> I have tried to research this a bit myself and seem to have come to the conclusion that packet fence is best suited for a hotel wifi system and that there is really no control over iptables.
Sir/ma`am, if this were true then universities such as ours would not be using it. >From reading your first email I see that you are trying to set up access to >your internal network from your wireless network. There are HUNDREDS of ways >you can do this, many COULD involve PF (or any other NAC) and many do not. The >people on this list can speak for themselves but I do not have time to >architect a entire solution for your situation. Please ask specific questions, >if you are having a problem post it here and we will attempt to help, IF we >have time. If you want support at your finger tips you will need to pay for >it, I highly suggest employing the skills of the technicians at Inverse. They >can and will happily architect a solution that fits your needs. PF is working perfectly well in our collegiate environment using VLan enforcement with almost 10k devices. ***Please forgive the curt nature of the language in this email, I could not find any other way to adequately express my point. No offense is meant*** Jake Sallee Godfather of Bandwidth Network Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 ________________________________________ From: exim [[email protected]] Sent: Monday, December 19, 2011 2:38 PM To: [email protected] Subject: Re: [Packetfence-users] inline enforcement I have tried to research this a bit myself and seem to have come to the conclusion that packet fence is best suited for a hotel wifi system and that there is really no control over iptables. I was hoping for a solution that incorporated a bit of internal access control, host and user inventory. On Thu, Dec 15, 2011 at 11:15, exim <[email protected]> wrote: > I am a very new user and tying to get inline enforcement working on a > test network. The only feature I need is to be able to control > traffic from my internal wireless network (10.1.11.0) to my internal > production network (10.1.10.0). Basically I need to have any user > able to connect to the wireless and surf the web but I need to control > who has access to the 10.1.10.0 network. Is packet fence able to > handle this? Am I missing something simple? > > [interface eth0] > ip=10.1.11.172 > mask=255.255.255.0 > gateway=10.1.11.1 > type=internal > enforcement=inline > > > [interface eth1] > ip=10.1.11.173 > mask=255.255.255.0 > gateway=10.1.11.1 > type=management > enforcement=inline > > At present I have the packet fence server acting as a gateway but I > cannot find a way to re ------------------------------------------------------------------------------ Learn Windows Azure Live! Tuesday, Dec 13, 2011 Microsoft is holding a special Learn Windows Azure training event for developers. It will provide a great way to learn Windows Azure and what it provides. You can attend the event by watching it streamed LIVE online. Learn more at http://p.sf.net/sfu/ms-windowsazure _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Write once. Port to many. Get the SDK and tools to simplify cross-platform app development. Create new or port existing apps to sell to consumers worldwide. Explore the Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join http://p.sf.net/sfu/intel-appdev _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
