Implementing walled garden on vyos

Hello Guys,

Please, how can I implement the walled garden function on Vyos, whereby my PPPOE customers, when their subscription has expired I can list out some available IP addresses they can access e.g Payment portal.


So I’ve not done this before on Vyos and there’s probably a much better way - but I can’t see what it is with a bit of searching myself.

So the way I’d do it, should I have to whip something up is

  1. Ensure all customers/clients are being assigned IP’s from RADISUS.
  2. Those customers you wish to be Captive Portal’d, give them an address in a special range.
  3. Use Policy Based Routing to route all traffic from IP’s in the above special range towards a server/host/platform that gives the “Hey you haven’t paid!” message.

As I said - there might be a much better built-in solution that I’m not aware of.

It is a bad idea as it probably requires open some https payment gateways. For correcting working of those gateways you have to allow some google services and addresses so in general it was not trivial. When you add some google services to allow, part of customers have access to some youtube services ;).
Not sure about now, but before it was a big quest (partly unworking).


@Viacheslav Please do you have a recommended approach to this ? or is it listed among the features we should be expecting in Vyos soon?
Hence I would have to wait till walled garden feature is official in vyos

I didn’t use the walled garden. It was other payment gateways. Just in summary that logic ±/ should be the same.

Do you mind sharing the approach you used :grinning:

Drop access to the internet but allow access to the billing system.
A client can log in to the billing and push the “Get the Internet for three days” button. It is enough to pay.
So you just need to place IP’s to a table with/without Internet.
It was the easiest way in my case.


Thank you for your response