I want is that wifi becomes open and has no MAC filtering. So, once a user is connected to the internet, The firewall blocks every connection to that host except one IP address and a specific port which would be of our Authentication Server. Then, the user will get a captive portal that will allow them to download our App. Once user Installs the App, The App should send a request to the Auth Server to allow Access to Intranet Services to that specific MAC Address. Then the App should Contain an Internet page on which there will be a Connect button. When they click on connect on connect button, The auth server will whitelist their MAC for Internet Access(Whoever has paid for it) to the firewall and assign bandwidth and Quota Limit. (Optional) The firewall should blacklist the MAC when their session ends.
So basically, I want to create a middle auth server which will have its own database(& separate panel for admins) which will communicate to the firewall for blacklisting and whitelisting MAC's.