Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Nov 2014 11:44:20 +0700
From:      Olivier Nicole <olivier.nicole@cs.ait.ac.th>
To:        Martin Hanson <greencoppermine@yandex.com>
Cc:        FreeBSD Questions Mailing List <freebsd-questions@freebsd.org>
Subject:   Re: Captive portal with forced IP?
Message-ID:  <CA+g+BvjiTvZU+_C5Ugo1g+bQuz9HoezFokq_jXgefvRsP_3+Lg@mail.gmail.com>
In-Reply-To: <754511415658833@web4j.yandex.ru>
References:  <754511415658833@web4j.yandex.ru>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Hi Martin,

> Does there exist something which requires users to login, but at the same time forces a specific IP to their account?
>
> So if they spoof their mac/ip they cannot login using their normal credentials - they get logged out and looses access?
>
> In this case a user would not only be required to login with his credentials before he can access the network, but his box would also be bound to a specific IP and MAC, which then would have some restrictions due to the firewall.

Instead of forcing a fixed IP, I would look for some captive
portal+firewall that creates dynamic filtering rules depending on the
username:

- the user's machine gets on the network and acquire a dynamic IP
- the user connects to the captive portal
- the firewall updates the filtering rules for the IP being used by the user

That would be more flexible.

Best regards,

Olivier

>
> I know this is not 100% FreeBSD specific, but I want this to run on FreeBSD and are wondering how others perhaps are doing it.
>
> Thanks and kind regards!
>
> Martin
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?CA+g+BvjiTvZU+_C5Ugo1g+bQuz9HoezFokq_jXgefvRsP_3+Lg>