Authorize thermostat

tratru · 25 August 2022 12:25

Hello everybody
I have a problem on the captive portal system, I should connect a thermostat that does not have a web interface to the WiFi system, how can I enter the access code?

hvacguy · 25 August 2022 13:10

Can you add its Mac address to blue access?
Not sure if that will work. But worth a try.

tratru · 25 August 2022 14:44

the problem is how do I enter the valid coupon to ensure that I have access to unlimited internet
from my thermostat

hvacguy · 25 August 2022 14:48

I understand that a coupon. Is not possible.
I am wondering if adding its Mac address access page will work instead of coupon.

tratru · 26 August 2022 07:50

I did not understand where I have to enter the mac address
on the blue network all devices are always authorized to access, the problem is if I do not insert the coupon it does not go out on the internet

hvacguy · 26 August 2022 10:30

Does this not work with Captive portal?

hvacguy · 27 August 2022 01:47

If this doesn’t work.
The only thing I would know to do is spoof the mac address of your t-stat
On a laptop.
Disconnect t-stat.
Connect laptop with spoofed mac address.
Add coupon then change laptop mac back.
And Connect t stat back to ipfire

hvacguy · 27 August 2022 11:25

My only question is.
Are you putting IOT devices on the same
Network you have other people on?
It would be reachable by them.
Is this isolated enough for you?
IOT will be calling home alot.

tratru · 27 August 2022 15:36

hello, I connect the thermostat on the same network where other people can connect, my thermostat has no interface reachable from the wifi and the traffic is very limited
so I don’t think I have any problems using the same network
the problem is how to make it navigate, all the tests did not give positive results

bbitsch · 27 August 2022 20:45

In a security view it may be acceptable to have both users and devices in the same network.
But there may be a difference in usage. If you admit internet access by Captive Portal ( only ), these must be usable by all members of the network. If the Captive Portal method is exclusive ( all must adher to the procedure ), IOT device must be capable of sending voucher ids or agree to the ‘Terms and Conditions’.
If this not possible, you cannot use the captive portal for access admission. My opinion.

EDIT: If you want to control webaccess only, you can try the ‘Classroom extensions’ of Squid proxy.

tratru · 28 August 2022 13:21

I would like not to mislead on the question posed, how to enable my thermostat using the wifi with the captive portal system.
However, I am aware that the choice is not the best but was dictated by some technical issues, the first of not having a second wifi for the site with the various complications and the drafting of a new network cable

tratru · 13 September 2022 16:04

Resolved
just edit the clients file located in the /var/ipfire/captive/ directory
adding the sequential number, network card macaddres, device ip, Epoch, valid Issued Coupons
for instance

10, aa: bb: cc: dd: ee: ff, 172.18.xx.xx, 1649011155,0, xxxxxxxx