Bridging Captive Portals

So, I’m working on my research project, and it involves a bunch of virtual machines (which I have set up according to @da_667‘s instructions from his book). Cool, too easy, everything works fine.

…until I have to travel. Fortunately, my lab fits on my laptop. Unfortunately, when I connected to hotel Internet, none of my labs had Internet. The host had no issues, so what was up with the VMs?

As part of his instructions, DA said to put the firewall (PFSense) into bridged mode. This essentially put it parallel to the host OS on the network interface. So it operates completely independently of the host OS. So when the host OS made its way through the captive portal, the PF didn’t. And since the PF box doesn’t exactly have a web browser from which I can authenticate to the captive portal… no Internet.

Solution: change the PF from Bridged to NAT. This places it behind the host OS, so once the captive portal was dealt with, everything that is NATed is fine. Worked like a charm!

Question: why place it bridged in the first place? I honestly can’t be sure, but I suspect that the host OS can cause some unexpected behavior to connections that are NATed through it. I definitely have lots of network hiccups happening (that aren’t getting in the way of my actual research, but are still a touch annoying), and while I can’t confirm that is the cause, it wouldn’t surprise me.

Other question: is there a method of traversing captive portals from the PF? Maybe? As long as this worked, I didn’t care enough to keep troubleshooting, as I had my actual research to do.

Leave a Reply