Hi Ludovic, Let me kindly explain the scenario here.......
The PF server's internal IP is *172.31.2.89* and resolves internally to *self-service.dangote-group.com <http://self-service.dangote-group.com>*. We needed Sponsors to be able to approve guest requests over the internet without the need for VPN, so a public DNS mapping was done for the same name to *80.88.10.20* to make that happen. The hostname of PF server is; [image: image.png] There is no special configuration for web authentication re-direct as the default setup for the captive portal is being used. This is the switch config; [image: image.png] Should I change the IP information for the registration URL to the public IP? On Thu, 20 May 2021 at 12:34, Zammit, Ludovic <luza...@akamai.com> wrote: > I’m no mastermind but self-service.dangote-group.com is different from > 172.31.2.89. > > Make sure that you have the correct hostname and domain under > Configuration > System Configuration > General configuration > > If you are using web auth redirection change your URL as well either from > the switch config in PF or the switch / controller itself. > > Thanks, > > *Ludovic Zammit* > *Product Support Engineer Principal* > *Cell:* +1.613.670.8432 > Akamai Technologies - Inverse > 145 Broadway > Cambridge, MA 02142 > Connect with Us: <https://community.akamai.com> <http://blogs.akamai.com> > <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> > <http://www.linkedin.com/company/akamai-technologies> > <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > > On May 19, 2021, at 6:26 PM, Ezeh Victor <vickeyzed...@gmail.com> wrote: > > Hi Ludovic, > > Thank you. > > The Let's Encrypt option was successful as seen below and the > haproxy-admin service was restarted > > <image.png> > > > When users try tried to access the captive portal, it was stuck on this > page. > > <image.png> > > All PF services were stopped and started again and users could no longer > access the page above that will enable them to access the captive portal. > > kindly assist as this will affect users by resumption. > > On Wed, 19 May 2021 at 20:35, Zammit, Ludovic <luza...@akamai.com> wrote: > >> The let’s encrypt integration with PF is pretty simple, it’s baed of the >> HTTP challenge. >> >> If you want to use let’s encrypt service, your DNS name >> self-service.dangote-group.con needs to resolve a public IP address that is >> bind to the management interface over 443 and 80. >> >> Thanks, >> >> *Ludovic Zammit* >> *Product Support Engineer Principal* >> *Cell:* +1.613.670.8432 >> Akamai Technologies - Inverse >> 145 Broadway >> Cambridge, MA 02142 >> Connect with Us: <https://community.akamai.com/> >> <http://blogs.akamai.com/> >> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM7HPuJdbQ$> >> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM5_CpBuXg$> >> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM7Jgb9D1g$> >> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!G9vGOTkM6sqOIWJGYig9QvaqBKePkEkTKYSjwBMaDI-M06He7AhwSM7Q7-BCow$> >> >> On May 19, 2021, at 1:29 PM, Ezeh Victor <vickeyzed...@gmail.com> wrote: >> >> HIi, >> >> My packetfence version is v10.2.0. >> >> I tried using the GUI to upload the required files. >> >> 1. the private key generated when generating a .csr file was used in >> conjunction with the .crt file and this was the error message >> >> >> <image.png> >> >> Generating the .csr from the GUI does not generate a private key to be >> used in filling the data requirements. >> >> How can I tackle this? >> >> Also, trying out the let's encrypt option gives this error when testing >> public access >> >> <image.png> >> >> What is the procedure to use either? >> >> On Wed, 19 May 2021 at 13:00, Zammit, Ludovic <luza...@akamai.com> wrote: >> >>> Hello, >>> >>> Which PacketFence version are you using ? If it’s a version > v10 use >>> the GUI for it, otherwise, the server.pem is a bundle of : server.key >>> server.crt and intermediates if any. >>> >>> Thanks, >>> >>> *Ludovic Zammit* >>> *Product Support Engineer Principal* >>> *Cell:* +1.613.670.8432 >>> Akamai Technologies - Inverse >>> 145 Broadway >>> Cambridge, MA 02142 >>> Connect with Us: <https://community.akamai.com/> >>> <http://blogs.akamai.com/> >>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGjCi8Wzbg$> >>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGi5eEi6EA$> >>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGjd3VOgFg$> >>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!EcqHJUqV-wetV_DNm6yHnvvryi_qAFOdRAAcDbLbwCFp561F3FVPuGg54xdavA$> >>> >>> On May 19, 2021, at 4:23 AM, Ezeh Victor via PacketFence-users < >>> packetfence-users@lists.sourceforge.net> wrote: >>> >>> Hi, >>> >>> I have been having an issue using a third-party SSL certificate on PF >>> for the captive portal. >>> >>> Based on the documentation, the directive was to change the server.crt >>> and server.key files in the /usr/local/pf/conf/ssl/ folder. >>> >>> I generated the server.csr file using *openssl req -new -newkey >>> rsa:2048 -nodes -keyout server.key -out server.csr*. command >>> >>> I renamed the corresponding files to server.crt and server.pem and >>> copied them to the /usr/local/pf/conf/ssl/ folder and included the >>> server.key file generated during the server.csr generation. >>> >>> After doing this, I restarted the haproxy portal for the change to take >>> effect and it failed until I replace the server.pem file with the original >>> one. >>> >>> Please I need assistance with this. >>> >>> What am I missing? >>> _______________________________________________ >>> PacketFence-users mailing list >>> PacketFence-users@lists.sourceforge.net >>> >>> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!C54N4JbJxSylz8oux_xKUlZBH1GUAKLr-30v-tBM_yic5PBVVZ9_bOER9HTRj4iI$ >>> >>> >>> >> >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
