Firstly a big thank for this great howto. Detailed and comprehensive.
Now, I apologize, I'm a newbee about pfSense (although an experienced Linux/PHP/DB/ecc. programmer), so my question might be trivial.
The network I'm trying to setup with your captive portal feature has a router (Zyxel) with REDIUS support. The router is also configured to act as DHCP server for my local network. Actually my pfSense machine/installation will be used ONLY for RADIUS/CaptivePortal authentication. In other words, my pfSense installation is configured in "appliance" mode, i.e. with the only one eth interface (WAN) enabled. I've configured the router to assign a static IP to my pfSense server.
The point now is this. When I create a CP zone in the WebConfigurator, at the bottom of the page I read the following hint:
Don't forget to enable the DHCP server on the captive portal interface! Make sure that the default/maximum DHCP lease time is higher than the hard timeout entered on this page. Also, the DNS Forwarder or Resolver must be enabled for DNS lookups by unauthenticated clients to work.
What about the DHCP server on the CP interface? Do I need to disable the router's DHCP server, in order to have pfSense assign all the mess, or is there another way to configure the DNS resolver?
Thanks again for the great howto and any suggestion you'll give.