interfaces and captive portal Message-ID: <20081203222520.GA19693@hal.rescomp.berkeley.edu> In-Reply-To: <200812030508.mB358SUx095910@banyan.cs.ait.ac.th> References: <200812030508.mB358SUx095910@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
--0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Olivier Nicole wrote: > I need to implement a firewall with bridged interfaces that offers > captive portal (authentication before opening the traffic). [...] >=20 > Is there any solution that exists? >=20 > I looked at pfSense, but captive portal does not work on bridged > interfaces; it's one or the other. >=20 > Any other suggestion? Hello, We are using a combination of squid+ipfw. Although we are NATing the users, that really just introduces needless complexity that could be avoided with a bridging solution. Our web-app/captive portal/authentication program is written in-house; it's very tightly integrated with several existing pieces of infrastructure. I don't know if there are any solutions that will work out-of-the-box. I can get you more technical details if this is a direction you'd be interested in moving. --=20 Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iQIcBAEBAwAGBQJJNwdQAAoJEIGh6j3cHUNPDqoQAJFjjQyrrCAH8McW7oRUJlI3 /fBvH+Y2uaomi8K77h7bFRISH8L3wz0H2iS/Krmett/eP81Zj5gCW3krp+XNE/Kj qK2u8d+XffYS75lcE24IF9Bo30RAeI5WuRUHM/IZifKmmXGpwsxbK494XOzdLfcD dyUWC/wCLWQstxhBS78Ddce2YFvwzWli8OQOSsNyoRJ2c/1i5vVeL5CAWMm/aPtA twSYeQ/jXBxLNpCDjJi8yqscu+5CMXILCoKHcHCS/CokOC8qpLmTS4hqOPj1tP43 4xv7J1xm2eS5PLvYzKc2IYCqlaGAPpUKIN2cMCCNRObNpFJWSFgWAea7/c9Qhoz2 U8OMfzuuPmJhY8tBH9iZcCcCSXr20Pe42/OgIjgoSJj9TAGZAdb5X+yoz+cAMtY5 4vLKsXKWJEtDgJW7II8VBF2YP9zYEXeId4S4NQ3wjKyv0AQrHOv9wdX5+Dj240LQ twlMu7p5yflghAG8ePkd7qP9MQ5curdX+aRS7CDABTz4DrS4FNZBIP7xfIShql4+ Jj3TbVecRX2BV46dTAKe+jQA1C5M3m/DQstWGUjCPQ4YZFHz7/UpLTAmZdUV5bZJ L0y8i0fMVdrhFPrZVkruE8OwrUeW5NqobJ89EjyZ8eRT+iSlAONTYBCstEHkKWQS 8/bHh7/4tbKa8ee9sh8y =f9Ec -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081203222520.GA19693>