I want to create a captive portal with different restriction per user account/role (student and teacher).
- The
Teacher can have unrestricted access.
- The
Student have restricted access. (only defined/allowed websites are accessible).
But upon my research/review on OpnSense Captive Portal Documentation, This is not possible because you can only configure firewall/captive portal settings per port/interface. In short, 1 Zone is 1 Interface.
I cannot modify the infrastructure/wiring or add another Wi-Fi access points since It's already installed and running. I can only configure them.
So my plan is:
- Setup 2 VLAN ID's (Interface) on a single physical ethernet port on OpnSense that is connected to the Wifi Access Points.
- Create two Captive Portals on OpnSense that uses the 2 VLAN Interface I created.
- Configure the Wifi Access Points to two SSID's (
Teacher Wifi & Student WiFi) and attach each SSID to specific VLAN ID I setup on OpnSense.
- Configure OpnSense Website Filtering on the
Student Wifi VLAN Interface.
To be honest, these are just my theories. I don't really know if this is a feasible or good workaround/setup. This is my first time in network setup/engineering. Please bear with me.
All I want to know is, Is this kind of setup possible? (kindly look for the diagram below to better understand my network setup plan). Please give me some tips/suggestions on how I can do it better. Thank you very much!
