Hi Francois,
Thank you for your prompt answer!
>>
>> Do you have template for routers that are capable of running some of
>> the open firmware out there - OpenWRT, DD-WRT, Tomato or etc... as
>> cheep alternative instead Pro grade Switches and APs?
> To be honest, we tried to make it work using DD-WRT, however we were not
> able to get it working. The issues are related to the way the device
> handles the VLANs, and that it just not support dynamic vlan assignment
> using RADIUS. Since no one was sponsoring the development, we stoped
> our tests there since we had other tasks to do in priority.
I can look and ask around for people on DD-WRT forum that are willing to
contribute some time about this?
>
>>
>> This would give a SMB companies and low budget or public organization
>> extremely good and accessible solution combining your powerful
>> software and these cheap SoHo Routers/APs with customized firmware.
> We ended up revamping the inline mode instead. Basically, the AP is a
> dumb device, puts the people in the inline vlan, and PF is the gateway
> for that VLAN. It works no problem for kinda large networks. We have
> one inline deployment that runs with more than 8K nodes on the network.
>
This is from PF_network_device_configuration_guide "There is no need to follow
the instructions in this guide if you plan on deploying in inline enforcement.
In this case all you need to do is to have a flat layer 2 network up to
PacketFence's inline interface with no other gateway available for devices to
reach out to the Internet.
This technique is usually used when your network hardware doesn't support VLAN
enforcement."
PF function as NAT Gateway, does PF can function as Bridge ( transparent )
Getaway?
>>
>> If is not possible can you explain why? At the end it is device with
>> embled linux ( same as most Pro Switches and AP's out there)?
>> What needs to be done in order that to work?
> If you have such a device, and have time to make some tests, you could
> definitely contribute to build a module for those devices. Otherwise,
> the Inline mode is the other option.
Yes I'm want to do some tests, and contribute anything that I can. Writing a
module is not that I can do right now.
Please if you have any directions and suggestions do share them…
What is the best test setup - I already have working PacketFenceZEN_ESX-3.1.0
VMWare fusion instance, or it's better to set up PF form scratch on CentOS?
>
> --
> Francois Gaudreault, ing. jr
> [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
> (www.packetfence.org)
Sincerely,
Martin
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
