Yes this is correct but are you able to ping the portal ip address ? (Also change the acl to allow icmp)
Fabrice Le 2014-10-23 12:36, Christopher Mielke a écrit : > Sorry it took so long to respond. I had to rebuild my test environment. I > am able to connect to the SSID and on the wlc I can see the “PreAuth” > access-list is being applied. However, when I open a web browser I do not > get to the captive portal. I am pointing to production DNS right now. Is > that correct? > > Thanks, > _______________________________________ > Chris Mielke | Lead, ISS Network Systems > Drake Technology Services (DTS) | Drake University > > T 515.271.4640 > E [email protected] > > > > > On 10/15/14, 12:23 PM, "Fabrice DURAND" <[email protected]> wrote: > >> Hello Christopher, >> >> it depend of your network configuration, but you can use an alias >> (eth0:1) as the ip address of the captive portal. >> >> But let´s start with a simple config, in packetfence create a management >> interface, registration interface and a isolation interface. >> >> The registration interface must be able to talk with the wlc and the >> devices connected on and don´t forget to disable dhcp on the reg >> interface. >> So on the wlc side configure an ACL (Pre-Auth-For-WebRedirect) that >> forward the traffic to the ip address of the registration interface and >> configure another ACL (Authorize_any) to allow any any and configure the >> WLC to be the dhcp server for the client. >> >> Then try to connect on the ssid and check the status of the client in >> the WLC, if all is ok you will be able to see that the ACL applied to >> the client is the Pre-Auth-For-WebRedirect. >> >> Let me know if it´s ok. >> >> Regards >> Fabrice >> >> Le 2014-10-14 17:49, Christopher Mielke a écrit : >>> I am completely new to PacketFence and trying to set up WebAuth for a >>> guest SSID using a Cisco WLC running 7.6.130.0. I have installed >>> PacketFence ZEN 4.4.1 and have it running. I am trying to follow the >>> instructions for ³Wireless LAN Controller (WLC) Web Auth² from the >>> network >>> configuration guide, but I¹m confused about the captive portal >>> configuration. In the guide it says the captive portal is using IP >>> address >>> 172.16.0.250 and the administration (I presume management) interface >>> uses >>> IP address 172.16.0.249. How do I set up a captive portal IP address in >>> the same subnet as the management IP address? I apparently cannot use >>> the >>> management IP for the captive portal because iptables blocks HTTP(S) >>> traffic to that IP address because it is in the ³input-management-if² >>> chain. >>> >>> >>> Thanks, >>> Chris >>> >>> >>> >>> ------------------------------------------------------------------------- >>> ----- >>> Comprehensive Server Monitoring with Site24x7. >>> Monitor 10 servers for $9/Month. >>> Get alerted through email, SMS, voice calls or mobile push >>> notifications. >>> Take corrective actions from your mobile device. >>> http://p.sf.net/sfu/Zoho >>> _______________________________________________ >>> PacketFence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> -- >> Fabrice Durand >> [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >> (http://packetfence.org) >> >> >> -------------------------------------------------------------------------- >> ---- >> Comprehensive Server Monitoring with Site24x7. >> Monitor 10 servers for $9/Month. >> Get alerted through email, SMS, voice calls or mobile push notifications. >> Take corrective actions from your mobile device. >> http://p.sf.net/sfu/Zoho >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
