Hi François,
that's a good tip, I won't be able to try this until monday since today I'm
out of office, but I will post the results as soon as I make this
thanks again and have a nice weekend
2011/12/2 Francois Gaudreault <[email protected]>
> **
> OK try this. In pf/conf/httpd.conf.apache22, change :
> RewriteRule ^.*$
> https://%%hostname%%.%%domain%%/captive-portal?destination_url=http://%{HTTP_HOST}%{REQUEST_URI}
> [R=307,L]
> to
> RewriteRule ^.*$
> http://%%hostname%%.%%domain%%/captive-portal?destination_url=http://%{HTTP_HOST}%{REQUEST_URI}
> [R=307,L]
>
> You will need to change it two times. Next, restart packetfence and
> retry. This will prevent the redirect to https, and will use plain http.
> Let's see if it works that way.
>
> My other question, do you have a proxy configured for your browser?
>
>
> On 11-12-02 3:44 AM, clf wrote:
>
> I have to add something, the PF is a virtual machine running on Virtual
> Box, this is configured with tho NICs and the NIC configured to use with PF
> is a trunk with all VLANs needed, is set as follows
>
> eth1management
> eth1.10 normal vlan
> eth1.2 registration
> eth1.3 isolation
> eth1.5 normal vlan guests
>
> the other NIC is connected to a management switch
>
> 2011/12/1 Raül González <[email protected]>
>
>> yes, I tried two computers both with firefox and explorer
>>
>> when I check the access_log I can see the attempts from explorer and
>> firefox, I can also see the attempts from the antivirus trying to update
>>
>> something is wrong loading the certificate or the reg page
>>
>> Am 01/12/2011 um 20:47 schrieb Francois Gaudreault <
>> [email protected]>:
>>
>> Hi,
>>
>> Yes the nslookup is fine, as long as the PC also have a 192.168.2.x IP
>> Address, and that you can ping 192.168.2.1.
>>
>> Again, you are reaching the server if you get the SSL warning. Did you
>> test using another PC?
>>
>> On 11-12-01 2:14 PM, clf wrote:
>>
>> thanks again
>>
>> François, I didn't change any of the templates, no html files were
>> modified
>>
>> Damian, restarting service doesn't help at this moment
>>
>> can you tell me if the nslookup is correct? where should I have a look?
>>
>> 2011/12/1 Damian Mendoza <[email protected]>
>>
>>> If you start and stop the PF service does the registration page work?
>>>
>>>
>>>
>>> That’s the problem I’m having – works one time after starting and
>>> stopping the service
>>>
>>>
>>>
>>> *From:* clf [mailto:[email protected]]
>>> *Sent:* Thursday, December 01, 2011 6:42 AM
>>> *To:* [email protected]
>>> *Subject:* Re: [Packetfence-users] Registration page doesn´t show up,
>>> certificate?
>>>
>>>
>>>
>>> Hi Francois,
>>>
>>>
>>>
>>> thanks for your reply, I´ve tried both mozilla and explorer and
>>> I´m still not able to see the registration page...
>>>
>>>
>>>
>>> I´ve solved those errors on the access_log creating new cert files with
>>> openssl with the right server name and replacing the old ones. Now I only
>>> get this on access_log:
>>>
>>>
>>>
>>> [notice] caught SIGTERM, shutting down
>>>
>>> [Thu Dec 01 10:38:18 2011] [notice] Apache/2.2.15 (Unix) mod_ssl/2.2.15
>>> OpenSSL/1.0.0-fips PHP/5.3.2 mod_perl/2.0.4 Perl/v5.10.1 configured --
>>> resuming normal operations
>>>
>>> I realized that if i release the nslookup command on the client side I
>>> get this output:
>>>
>>>
>>>
>>> server: packetfence
>>>
>>> address: 192.168.2.1
>>>
>>>
>>>
>>> name: www.google.com.registration.mydomain.com
>>>
>>> address: 192.168.2.1
>>>
>>>
>>>
>>> is something wrong with dns?
>>>
>>>
>>>
>>> thanks again
>>>
>>>
>>>
>>>
>>>
>>> Hi,
>>>
>>> What if you try with another browser (ie. Chrome/Firefox)? Do you have
>>> the same thing?
>>>
>>> On 11-12-01 4:53 AM, clf wrote:
>>> > Hi All,
>>> > I just set up a new PF server yesterday, everything went fine and I
>>> > could start the service and access the GUI.
>>> > The server is set up in VLAN enforcement mode so when a new device is
>>> > connected to the switch, PF changes the VLAN (MAC detection) to the
>>> > registration VLAN and when the client opens the web browser it comes
>>> > up the classic "Certificate Error" in Internet Explorer but when I
>>> > click the link to ignore the message it just hangs and the reg page
>>> > doesn´t
>>> > I can see PF knows the client is trying to access to the Internet as I
>>> > see this in the access_log
>>> > 192.168.2.10 - - [01/Dec/2011:10:50:30 +0100] "GET
>>> > /captive-portal?destination_url=http://www.google.com/ HTTP/1.1" 200
>>> > 7093 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1;
>>> > Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR
>>> > 3.5.30729; .NET CLR 1.1.4322; InfoPath.2)"
>>> > Having a look at the logs I see nothing strange but this on the
>>> error_log
>>> > [Thu Dec 01 10:36:37 2011] [notice] caught SIGTERM, shutting down
>>> > [Thu Dec 01 10:38:12 2011] [warn] RSA server certificate is a CA
>>> > certificate (BasicConstraints: CA == TRUE !?)
>>> > [Thu Dec 01 10:38:12 2011] [warn] RSA server certificate CommonName
>>> > (CN) `packetfence' does NOT match server name!?
>>> > [Thu Dec 01 10:38:12 2011] [warn] RSA server certificate is a CA
>>> > certificate (BasicConstraints: CA == TRUE !?)
>>> > [Thu Dec 01 10:38:12 2011] [warn] RSA server certificate CommonName
>>> > (CN) `packetfence' does NOT match server name!?
>>> > [Thu Dec 01 10:38:13 2011] [warn] RSA server certificate is a CA
>>> > certificate (BasicConstraints: CA == TRUE !?)
>>> > [Thu Dec 01 10:38:13 2011] [warn] RSA server certificate CommonName
>>> > (CN) `packetfence' does NOT match server name!?
>>> > [Thu Dec 01 10:38:13 2011] [warn] RSA server certificate is a CA
>>> > certificate (BasicConstraints: CA == TRUE !?)
>>> > [Thu Dec 01 10:38:13 2011] [warn] RSA server certificate CommonName
>>> > (CN) `packetfence' does NOT match server name!?
>>> > [Thu Dec 01 10:38:18 2011] [notice] Apache/2.2.15 (Unix)
>>> > mod_ssl/2.2.15 OpenSSL/1.0.0-fips PHP/5.3.2 mod_perl/2.0.4
>>> > Perl/v5.10.1 configured -- resuming normal operations
>>> > Any advice?
>>> > Thanks in advance
>>> > clf
>>> >
>>> >
>>> >
>>> ------------------------------------------------------------------------------
>>> > All the data continuously generated in your IT infrastructure
>>> > contains a definitive record of customers, application performance,
>>> > security threats, fraudulent activity, and more. Splunk takes this
>>> > data and makes sense of it. IT sense. And common sense.
>>> > http://p.sf.net/sfu/splunk-novd2d
>>> >
>>> >
>>> > _______________________________________________
>>> > Packetfence-users mailing list
>>> > Packetfence-users@...
>>> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>> --
>>> Francois Gaudreault, ing. jr
>>> fgaudreault@... :: +1.514.447.4918 (x130) :: http://www.inverse.ca
>>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
>>> www.packetfence.org)
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> All the data continuously generated in your IT infrastructure
>>> contains a definitive record of customers, application performance,
>>> security threats, fraudulent activity, and more. Splunk takes this
>>> data and makes sense of it. IT sense. And common sense.
>>> http://p.sf.net/sfu/splunk-novd2d
>>> _______________________________________________
>>> Packetfence-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>
>> ------------------------------------------------------------------------------
>> All the data continuously generated in your IT infrastructure
>> contains a definitive record of customers, application performance,
>> security threats, fraudulent activity, and more. Splunk takes this
>> data and makes sense of it. IT sense. And common
>> sense.http://p.sf.net/sfu/splunk-novd2d
>>
>>
>> _______________________________________________
>> Packetfence-users mailing
>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>>
>> --
>> Francois Gaudreault, ing. [email protected] :: +1.514.447.4918
>> (x130) :: www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
>> (www.packetfence.org)
>>
>>
>> ------------------------------------------------------------------------------
>> All the data continuously generated in your IT infrastructure
>> contains a definitive record of customers, application performance,
>> security threats, fraudulent activity, and more. Splunk takes this
>> data and makes sense of it. IT sense. And common sense.
>> http://p.sf.net/sfu/splunk-novd2d
>>
>> _______________________________________________
>> Packetfence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure
> contains a definitive record of customers, application performance,
> security threats, fraudulent activity, and more. Splunk takes this
> data and makes sense of it. IT sense. And common
> sense.http://p.sf.net/sfu/splunk-novd2d
>
>
> _______________________________________________
> Packetfence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
> Francois Gaudreault, ing. [email protected] :: +1.514.447.4918
> (x130) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
> (www.packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure
> contains a definitive record of customers, application performance,
> security threats, fraudulent activity, and more. Splunk takes this
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d
> _______________________________________________
> Packetfence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
