> I'm looking for a way to run captive portal on the WAN interface ... not
> having much luck so far ...
> What I want is to be able to auth to a radius server when a request
> comes to the f/w from the WAN interface on port 80, if the auth succeeds
> then they get allowed through the rule base to a web server running on
> the LAN interface ....
erm, why not run the RADIUS authentication on your web server itself - since that is what you are
putting them through to and requiring the authentication for ?
Apache does have a RADIUS authentication module:
very easy to use - and wouldnt cause the sort of issues you might have trying to do the way
you are doing