Results 1 to 10 of 10
  1. #1
    Newbie
    Join Date
    Mar 2017
    Posts
    9

    Default Bypass Captive Portal with another Access Point

    Hello. I have 4 access points throughout our building that our end-users connect to and need to authenticate via the Captive Portal. Is there anyway to add a 5th router that I can use and have it not authenticate via Captive Portal? For example, I want a SSID called Information Technology and when users connect to the AP via a WPA2-PSK key.. they wouldn't need to authenticate to Captive Portal.. I have tried setting up a rule, but have failed to get it working correctly.. Maybe I am doing something wrong? Any help is appreciated!

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    6,070

    Default

    Is that 5th one a router or access point? You use both terms to describe it.

    If it's a router and using NAT, then all the traffic from that device will show as one IP address so just bypass than IP address.

    If it's an access point, does it support VLANs? If so then configure the VLAN for that device to match a VLAN interface on the Untangle and bypass traffic from than VLAN interface.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Mar 2017
    Posts
    9

    Default

    Sorry for the confusion. It is a Linksys WAP300N Access Point so it does not support VLAN's.

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    6,070

    Default

    Do you have an empty NIC on the Untangle? If so plug the Linksys into the separate NIC and bypass traffic from that NIC interface.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    16,478

    Default

    Yeah, as jcoffin is implying, you just need to find a way to differentiate which WAP the traffic is coming from.
    You could use a separate NIC, separate VLAN. if it has a different ip range, that will work. If its doing NAT, the source IP would work.
    Any way would work.

    Then just craft your capture rules to not capture that traffic.
    Or setup a policy rule to send it to a different policy altogether without captive portal installed.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Newbie
    Join Date
    Mar 2017
    Posts
    9

    Default

    Hello again. Sorry for the late reply. Here is what I did.. I added a USB NIC to the untangle server and that from that NIC, I ran an Ethernet cord into the back of the back of the Linksys AP. I went into Captive Portal and then set up a rule that when the source interface is the USB NIC, the action type would be PASS which I thought would pass the traffic through the AP without having to log on through the captive portal.. I was wrong. What am I doing wrong here? Essentially I just want to connect a few phones through our other access point with just using a WPA2 password but they wouldn't need to authenticate through Captive Portal. Also forgot to mention that when I set up the USB NIC in the network config, Config Type: Bridged and then Bridge to: internal.. Maybe I have something wrong here? thanks guys!
    Last edited by brandonmace1; 06-15-2017 at 11:31 AM.

  7. #7
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    16,478

    Default

    Post a screenshot of your rules.

    Also USB nics perform terribly.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Newbie
    Join Date
    Mar 2017
    Posts
    9

    Default

    2017-06-15_14h21_02.png
    2017-06-15_14h21_21.png

    I should probably rebuild the Untangle server. I have it running on a Optiplex 780 right now with two PCI NIC cards. I am looking to rebuild it inside of a Optiplex 7010 computer. What three gigabit NIC cards would you recommend, that aren't real expensive? Thanks!

  9. #9
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    16,478

    Default

    If they are in that order that's the wrong order. Rules are evaluated in order


    Or just change the first rules v to capture only the interfaces you want and just have one rule.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Newbie
    Join Date
    Mar 2017
    Posts
    9

    Default

    Looks like changing the rule order did the trick! Guess I didn't know the rules were evaluated in that order. What 10/100/1000 PCI NIC card would you recommend for building the replacement server? thanks again.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2