[Packetfence-users] Beginner problem with captive portal in inline mode

Wed, 02 Nov 2011 05:59:05 -0700 

Hi all,

I have never done network administration before and I am just trying
packetfence out to see what is possible.
Feel free to correct me on as many points as you see fit...

My aim at the moment is to restrict access to a particular server. But at
the same time allow all users through to the internet once they have
registered.
Since I am not going to use any switches and I am not sure how vlans would
be adapted to my demo setup i have gone for inline mode which looked easier
to setup.


The current setup simulates 3 laptops and has a home wifi home router
(linksys wag320n) currently acting purely as an access point.
the router has ip 192.168.1.1 and does not dhcp. gateway is 192.168.1.2
laptop1 is the packetfence v3 server and has two network interfaces. static
ip 192.168.1.2 on eth1 which hosts dhcpd and static 192.168.0.1 on eth2.
gateway is 192.168.1.2
laptop2 hosts the server i want to restrict access to and has static ip
192.168.0.2 (simulated wired connection between laptop1&2 here). gateway is
192.168.0.1
laptop3 will be a user connecting to the network. it currently connects to
the router and gets an ip address from laptop1. all this works fine and
laptop3 gets ip address 192.168.1.100
laptops1&2 are running centos 6 and laptop3 is running win7.

eth1 on laptop1 has been declared as a management,internal inteface
eth2 on laptop1 has been declared as an internal interface.

My current problem is with the captive portal.
>From laptop3, if i try to access 192.168.1.2 via a browser, then i am
redirected to the portal.
on the other hand if i try to access either 192.168.1.1, 192.168.0.1 or
192.168.0.2, i either have direct access to the servers or access is denied
depending on if i turn iptables on or off. It is never redirected to the
captive portal...

Have i missed a config?
I have set registration.range to 192.168.1.0/24,192.168.0.0/24.
I also set trapping.range to this value but i most likely do not use this
setting as i am not using the out-of-band mode?
How can i get any access to the interfaces to be registered?

Thanks for patience in reading this and for any replies!!!

Best regards
Primrose

------------------------------------------------------------------------------
RSA® Conference 2012
Save $700 by Nov 18
Register now!
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to