Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless How To

Step 4: Create the Captive Portal Page

This brings us to the Portal page contents. The Portal page is displayed when a client first attempts to connect through the Portal. Access to the Internet is blocked until the user brings up a web browser and clicks the Submit button on the webpage that will appear. Clicking the Submit button indicates that they have read and understood the contents of the page. The user is then allowed access to the Internet via the Portal, still restricted by any firewall rules that may be in place until either the idle or hard timeout is reached.

The Portal page contents are customisable and you can upload any valid HTML from a file as long as it contains the following form HTML

<form method="post" action="">
   <input name="accept" type="submit" value="I Agree">
</form>

Note that while the example above shows the value of the submit button to be "I Agree", it can be anything you like. Typically the Portal page would contain information regarding any restrictions in place and an Acceptable Use Policy (AUP).

You might notice that there is no way of uploading content files such as images to m0n0wall for the Portal page. As discussed in the previous article, m0n0wall is designed to run completely from RAM so images, Flash objects, etc. would quickly start eating into available memory. You can, however, host content files elsewhere, such as a webserver on the LAN interface or on the Internet and reference them in your uploaded Portal Page contents HTML. These can be added using HTML syntax like:

<img src="http://portal.dave-cook.org.uk/images/CommunityCafe.gif">

This on its own isn't enough, however, since m0n0wall will block access to the webserver until the Submit button on the Portal page has been clicked! This would also be the case if you had whole websites that you would want Portal clients to be able to access before they were granted free access to the Internet. This could be an FAQ about the Portal service itself, or the websites of sponsors and advertisers. 

Fortunately, the Allowed IP Addresses feature allows you to unblock access to specific IP addresses that clients can freely access without being required to pass through the Portal page. This functions in two ways. 

  • To IP addresses - allowing access to remote websites and such
  • From IP addresses - which could be used to allow known clients with statically configured IP access to the Internet 

Updated 2 October 2004
Figure 6
shows that I have allowed access to my webserver on the LAN for the Portal page images and to two other Internet websites that I am promoting on the Portal page. Configuring access to websites with IP addresses, rather than their DNS name, can cause problems if the sites move IP addresses frequently or like www.tomshardware.com, have multiple IP addresses which would all have to be configured separately.

The final entry is in the opposite direction, allowing my wireless access point to addresses beyond the Captive Portal. This is so that I can use its web adminstration from the LAN network, without this reponses to my connection attempts from the LAN network would be blocked by the Captive Portal.

Captive Portal - Allowed IP Addresses

Figure 6: Captive Portal - Allowed IP Addresses
(click on the image for a larger view)

Access to known clients can also be granted by MAC address using the Pass-through MAC page. This is a better method than static IP addresses, as it allows the client to still pick up their IP configuration by DHCP.

As an example, my finished Portal page is shown in Figure 7. It is not going to win any prizes for website design, but all the basic elements are there. The Acceptable Use Policy (AUP) was created by amending the AUP in place at www.piertopier.net. If you want to use it as a starting point it downloadable here as a text file, and the page HTML here.

Finished Portal Page

Figure 7: Finished Portal Page
(click on the image for a larger view)

More Wireless

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

i'm trying to run an aimesh of two 86u's and one 68u. so i setup my old and trusty 86u as a main and the two other routers as nodes. everything goes w...
Hi, I'm new around here.I have this configuration:Router ISP: Bridge mode (192.168.0.1)Router ASUS AC68U :Firmware: Asuswrt-Merlin 834.13 (Thank you M...
Hi, I have a question around multi-subnet environment and routing via OpenVPN on Merlin. I have a few internal networks for desktop, vms and wifi clie...
Hi, I can not use IGMP proxy on my AX88U with the last Merlin firmware, I got this message : "Due to hardware limitation, IGMP proxy cannot co-exist w...
My custom VPN configuration would be 577 bytes long.However, this does not fit completely into the input field.I just happened to see that because a s...

Don't Miss These

  • 1
  • 2
  • 3