Netgate SG-1000 microFirewall

Author Topic: MAC Filtering and MAC Authentication  (Read 87 times)

0 Members and 1 Guest are viewing this topic.

Offline wallacegerheim

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
MAC Filtering and MAC Authentication
« on: February 06, 2018, 11:40:31 am »
Hello,

I have an environment where wireless clients authenticate through a PfSense Captive Portal. On my first implementation I extended VLAN from PfSense to the switch where the client Access Point connects. It's a bad scenario because I extended my broadcast domain through my L3 Switches.
On my second scenario I disabled MAC Filtering feature in the PfSense Captive Portal Zone. It is much better because is more escalable and I isolate my broadcast domain. The problem with this implementation is that in my entreprise some users authenticates automatically with MAC and others with username/password.
My question is: does someone implemented a scenario where both MAC authentication and username/password coexists?

Thanks.
--
Wallace Knopp de Menezes Gerheim

Offline wallacegerheim

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: MAC Filtering and MAC Authentication
« Reply #1 on: February 06, 2018, 11:47:46 am »
I drawn my scenario to make an easy explaning.

Offline wallacegerheim

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: MAC Filtering and MAC Authentication
« Reply #2 on: February 07, 2018, 04:46:54 am »
I figured a solution to take the MAC address from the DHCP lease and somehow give to the Captive Portal to authenticate through Freeradius. I still don't know how to do it but I'm walking on this way.