Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: run('Jimbo'); on October 24, 2024, 06:19:40 PM

Title: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 24, 2024, 06:19:40 PM
Hi, is it possible to run captive portal on a different domain/ip so that I'm not sharing my router domain?

Thanks :o
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 10:26:19 AM
Any pointers?  :)

Thanks
Title: Re: Captive Portal on Different Domain
Post by: dseven on October 25, 2024, 11:13:02 AM
What do you mean by "sharing my router domain"?

You can specify a Hostname in the captive portal configuration, but clients must still be able to resolve that to the IP address that the capture portal service is listening on.

What problem are you trying to solve?
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 11:55:29 AM
I have vlans and for them to access the portal they are redirected to the router domain.. Is it possible to run the portal on a different domain so guests etc can't see the root domain...

Thanks
Title: Re: Captive Portal on Different Domain
Post by: dseven on October 25, 2024, 12:07:23 PM
I'm still not sure what it is that you're trying to accomplish ... but you can put whatever hostname you want in the captive portal configuration, so long as the clients can resolve it to the IP address that the captive portal is listening on. You could use a host override in Unbound DNS with some fake hostname/domain.....
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 12:51:06 PM
Yeah the unbound DNS override is sort of what I mean but I wanted it to run on a different ip also so there is no way a user could get the ip for the router...

Thanks
Title: Re: Captive Portal on Different Domain
Post by: dseven on October 25, 2024, 12:54:13 PM
The IP of the router is going to be the gateway for the clients. There is no way to hide that.
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 01:14:04 PM
I know that, that's why I was asking if I can run it on a different domain/IP :)

Thanks
Title: Re: Captive Portal on Different Domain
Post by: Patrick M. Hausen on October 25, 2024, 01:15:38 PM
Quote from: run('Jimbo'); on October 25, 2024, 01:14:04 PM
I know that, that's why I was asking if I can run it on a different domain/IP :)
But your clients will still have the router as their default GW, so they know the router IP, anyway.
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 01:17:44 PM
They are on vlans with there own subnets/gateways...

Thanks
Title: Re: Captive Portal on Different Domain
Post by: Patrick M. Hausen on October 25, 2024, 01:19:35 PM
And each of these gateways is your router, isn't it?
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 01:24:07 PM
Course, but the firewall blocks all private networks so they can't ping the router...

Thanks
Title: Re: Captive Portal on Different Domain
Post by: dseven on October 25, 2024, 01:34:04 PM
The IP address used for the captive portal is the same IP address used by clients as their gateway. You can't hide it.
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 01:36:15 PM
Ok, thanks
Title: Re: Captive Portal on Different Domain
Post by: dseven on October 25, 2024, 01:40:22 PM
You could actually create a loopback interface, and give it any IP address you like, and use that (either directly or through a DNS host override) as the captive portal hostname... but I still don't really see any value in that, unless you think that hiding the fact that the captive portal is running on the firewall itself has some value......
Title: Re: Captive Portal on Different Domain
Post by: run('Jimbo'); on October 25, 2024, 02:24:41 PM
Yup, the idea was to separate the two some how...

Thanks
Text only | Text with Images