hi all,
I think I have sorted myself out.
Turns out, I didn't understand what trapping.range stood for.
I have set it to trap the ip addresses my dhcp will assign and not
addresses in my internal network. This works consistently now.
And I needed to add some forwarding in my iptables so that my internal
network could be reached from outside.
I now have my basic setup working. thanks to all who spent some time
reading this.
I still have some more question though: regardless of if
trapping.always_use_redirecturl is disabled or enabled, I am always
redirected to trapping.redirecturl.
Is this normal behaviour?
Thanks!
Primrose
On Tue, Nov 1, 2011 at 8:49 PM, Primrose Mbanefo <
[email protected]> wrote:
> Hi all,
>
> I have never done network administration before and I am just trying
> packetfence out to see what is possible.
> Feel free to correct me on as many points as you see fit...
>
> My aim at the moment is to restrict access to a particular server. But at
> the same time allow all users through to the internet once they have
> registered.
> Since I am not going to use any switches and I am not sure how vlans would
> be adapted to my demo setup i have gone for inline mode which looked easier
> to setup.
>
>
> The current setup simulates 3 laptops and has a home wifi home router
> (linksys wag320n) currently acting purely as an access point.
> the router has ip 192.168.1.1 and does not dhcp. gateway is 192.168.1.2
> laptop1 is the packetfence v3 server and has two network interfaces.
> static ip 192.168.1.2 on eth1 which hosts dhcpd and static 192.168.0.1 on
> eth2. gateway is 192.168.1.2
> laptop2 hosts the server i want to restrict access to and has static ip
> 192.168.0.2 (simulated wired connection between laptop1&2 here). gateway is
> 192.168.0.1
> laptop3 will be a user connecting to the network. it currently connects to
> the router and gets an ip address from laptop1. all this works fine and
> laptop3 gets ip address 192.168.1.100
> laptops1&2 are running centos 6 and laptop3 is running win7.
>
> eth1 on laptop1 has been declared as a management,internal inteface
> eth2 on laptop1 has been declared as an internal interface.
>
> My current problem is with the captive portal.
> From laptop3, if i try to access 192.168.1.2 via a browser, then i am
> redirected to the portal.
> on the other hand if i try to access either 192.168.1.1, 192.168.0.1 or
> 192.168.0.2, i either have direct access to the servers or access is denied
> depending on if i turn iptables on or off. It is never redirected to the
> captive portal...
>
> Have i missed a config?
> I have set registration.range to 192.168.1.0/24,192.168.0.0/24.
> I also set trapping.range to this value but i most likely do not use this
> setting as i am not using the out-of-band mode?
> How can i get any access to the interfaces to be registered?
>
> Thanks for patience in reading this and for any replies!!!
>
> Best regards
> Primrose
>
>
------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
