# external captive portal authentication



## serhansezgin (May 6, 2015)

Hi, do you have any knowledge about how can we do, external radius authentication and external captive portal authentication.

unauthenticated local clients---------firewalls(cyberoam or pfsense or mikrotik)---------adsl modem---------internet------------cloud----------pfsense(radius srv and captive portal)


we want to when an unauthenticated user wants to connect to internet the remote extermal captive portal page comes in front of them.
how can we do this, how can we write the api for this, can you please show me the way, i am trying to solve this issue for weeks.

i find this one, but this is only comes to the external captive portal page infront of the user, but when user authenticated, login to the local captive portal, we want to login to the external site's (pfsense behind the cloud in this case) captive portal.
this case external captive portal page comes to in front of the user, and remote radius authentication is ok too. but we want to login external captive portal not the local one.
How to redirect hotspot login page to new external server - MikroTik RouterOS
HotSpot external login page - MikroTik Wiki


Please Help with automatic Hotspot login - MikroTik RouterOS

Redirect Hotspot Login Page - MikroTik RouterOS



and also there are methods for api writing here,

Adding Features to the Hotspot Webpages - MikroTik RouterOS



Hotspot radius session control over API from external portal - MikroTik RouterOS



Hotspot & Radius - sending additional parameters - MikroTik RouterOS



Integrating Facebook Connect with Hotspot Login / Authent .. - MikroTik RouterOS





https://forum.pfsense.org/index.php?topic=46015.0 



i wrote that the method should be api writing and transfer the credentials from local site's login.html to the remote site's login.php.

we have a portal page and it is working in local solutions with mikrotik or cyberoam or pfsense, but when we want to external captive portal authentication and want to write the user to this external captive portal and its mysql database, we can not be successful. Can you please help me.


----------



## serhansezgin (May 6, 2015)

Hi, we designed the index.html in the mikrotik/hotdpot folder and designed the index.php under the pfsense captive portal and made the necessary changes in the identificationcheck.php file in the pfsense captive portal file manager. now we can authenticate the unauthenticated users on the pfsense captive portal, but we can not go out to the internet, always the same captive portal page comes even auth the user. we can see the user in pfsense captive portal, successfully login ok, and see the user on the pfsense ghost radcheck database too(we do it by arranging the identificationcheck.php file, we made write the values to the database), but we see the microtik's outside interface's ip in this database. 

the client ip is 192.168.88.254, this client goes to mikrotik which is 192.168.88.1 and mikrotic's outside interface is 192.168.1.13, this interface connected to pfsense, which is 192.168.1.10 and pfsense wan interface pppoe to adsl modem. 

in the pfsense's ghost database we can see the 192.168.1.13 which is mikrotik's outside interface, we thought that we must see the clients ip 192.168.88.254 here to allow the client to go to the internet. how can we write this to the mysql database in pfsense?


is the problem that? how can i troubleshoot this issue, how can i understand what is the problem? can you please show me the way?


----------

