The current release’s captive portal only supports 1 interface. You could use the captive portal on more than one interface only by bridging them or using another router that has the captive portal as default gateway.
But by bridging I cannot use separate fw rules for the two and they would have to be on the same subnet. Right..?
No it’s not possible. You could create X.509 personal certificate for the students and use them to authenticate the captive portal without username and password.
Could you please elaborate a bit on how to implement this certificate solution for ZS?
The captive portal log records username, IP and MAC address. The connection tracking log, if enabled, stores source IP, source port, destination IP and destination port. If you enable the web proxy with antivirus zeroshell also logs the url of the visited sites.
Can you also report internet usage (i.e. megabytes by username for the last hour, last 24 hours and last 7 days…?
Zeroshell uses Layer 7 filters and IPP2P to identificate P2P and other type of traffic that is not easy to track by using tcp/udp port numbers.
I have not experience with bit torrent shaping.
Anyone else here having experience using the above suggestions to successfully deny torrents and PMs etc…?