Hello Guillaume,
in network.conf, remove :
[192.168.0.0]
dns=192.168.0.101
dhcp_start=192.168.0.120
gateway=192.168.0.253
domain-name=inline.{redacted}
named=enabled
dhcp_max_lease_time=86400
dhcpd=enabled
type=inline
netmask=255.255.255.0
dhcp_end=192.168.0.200
dhcp_default_lease_time=86400
And change :
[192.168.100.0]
dns=8.8.8.8
dhcp_start=192.168.100.10
gateway=192.168.100.254
domain-name=inline.{redacted}
named=enabled
dhcp_max_lease_time=86400
dhcpd=enabled
type=inline
netmask=255.255.255.0
dhcp_end=192.168.100.246
dhcp_default_lease_time=86400
In pf.conf change :
[interface eth0]
ip=192.168.0.253
type=management
mask=255.255.255.0
enforcement=inline
to :
[interface eth0]
ip=192.168.0.253
type=management
mask=255.255.255.0
About the FQDN, it doesn´t matter, in fact on the inline network
packetfence is the dns, dhcp.
If your device is unreg then iptables will forward the dns traffic to
packetfence (and packetfence will always be the inline ip address) and
when your device will be reg then the dns traffic will reach the real
dns server.
Regards
Fabrice
Le 2014-01-22 08:32, Estival Guillaume a écrit :
Sorry, I hit the Send button before finishing the post...
Pasting the original post:
Hello, packetfence users.
I'm trying to set up a packet fence system, and right now, I'm
beginning to wonder if I'm doing things right.
I attached a small picture of my network, I hope the mailing list
robot will accept it.
My LAN network use the 192.168.0.0/24 subnet. There is various servers
and end users computers.
I want to set up a packetfence system on the 192.168.100.0/24 subnet
to provide Internet for customers and retailers. Customers are NOT
allowed on the 192.168.100.0/24 subnet.
But packetfence must NOT handle anything on the 192.168.0.0/24 subnet.
It must only care about the 192.168.100.0/24 subnet.
At start, I got some messages about rogue dhcp (reminds me rogue
robots on Wall-E ;)) 192.168.0.101 which is perfectly genuine. On Web
Interface, under Main/General section, I added 192.168.0.101 as dhcp
server.
I now have 192.168.0.101 and 192.168.100.254 as dhcp servers. But on
the 192.168.0.0/24 subnet, some windows computers didn't get any DHCP
reply when asking for an IP. I shut down the packetfence server, and
then it worked right now.
On the FAQ, I found this:
http://www.packetfence.org/support/faqs/article/i-want-to-manage-only-some-ports-on-a-switch-but-not-all-the-ports-how-can-i-do-that.html?no_cache=1&cHash=d74c632f6ea3d0fb8532bd1a8d376f19
But it needs VLAN switch and I don't have one. The whole packetfence
configuration is inline.
So packetfence tries to take care of the 192.168.0.0/24 subnet but I
don't want to, I don't know how to set it up right.
The second problem occurs when using the 192.168.100.0/24 subnet:
packetfence take over to display a login page but provide a FQDN URL.
How to change it to a IP address, 192.168.100.254 for instance?
In fact, if I can set up packetfence to use the 192.168.100.254
resolver, I can set up a local zone to use a FQDN on the
192.168.100.0/24, but if I don't set up the 192.168.0.101 DNS, domain
name resolution didn't work.
And I get this warning, which may be related:
WARNING - networks.conf 192.168.0.0 gateway (192.168.0.253) is not
bound to an internal interface.
You will find relevant (or so I think) configuration files in
attachment and the actual network
Many thanks in advance.
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
