Netgate is offering COVID-19 aid for pfSense software users, learn more.

Captive Portal

The Captive Portal feature of pfSense® redirects users to a web page hosted on the firewall before Internet access is permitted. From this page, users can be forced to authenticate before access is granted, or perform a simple click- through. The most common uses of Captive Portal are for wireless hot spots, or for additional authentication before allowing access to internal networks from wireless clients. It can also be used with wired clients if desired. Captive Portal is configured under Services > Captive Portal.

See also

For additional information, you may access the Hangouts Archive to view the April 2015 Hangout on Captive Portal


The Captive Portal implementation in pfSense does have some limitations. This section covers those, and the common ways of working around them where possible.

Does not yet support IPv6

Currently, Captive Portal does not support IPv6.

Not capable of reverse portal

A reverse portal, requiring authentication for traffic coming into a local network from the Internet, is not possible.