Re: [Packetfence-users] Captive Portal Help

Tue, 13 Dec 2011 06:11:15 -0800 

Ensure that the vlan assignments are properly configured in switches.conf.

On 11-12-12 11:46 PM, lint wrote:

I am using the latest PacketFence ZEN VM.
I am able to authenticate 802.1x and pick up an IP from PacketFence. Devices are placed into the unregistered status in the PacketFence website.
However, two issues. One is that it is automatically assigning me the inline VLAN when I am out of band. My understanding is that PacketFence should first place me into the registration VLAN. Second, I am not forced to the captive portal authentication page. However, I can manually type the captive portal URL, and login fine. Basically, I can bypass the captive portal screen to access the internet.
All services are started except pfdetect, pfredirect and snort. pfdhcplistener appears to be running on all DHCP interfaces as I see multiple PIDs. 

Here is my pf.conf file.  Any help is appreciated.

[general]
#
# general.domain
#
# Domain name of PacketFence system.
domain=mydomain
#
# general.hostname
#
# Hostname of PacketFence system. This is concatenated with the domain in Apache rewriting rules and therefore must be resolvable by clients. 
hostname=pf
#
# general.dnsservers
#
# Comma-delimited list of DNS servers. Passthroughs are created to allow queries to these servers from even "trapped" nodes. 
dnsservers=10.10.10.3,10.10.10.4,10.10.10.5
#
# general.dhcpservers
#
# Comma-delimited list of DHCP servers. Passthroughs are created to allow DHCP transactions from even "trapped" nodes. 
dhcpservers=10.10.20.3,10.10.30.3,10.10.40.3,10.10.50.3
timezone=America/Chicago

[trapping]
# trapping.range
#
# Comma-delimited list of address ranges/CIDR blocks that PacketFence will monitor/detect/trap on. Gateway, network, and 
# broadcast addresses are ignored.
range=10.10.20.0/24,10.10.30.0/24,10.10.40.0/24,10.10.50.0/24 <http://10.10.20.0/24,10.10.30.0/24,10.10.40.0/24,10.10.50.0/24> 
#
# trapping.registration
#
# If enabled, nodes will be required to register on first network access. Further registration options are configured in the 
# registration section.
registration=enabled
#Redirection
redirecturl=https://pf.mydomain
#detection=enabled
always_use_redirecturl=disabled
#passthrough=iptables
#
# trapping.dectection
#
# If enabled, nodes will be trapped if triggering a SNORT rules.
#detection=disabled
#
[database]
#
# database.pass
#
# Password for the mysql database used by PacketFence.
pass=pfz3n

[interface eth0.50]
ip=10.10.10.2
mask=255.255.255.0
type=management
gateway=10.10.10.1

[interface eth0.100]
ip=10.10.20.2
mask=255.255.255.0
type=internal
enforcement=vlan
gateway=10.10.20.1

[alerting]
emailaddr=myemail
wins_server=10.10.10.3
admin_netbiosname=pf

# REMOVE COMMENT TO ENABLE VLAN MODE
[interface eth0.95]
ip=10.10.30.2
mask=255.255.255.0
type=internal
enforcement=vlan
gateway=10.10.30.1

[interface eth0.96]
ip=10.10.40.2
mask=255.255.255.0
type=internal
enforcement=vlan
gateway=10.10.40.1

[interface eth0.98]
ip=10.10.50.2
mask=255.255.255.0
type=internal
enforcement=vlan
gateway=10.10.50.1

[inline]
portal_redirect=ip

[registration]
range=10.10.20.0/24,10.10.30.0/24,10.10.40.0/24,10.10.50.0/24 <http://10.10.20.0/24,10.10.30.0/24,10.10.40.0/24,10.10.50.0/24> 

[captive_portal]
network_detection_ip=10.10.20.2


------------------------------------------------------------------------------
Systems Optimization Self Assessment
Improve efficiency and utilization of IT resources. Drive out cost and
improve service delivery. Take 5 minutes to use this Systems Optimization
Self Assessment. http://www.accelacomm.com/jaw/sdnl/114/51450054/


_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users



--
Francois Gaudreault, ing. jr
[email protected]  ::  +1.514.447.4918 (x130) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)


------------------------------------------------------------------------------
Systems Optimization Self Assessment
Improve efficiency and utilization of IT resources. Drive out cost and 
improve service delivery. Take 5 minutes to use this Systems Optimization 
Self Assessment. http://www.accelacomm.com/jaw/sdnl/114/51450054/
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to