Sorry it took so long to respond. I had to rebuild my test environment. I am able to connect to the SSID and on the wlc I can see the “PreAuth” access-list is being applied. However, when I open a web browser I do not get to the captive portal. I am pointing to production DNS right now. Is that correct?
Thanks, _______________________________________ Chris Mielke | Lead, ISS Network Systems Drake Technology Services (DTS) | Drake University T 515.271.4640 E [email protected] On 10/15/14, 12:23 PM, "Fabrice DURAND" <[email protected]> wrote: >Hello Christopher, > >it depend of your network configuration, but you can use an alias >(eth0:1) as the ip address of the captive portal. > >But let´s start with a simple config, in packetfence create a management >interface, registration interface and a isolation interface. > >The registration interface must be able to talk with the wlc and the >devices connected on and don´t forget to disable dhcp on the reg >interface. >So on the wlc side configure an ACL (Pre-Auth-For-WebRedirect) that >forward the traffic to the ip address of the registration interface and >configure another ACL (Authorize_any) to allow any any and configure the >WLC to be the dhcp server for the client. > >Then try to connect on the ssid and check the status of the client in >the WLC, if all is ok you will be able to see that the ACL applied to >the client is the Pre-Auth-For-WebRedirect. > >Let me know if it´s ok. > >Regards >Fabrice > >Le 2014-10-14 17:49, Christopher Mielke a écrit : >> I am completely new to PacketFence and trying to set up WebAuth for a >> guest SSID using a Cisco WLC running 7.6.130.0. I have installed >> PacketFence ZEN 4.4.1 and have it running. I am trying to follow the >> instructions for ³Wireless LAN Controller (WLC) Web Auth² from the >>network >> configuration guide, but I¹m confused about the captive portal >> configuration. In the guide it says the captive portal is using IP >>address >> 172.16.0.250 and the administration (I presume management) interface >>uses >> IP address 172.16.0.249. How do I set up a captive portal IP address in >> the same subnet as the management IP address? I apparently cannot use >>the >> management IP for the captive portal because iptables blocks HTTP(S) >> traffic to that IP address because it is in the ³input-management-if² >> chain. >> >> >> Thanks, >> Chris >> >> >> >>------------------------------------------------------------------------- >>----- >> Comprehensive Server Monitoring with Site24x7. >> Monitor 10 servers for $9/Month. >> Get alerted through email, SMS, voice calls or mobile push >>notifications. >> Take corrective actions from your mobile device. >> http://p.sf.net/sfu/Zoho >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > >-- >Fabrice Durand >[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca >Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >(http://packetfence.org) > > >-------------------------------------------------------------------------- >---- >Comprehensive Server Monitoring with Site24x7. >Monitor 10 servers for $9/Month. >Get alerted through email, SMS, voice calls or mobile push notifications. >Take corrective actions from your mobile device. >http://p.sf.net/sfu/Zoho >_______________________________________________ >PacketFence-users mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
