Hello,
We are trying to setup and configure Packet Fence to test it on our network for
wired guest internet access. Our security team has required that all guest net
internet traffic be isolated from our internal network, but we'd like to be
able to manage the packet fence installation from our internal network
(probably in the DMZ). We will have a proxy server delivered via DHCP to
clients successfully registering on the guest network. If my DMZ IP space is
192.168.0.0, the Guest Normal Internet traffic vlan is 192.168.2.0, with Guest
Registration vlan 192.168.3.0 and Isolation vlan 192.168.4.0, how do I
configure my interfaces in packet fence? PF is installed on RHEL6 in a vmware
VM managed via vSphere. Eventually we will route the guest net vlans in a
separate VRF across our MPLS tunnel via a DMVPN encrypted tunnel but for now
we're trying to get the installation working at a single site where the
internet connection, proxy and packet fence server and guests are all located
at the same site. Here's what we're assuming now:
We'd like to be able to manage the packet fence configuration from our internal
network vlan 100 via the DMZ:
PF server 192.168.0.7/24, GW 192.168.0.1
Vlan 100
Type Management
Isolation vlan
PF server 192.168.4.7/24, GW 192.167.4.7
Vlan 183
Type Isolation
Registration vlan
PF server 192.168.3.7/24, GW 192.168.3.7
Vlan 182
Type Registration
Authenticated Guests with internet access:
PF server 192.168.2.7/24, GW192.168.2.1
Vlan 181
Type ?
TMG Proxy server at "http://192.168.2.3/wpad.dat"; (the DHCP server on PF will
need to deliver this to clients in the Guest VLAN)
Question:
What interface type do we select for each of the above, since the PF server
configurator page only presents the options "Management", "Registration", and
"Isolation", so we're not sure what type to select for the Authenticated Guests
vlan.
Cheers,
Sue
Sue Nall
Network Engineer, CIO
The SI Organization, Inc
571-313-6255
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
