I want to create a captive portal with different restriction per user account/role (student and teacher).
- The
Teachercan have unrestricted access. - The
Studenthave restricted access. (only defined/allowed websites are accessible).
But upon my research/review on OpnSense Captive Portal Documentation, This is not possible because you can only configure firewall/captive portal settings per port/interface. In short, 1 Zone is 1 Interface.
I cannot modify the infrastructure/wiring or add another Wi-Fi access points since It's already installed and running. I can only configure them.
So my plan is:
- Setup 2 VLAN ID's (Interface) on a single physical ethernet port on OpnSense that is connected to the Wifi Access Points.
- Create two Captive Portals on OpnSense that uses the 2 VLAN Interface I created.
- Configure the Wifi Access Points to two SSID's (
Teacher Wifi&Student WiFi) and attach each SSID to specific VLAN ID I setup on OpnSense. - Configure OpnSense Website Filtering on the
Student WifiVLAN Interface.
To be honest, these are just my theories. I don't really know if this is a feasible or good workaround/setup. This is my first time in network setup/engineering. Please bear with me.
All I want to know is, Is this kind of setup possible? (kindly look for the diagram below to better understand my network setup plan). Please give me some tips/suggestions on how I can do it better. Thank you very much!
