Re: [PacketFence-users] Packetfence as captive portal ?

Fri, 21 Jun 2013 08:43:59 -0700 

I think you may not have a full understanding of some of the terms you are 
seeing dealing with the networking side of PF.

Vlans are logical separations of the network, it is a device network engineers 
use to segment the network into smaller, more manageable, pieces.  Vlans also 
are useful for controlling how traffic flows through the network.

Layer 2 refers to OSI model layers, there are 7 and each has a specific 
function.  Vlans are layer 2 functions.

http://en.wikipedia.org/wiki/OSI_model

To answer your questions:


1)      In Vlan mode PF can go almost anywhere in your network, all you have to 
do is make sure the RADIUS and DNS/DHCP info can get to and from the PF server.

2)      The different Vlans correspond to different functions.  For example:  
The registration Vlan is where un-registered devices are placed (automatically 
by PF) as a holding area until they are registered and validated by a set of 
rules or requirements you define.

Likewise, the isolation vlan is a vlan where devices that break the rules you 
have defined are placed.

How you setup your vlans is dependent on your environment, comprised of the 
hardware you are using and your unique security requirements and goals.

Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton TX. 76513
Fone: 254-295-4658
Phax: 254-295-4221
HTTP://WWW.UMHB.EDU

From: Ibrahim Lubis [mailto:[email protected]]
Sent: Thursday, June 20, 2013 11:00 PM
To: [email protected]
Subject: [PacketFence-users] Packetfence as captive portal ?

Hi,

I dont understand about vlan enforcement method, registration vlan, isolation 
vlan. Let say i have 3 tier network, access-distribution-core. Distribution 
seperate layer 2 and layer 3. wlan controller connect to core switch and ap 
connect to access switch.
1. Where should i put packetfence server ? am i must put it in layer 2 ? can i 
put in the DC ?
2. what is this relation beetwen registration vlan , isolation vlan and vlan i 
used for my ssid, let say i use local bridge mode or my wlan, vlan-id 1080 for 
ssid A, vlan-id 1081 for ssid-B ?

thx.

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to