> All valid, but a captive portal implementation by definition cannot be > transparent. It has to redirect hosts to an IP on one of its > interfaces to serve the portal content.
I once designed a prototype where the authentication interface was located on the outside of the firewall; the firewall had 3 interfaces: - one inside, IP less, bridged to the outside if - one outside, IP less, bridged to the inside if - one outside, with private IP, used for authentication But it was an homemade system and was not very reliable. > I'd just use a /30 on the WAN, and your public IP block on the LAN, > disable NAT, enable captive portal, and you're set. Of course. > You can still have the "remove the firewall" option by adding your LAN > IP on the upstream router if necessary, and removing the firewall. Of course too. Thanks, Olivier --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
