On Wed, Jun 8, 2011 at 1:22 PM, Roberto Nunnari <roberto.nunn...@supsi.ch> wrote: > Hi all. > > I'm new to pfSense, and I'd like to get some help. > > I just trying to set up a captive portal using pfSense 2.0-RC1 > Up to now it works like a charm and if our requirements will > be satisfied, we'll go with pfSense. > > In any case, pfSense looks like a great software. > Congratulations to the developers and all contributors. > > My setup should be something like this: > > ------------ > | internet | > ------------ > | > ----------------------- > | department firewall | -------------- > ----------------------- | freeradius | > | | -------------- > | | | > | ------- dep. network ------- > | > ----------- > | pfsense | > ----------- > | | | > | | --------- captive network 1 ---------- > | --------- captive network 2 ---------- > --------- captive network n ---------- > > > I hope the above schema made it through correctly, > keeping spaces and monospaced font.. > > pfSense HW will have > - 1 nic on the dep. network > - 9 to 12 nic for captive networks (all ethernet) > > Authentication will be done on a freeradius server > on the department network. > > we would like to, and we I ask for the experts advice/hints: > > 1) be able to reach the administrative interface (http/ssh) > from the department network, that to my understanding > should be the wan interface. >
Just need to add a firewall rule to allow that. > 2) given the wan nic address, as seen by the dep firewall, > be able to track down a client (or at least the captive network) > Either route the traffic so the original source IP is retained, or NAT each subnet to a unique virtual IP. The former is probably better in such an environment. --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
