4

I got the following situation:

  • Two wan, load balanced by a hardware load balancing router
  • Wifi network (can be up to twenty AP's)

And I need the following:

  • Need a captive portal where clients can authorize and manage there accounts
  • Authorisation based on MAC
  • Paying online
  • Web proxy caching (Squid)

On most part of this setup I'm a newby on this. But I thought about it and came to set it up this way:

enter image description here

My questions are:

  • Is this setup even possible? (refering explecit to the ETH0 en ETH1 setup)
  • Do I need to run the DHCP server on the pfSense (set it up as a router) or enable the DHCP on the load balancing router?
  • All tips are welcome
Michel
  • 185
  • 1
  • 1
  • 8
  • 4
    +1 For drawing a helpful and nicely illustrated drawing for a topic that you are learning about :) – tegbains Jun 23 '13 at 18:24

1 Answers1

5

Everything you want to do (but the billing system) can be done by pfsense out of the box. Including load balancing - just add another NIC to your box.

Alex P.
  • 650
  • 4
  • 7
  • Thanks for the tip. Adding an extra NIC is possible. But the amount of external internet connection can grow up to 4. Any advice on running the dhcp on the router or the server? – Michel Jun 23 '13 at 09:01
  • 3
    if you are going to keep the load balancer - you do not need another router. You would just need a web server(to host the captive portal page) and a proxy server. This would not have to be a pfsense system. Personally I would rather keep the pfsense and let it do all the things above. It would handle multiple external interfaces with either multi-port NIC or VLAN config on a single NIC http://doc.pfsense.org/index.php/Multi-WAN_using_VLANs_with_pfSense – Alex P. Jun 23 '13 at 15:33
  • Thanks again, The current load balancer is also a router. I have now disabled the DHCP of the LB and enabled it a the LAN interface of the pfsense server. The reason I'll keep the load balancer is because we are using dynamic wan's and sometimes we need to add one extra wan for just one day. All work fine for now, even all AP's. Captive portal is running but I got some trouble with the authorization part. – Michel Jun 23 '13 at 20:29