Site Tools


Captive Portal

The Captive Portal works in a similar way to a WiFi hotspot in a public place. Captive Portal presents WiFi users with a simple webpage, prompting them to agree to terms before being allowed to access the network. If the user clicks on “OK, I agree!”, the gateway daemon changes firewall rules on the gateway so that traffic passes for that client (based on its IP/MAC address). This prevents users from accessing the Internet without agreeing to certain Terms of Use.

The Captive Portal module is called “NoCatSplash”. Older versions were named “NoCatAuth”.

Captive Portal is ideal for public/semi-public networks to remind end users of the legal responsibilities linked to Internet access. The requirements are simple. That means it can also be useful in when you simply want people to know whose network they are using. (Default: Disabled).

Enable function: Checking this (and Save) makes FreshTomato users see a Welcome banner when they try to access the Internet.

Interface: Selects one of the bridge interfaces on which Captive Portal will listen for connections.

Gateway Name: Here, specify the name of the gateway that will appear in the Welcome banner.

Captive Site Forwarding: Forces the “homepage” (see definition below) to appear until the user agrees to the Welcome Banner terms.

Home page: This is the URL that will appear after the user agrees to the Welcome Banner terms.

Welcome html Path: This is the path to the location of the Welcome banner .html page.

Logged Timeout: The time period (seconds) during which no Welcome banner appears when you access the device. (Default: 3600s).

Idle Timeout: The period, in seconds, before the client sees the splash screen again, and must agree to the terms again to regain network access.

Max Missed ARP: How many times a client can be missing from the ARP cache before the connection is closed. (Default: 5).

Log Info Level: How much detail will be included in log messages from this module.

  • Level 0=Silent.
  • Level 10=Verbose.

(Default: 2).

Gateway Port: This is the port to be used by the Captive Portal for page redirection. (Ports 1 to 65534). (Default: 5280).

Excluded/Included ports to be redirected: Here, enter the port numbers you wish to be:

  • Included (defines port numbers the user is allowed to use after login) or;
  • Excluded (defines port numbers the user is not allowed to use after login)
    and which FreshTomato redirects away from the client).

Leave blank spaces between port numbers when configuring them.

Using Included and Excluded ports at the same time is not advised. It can cause conflicts relating to whether ports are allowed or not.

URL excluded from the portal: Here, enter URLs or links that can be accessed without the Welcome screen appearing.
URLs entries must be separated by spaces.

MAC address whitelist: Here, enter the MAC addresses of clients to be excluded from Portal functions.
These devices will have no barriers to Internet access. MAC Addresses must be separated by spaces.

Customized Splash File Path: Here you can upload a personal Welcome banner which will override the default one.

WARNING: If the Login Time expires, you must return to the splash page to regain network access.
After you click “OK, I Agree!”, nothing indicates when your usage period will expire.
You may lose Internet Access without warning.

splashd.txt · Last modified: 2024/04/28 15:21 by hogwild