Hi Cletus,
Okolie C. Cletus wrote:
> Dear All,
> I have setup Packetfence on my network and it works well. The problem is
> that I have some visitors who will want to use the network for a while.
> I assume this kind of users will be treated as guest. In pf switch.conf
> file there is a Guest Vlan but am not sure how to implement it. Please
> anyone with guide on how to do this.
First, you need a way to label them as guests. If you are using 1.9.0 or
newer you can use node categories for that otherwise you can use a
special pid (username) or a string in the notes field.
You can manually manage them (through web admin) or modify the captive
portal to set the specific field you decided to use on the criteria you
are interested in.
Second, you need to modify the VLAN assignment portion. Check in
lib/pf/vlan.pm for custom_getCorrectVlan. There is an example commented
there. Copy the whole sub custom_getCorrectVlan { ... } over to
lib/pf/vlan/custom.pm and modify it to your needs. Be careful to test in
a non-production environment first!
For 1.9.0, your custom code will look like:
...
if (ref($node_info) eq 'HASH' && defined($node_info->{'pid'})) {
if (lc($node_info->{'pid'}) eq 'guest') {
return $switch->{_guestVlan};
}
}
...
In the case you decided to go with a special pid.
Examples of what we have done in the past:
- email activation. Give network access for 5 minutes and require them
to click on a link sent in their email. Provides accountability for
little help-desk stress.
- access godfather. Sends an email to someone internally and they must
accept the visitor through an email link.
- password of the day/week. if they put the correct password they gain
access.
- auth against Active Directory (AD). Then manage the guest account on
the AD.
As you can see it's pretty much anything you can think of.
Because of the various approaches, there is no easy 'enable switch' in
PacketFence.. We didn't want to restrict any approaches.. However this
flexibility comes at the cost of you having to write a 4-5 lines of perl
to enable the feature.
Cheers!
--
Olivier Bilodeau
[email protected] :: +1.514.447.4918 *115 :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
