We began this chapter by discussing some of the advantages and disadvantages of captive portals. There are some obvious and not-so-obvious security issues related to captive portals, but by following best practices, such as putting captive portal traffic onto a separate interface and auditing captive portal activity, we can minimize the downside of captive portals. We then covered the many options for captive portal configuration in pfSense–namely, the different authentication options. We then discussed examples using these different forms of authentication, and showed that the most difficult of all of these methods—authentication through a RADIUS server—is not all that difficult.

In the next chapter, we will consider other services that you may want to implement on your pfSense system, such as DNS, DDNS, NTP, and SNMP.