For the networks that you want to route rather than nat, please add the
following to the conf/networks.conf file
nat=no
That will route traffic rather than using nat.
You need to keep in mind that PacketFence is managing the iptables service.
Cheers!
dw.
--
Derek Wuelfrath
[email protected] :: +1.514.447.4918 (x110) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
On 2013-08-28, at 2:09 PM, David Rice <[email protected]> wrote:
> Yes, I am in 'inline' environment on PacketFence version 4.0.1 on a Centos
> box. We want the server that PacketFence is on to route without using nat.
> The reason is mostly as an emergency fail safe, so if for some reason the
> PacketFence fails to run, we can have the server still route traffic. So, to
> do this, we are looking for a way to run PacketFence without using nat. The
> solution at '
> http://www.packetfence.org/support/faqs/article/how-can-we-route-instead-of-nat-through-packetfence-in-inline-enforcement.html?no_cache=1&cHash=0739887ba98b66cf34c141c7e9773cb3
> ' only disables nat going one way, we are trying to disable it in both
> directions. I am not sure if that is any clearer, but I don't know how to
> else to explain it.
>
>
> On Wed, Aug 28, 2013 at 9:49 AM, Derek Wuelfrath <[email protected]>
> wrote:
> What do you mean when you say "disable NAT" ?
> You are in an inline environment ?
>
> Derek
>
> --
> Derek Wuelfrath
> [email protected] :: +1.514.447.4918 (x110) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
> (www.packetfence.org)
>
> On 2013-08-27, at 4:20 PM, David Rice <[email protected]> wrote:
>
>> So, I have figured out how to turn off some nat in PacketFence based on the
>> instructions provided here at '
>> http://www.packetfence.org/support/faqs/article/how-can-we-route-instead-of-nat-through-packetfence-in-inline-enforcement.html?no_cache=1&cHash=0739887ba98b66cf34c141c7e9773cb3
>> ', but I am still stuck, because I need to disable nat in both directions.
>> The reason is because nat does not work with our use case and I was
>> wondering if there was an easy way to disable it.
>>
>> I tried to comment out "%%nat_prerouting_inline%%", in
>> .../pf/conf/iptables.conf, but that did not solve the problem. When I
>> commented this line out, it caused a DNS error.
>>
>> Any help would be greatly appreciated,
>>
>> --
>> David Rice
>> System Engineer
>> ------------------------------------------------------------------------------
>> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
>> Discover the easy way to master current and previous Microsoft technologies
>> and advance your career. Get an incredible 1,500+ hours of step-by-step
>> tutorial videos with LearnDevNow. Subscribe today and save!
>> http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk_______________________________________________
>> PacketFence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
>
> --
> David Rice
> System Engineer
> SUNY Potsdam
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk_______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
