Almost every page of the documentation focuses or contains the word Ad - it seems the emphasis is on generating leads (A Terminology implying spam or unsolicited mails).
Ehm, what do you mean?
Well, if you read through the Docs here,
There are a lot of references to Marketing - almost too many for my liking…
Hotspot / Captive Portal of OPNsense
This component, like the Traffic Shaper, seems to have originated in MonoWall, continued in PFsense, and landed now in OPNsense.
Advantages: All built into the firewall / router, can use external auth like LDAP, but also “internal” users.
I’m using this for Hotel Guests, and we’re proud of being one of the first Hotels in Switzerland to have always provided free WiFi Service…
Before, we used the captive portal for authentification (Internal Users / Voucher) for Hotel and/or Restaurant Guests. Since 3 years now, we have open access with a landing page.
I’m using the function “Traffic Shaper” with an emphasis on SMTP - that’s been our major problem in this setup. Hotel Guests with Laptops infested with trojans, and sending Spam from our IP - and getting us blocked by our Provider. This has worked far better than the tried commercial solutions like from Juniper. and costs far less! Since using Traffic Shaper (5 years now) Not a single issue!
Another function I’m using: DHCP Reservations and a selective Firewall Passthru. The Hotel Owner always works from his Laptop, has no desktop PC, and always works from the Hotel Hotspot, usually in the restarant. For this reason, certain Devices NEED access to the “Green” LAN, others only need Internet Access. I’m doing this by
Passing the Internal DNS Server to these Clients, instead of the Providers DNS. This way they can find the internal Mail Server.
DHCP splitting. We’re using a 172.16.0.0/16 Subnet. Reserved DHCP match the Network 172.16.0.0/24 (!), other DHCP start at 172.16.201.0/16. The Firewall will only allow the 172.16.0.0/24 Clients thru to the Green LAN.
As in the Icaro Hotspot docs, all our APs are in ONE LAN Network subnet. This subnet is specifically for Hotel Guests, with the exception of a few Laptops and a couple of Cameras for surveillance, which can’t be reasonably hooked to another LAN subnet (To far / No wiring / etc).
A combination of these features / best practice usage would certainly be advantageous in almost any situation, client, institution, or other potential user of a Hotspot.
My 2 cents