Hi Antonio,
We are considering deploying PacketFence at the University of Miami.
We are primarily a Meru shop for wireless. We have set up a testing
environment with an MC3000 controller hooked up to a Foundry 4802. We
have 4 VLANS (mgmt, registration, isolation, normal). The PacketFence
server has 2 NICS. 1 for out of management the other is set up with
multiple VLANS. They've been tagged at the switch and I can ping all
the PacketFence interfaces (after setting up static routes).
This is a great start.
I have freeradius listening on the PacketFence box and I am currently
accepting all requests. When I attach to the SSID pointing to the
PacketFence server, I see the request come in, I see the Access-Accept
reply go back to the controller, and I associate to the AP.
What are the radius attributes sent back to controller into the
Access-Accept?
PacketFence leases me an IP from the mgmt VLAN (not suppose to ><).
The node comes up as unregistered (expected and good!), but I do not
get redirected to any registration page and I can't navigate anywhere
(the browser spits out an Error 105). Can anyone point me to the
right direction on how I may go about changing what VLAN the user ends
up in and where I'm falling short of redirecting users to the
registration page?
First of all, you need to tell the controller to put the node into the
registration VLAN, otherwise, you won't be able to reach the
registration page. This is done with the FreeRadius perl module
packetfence.pm (/usr/local/pf/addons/802.1X). You need to configure
your RADIUS rlm_perl module to include this script, and create a
webservice user into PF. When your host is in the registration VLAN,
packetfence will act as the DHCP server. It will push an IP in the
registration VLAN (expected :) and also it will push itself as the DNS
server. The DNS server on PacketFence is configured to act as a DNS
blackhole. Every requests that comes in the DNS, will resolve to the
registration IP of PacketFence. You might need to adjust the template
in /usr/local/pf/conf/templates/named-registration.ca to reflect the
PacketFence IP configuration in the registration VLAN.
I suggest you have a brief look into the PF administration guide
(http://www.packetfence.org/downloads/PacketFence/doc/PacketFence_Administration_Guide-2.0.1.pdf),
it is all explained properly in there. If something is not clear, or if
you have some more questions, do not hesitate to ask.
I'd love to contribute the Meru portion of the Documentation if we can
get this working. Thanks guys.
We would be glad to receive contributions from you.
Thanks!
--
Francois Gaudreault, ing. jr
[email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires
February 28th, so secure your free ArcSight Logger TODAY!
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
