Hello everybody
I have a problem on the captive portal system, I should connect a thermostat that does not have a web interface to the WiFi system, how can I enter the access code?
Can you add its Mac address to blue access?
Not sure if that will work. But worth a try.
the problem is how do I enter the valid coupon to ensure that I have access to unlimited internet
from my thermostat
I understand that a coupon. Is not possible.
I am wondering if adding its Mac address access page will work instead of coupon.
I did not understand where I have to enter the mac address
on the blue network all devices are always authorized to access, the problem is if I do not insert the coupon it does not go out on the internet
Does this not work with Captive portal?
If this doesn’t work.
The only thing I would know to do is spoof the mac address of your t-stat
On a laptop.
Disconnect t-stat.
Connect laptop with spoofed mac address.
Add coupon then change laptop mac back.
And Connect t stat back to ipfire
1 Like
My only question is.
Are you putting IOT devices on the same
Network you have other people on?
It would be reachable by them.
Is this isolated enough for you?
IOT will be calling home alot.
1 Like
hello, I connect the thermostat on the same network where other people can connect, my thermostat has no interface reachable from the wifi and the traffic is very limited
so I don’t think I have any problems using the same network
the problem is how to make it navigate, all the tests did not give positive results
In a security view it may be acceptable to have both users and devices in the same network.
But there may be a difference in usage. If you admit internet access by Captive Portal ( only ), these must be usable by all members of the network. If the Captive Portal method is exclusive ( all must adher to the procedure ), IOT device must be capable of sending voucher ids or agree to the ‘Terms and Conditions’.
If this not possible, you cannot use the captive portal for access admission. My opinion.
EDIT: If you want to control webaccess only, you can try the ‘Classroom extensions’ of Squid proxy.
I would like not to mislead on the question posed, how to enable my thermostat using the wifi with the captive portal system.
However, I am aware that the choice is not the best but was dictated by some technical issues, the first of not having a second wifi for the site with the various complications and the drafting of a new network cable
Resolved
just edit the clients file located in the /var/ipfire/captive/ directory
adding the sequential number, network card macaddres, device ip, Epoch, valid Issued Coupons
for instance
10, aa: bb: cc: dd: ee: ff, 172.18.xx.xx, 1649011155,0, xxxxxxxx
4 Likes
hello after a few updates, I repeated the same procedure adding a new IOT device but the method I indicated no longer works
does anyone have any ideas on how to get around the problem or what has changed
it would be great to be able to manually insert devices without having to go through the voucher
In CU192 the code related to showing the uploaded image on the Captive Portal was modified to enable the image display to work again. It had stopped working since CU188.
However the code changes involved in their had no impact or modification to what is stored in the settings file or the voucher coupon.
Maybe there is some way to add in a whitelist type approach to allow certain users to be able to connect without a voucher. However I have no idea how at the moment and it will be some time before I can have a look at that.
I will try and test out, later this week, on my vm testbed adding the info to the clients file manually and see if I can get it to work or not.
hello and thanks for your reply, I remembered the image change, but I don’t think that change affects my problem
the change I reported a few years ago still works today, but if I do it today to add a new device it doesn’t work.
I’ll try to do further tests, if you have any advice to solve the problem I would be grateful
I managed to get some time and just tried your method on my CU195 Testing system and it worked.
After starting up the PC to be connected I tried to ping ipfire.org. For around a minute or so it failed to make the connection but then after a minute it worked fine. I could connect to the internet with that machine and I never went near a browser page.
I then shut down the PC and the IPFire and then after a while turned them back on again and connection just worked, so it appears that the first time round when the line has first been added to the clients line that it takes a period of time for it to pick up this information and accept it but after that it just works for me.
So I think either you have not waited long enough at the first time for it to get connected or maybe there is some error in the line added into the clients file.
hello and thanks for the answer and the time spent to perform the test,
but let me give an added value to your answer and to my solution proposed a few years ago, which after the tests carried out last night I confirm that it works perfectly.
but from the tests carried out, I do not think it is a question of time because it did not work before, unless the time is very long, I would say over an hour or a little less,
I think the difference is restarting the firewall, or some service but I have not yet understood which, if I have time and desire I will try to understand it