Accept terms of use before surfing in Internet

NethServer Version: 7.7.1908
Module: Apache, WLAN

Hi,
I’m searching for a solution for a customer requirement. They want to have a page, where WLAN users have to accept the terms of use.
Nethserver will be a firewall with IPS and a vpn server, perhaps a proxy to. There will be a green network for lan clients in a domain with a windows 2016 ad server, the red one for internet and a blue one as guest WLAN.
I’ve read the following thread:

but a solution with nethserver would be fine.
@robb If it is not possible, do we need a special server for the ubiquity hotspots?
Thanks in advance.

Hi

What you’re looking for is called a “Captive Portal”. No matter what you enter in for URL, you’ll land there. From there, system and rules permitting, you can go where you want.

NethServer can do this, but I use for such situations OPNsense, which will run well on Hardware or as a VM. That has a full captive portal solution on board, all included, no external Apps, Subscriptions needed.

Or you can use the NethServer “Dedalo” plug-In (From your Software interface)
Dedalo does have a sort of captive portal built in.

But, like i said, i prefer “guests” not having any access to my clients NethServers, and doing that on a small box dedicated for that.
Can also save a lot of routing / fw headaches… :slight_smile:

I’m using this in a Hotel environment, with plenty of usage.
All rooms have a mini hot spot wlan dedicated for each room.
Working for several years now, without probs.

My 2 cents
Andy

2 Likes

Thanks for your quick answer, I’ll have a look at both solutions.

Michael

@m.traeumner

Both solutions work, you can offer both to your client, with background infos, and let him decide.
My client did not want hotel guests even getting close (IP wise…) to the NethServer, as that runs AD, Mail, File, Nextcloud, Zabbix Monitoring and internal Proxy.

Guests are in a separated Network, with their own internet connection.
There is a ip connection, we limit it to the 172.16.0.0/24 out of 172.16.0.0/16 subnet. All Guests get higher IPs from the Router, but a few boxes have reserved MAC / IP (and captive portal passthru!), eg Credit-Card POS, surveillance cameras, the bosses laptop :-), and mine too…

The Admin (Verwaltungsnetz) has full Internet Failover, but no wlan.

There are two OPNsense Firewalls, one for each network, and a connection between both networks.
Routing for the lower IP WLan clients is specially provided by the DHCP (OPNsense).

All in all, three internet connections are available, using for failover two different technologies (Cable & VDSL)…

So best of both worlds… :slight_smile:

Gruss
Andy

1 Like

Just to throw another possibility into the mix, if you’re using Ubiquiti hotspots, their controller software (free) can also operate a captive portal–you have lots of options.

1 Like

The company has really cool & good stuff, but the some of the really coolest seem to be export restricted… (This last bit of info is dated, i stand corrected :slight_smile: )

Ubiquiti now has a full european online shop.

But, Upatre trogan issues on the commercial (home users) AirOS…

Ubiquiti also has cool reporting features, eg using the Zabbix Add-On (For Zabbix Monitoring!).
Ubiquiti has some sort of API for that (not quite sure how it works…)

I should have been more specific; I’m talking about the Unifi line of products–they have other product lines I haven’t worked with. The Unifi products/controller will handle this task, including validating a password or voucher code if desired. And depending on how you decide to run the controller, you may not need to do anything at all on your Neth box or your router to support this feature.

Anyway, just another way to skin the cat–I use the Unifi stuff at home and like it.

1 Like

O, I quite agree they have cool & good stuff.
Me like :slight_smile:

But when I last looked at it, maybe 2-3 years ago,it was still “hard to get” here in Switzerland…
Now, things are much better available, since they have a european shop.

Will get one soon, need a new WiFi at home soon.

:slight_smile:

I’ve a dealer for it here too, this is no problem.