I didn’t try to ping because of the ACL, but I was able to telnet to the server on port 80. When I open a browser it tries to redirect to “https://pf.drake.edu/captive-portal?destination_url=http://192.168.254.10/ &”, but then it times out.
Thanks, _______________________________________ Chris Mielke | Lead, ISS Network Systems Drake Technology Services (DTS) | Drake University T 515.271.4640 E [email protected] On 10/23/14, 12:39 PM, "Fabrice DURAND" <[email protected]> wrote: >Yes this is correct but are you able to ping the portal ip address ? >(Also change the acl to allow icmp) > >Fabrice > >Le 2014-10-23 12:36, Christopher Mielke a écrit : >> Sorry it took so long to respond. I had to rebuild my test environment. >>I >> am able to connect to the SSID and on the wlc I can see the “PreAuth” >> access-list is being applied. However, when I open a web browser I do >>not >> get to the captive portal. I am pointing to production DNS right now. Is >> that correct? >> >> Thanks, >> _______________________________________ >> Chris Mielke | Lead, ISS Network Systems >> Drake Technology Services (DTS) | Drake University >> >> T 515.271.4640 >> E [email protected] >> >> >> >> >> On 10/15/14, 12:23 PM, "Fabrice DURAND" <[email protected]> wrote: >> >>> Hello Christopher, >>> >>> it depend of your network configuration, but you can use an alias >>> (eth0:1) as the ip address of the captive portal. >>> >>> But let´s start with a simple config, in packetfence create a >>>management >>> interface, registration interface and a isolation interface. >>> >>> The registration interface must be able to talk with the wlc and the >>> devices connected on and don´t forget to disable dhcp on the reg >>> interface. >>> So on the wlc side configure an ACL (Pre-Auth-For-WebRedirect) that >>> forward the traffic to the ip address of the registration interface and >>> configure another ACL (Authorize_any) to allow any any and configure >>>the >>> WLC to be the dhcp server for the client. >>> >>> Then try to connect on the ssid and check the status of the client in >>> the WLC, if all is ok you will be able to see that the ACL applied to >>> the client is the Pre-Auth-For-WebRedirect. >>> >>> Let me know if it´s ok. >>> >>> Regards >>> Fabrice >>> >>> Le 2014-10-14 17:49, Christopher Mielke a écrit : >>>> I am completely new to PacketFence and trying to set up WebAuth for a >>>> guest SSID using a Cisco WLC running 7.6.130.0. I have installed >>>> PacketFence ZEN 4.4.1 and have it running. I am trying to follow the >>>> instructions for ³Wireless LAN Controller (WLC) Web Auth² from the >>>> network >>>> configuration guide, but I¹m confused about the captive portal >>>> configuration. In the guide it says the captive portal is using IP >>>> address >>>> 172.16.0.250 and the administration (I presume management) interface >>>> uses >>>> IP address 172.16.0.249. How do I set up a captive portal IP address >>>>in >>>> the same subnet as the management IP address? I apparently cannot use >>>> the >>>> management IP for the captive portal because iptables blocks HTTP(S) >>>> traffic to that IP address because it is in the ³input-management-if² >>>> chain. >>>> >>>> >>>> Thanks, >>>> Chris >>>> >>>> >>>> >>>> >>>>----------------------------------------------------------------------- >>>>-- >>>> ----- >>>> Comprehensive Server Monitoring with Site24x7. >>>> Monitor 10 servers for $9/Month. >>>> Get alerted through email, SMS, voice calls or mobile push >>>> notifications. >>>> Take corrective actions from your mobile device. >>>> http://p.sf.net/sfu/Zoho >>>> _______________________________________________ >>>> PacketFence-users mailing list >>>> [email protected] >>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >>> -- >>> Fabrice Durand >>> [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca >>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and >>>PacketFence >>> (http://packetfence.org) >>> >>> >>> >>>------------------------------------------------------------------------ >>>-- >>> ---- >>> Comprehensive Server Monitoring with Site24x7. >>> Monitor 10 servers for $9/Month. >>> Get alerted through email, SMS, voice calls or mobile push >>>notifications. >>> Take corrective actions from your mobile device. >>> http://p.sf.net/sfu/Zoho >>> _______________________________________________ >>> PacketFence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >>------------------------------------------------------------------------- >>----- >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > >-- >Fabrice Durand >[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca >Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >(http://packetfence.org) > > >-------------------------------------------------------------------------- >---- >_______________________________________________ >PacketFence-users mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
