Make sure you apply an ACL to the SVI of your routed network. I generally use something like below: (172.20.87.1 being the IP address of your PF server's registration interface).
access-list 125 permit ip host 172.20.87.1 any access-list 125 permit icmp any host 172.20.87.1 access-list 125 permit tcp any host 172.20.87.1 eq www access-list 125 permit tcp any host 172.20.87.1 eq 443 access-list 125 permit udp any host 172.20.87.1 eq domain access-list 125 permit udp any host 255.255.255.255 eq bootps access-list 125 permit udp any host 172.20.87.1 eq bootps access-list 125 deny ip any any On Thu, Apr 23, 2015 at 1:19 PM, Chris Abel <[email protected]> wrote: > Hello All, > > I'm having a very tough time configuring PF to work on a routed network. I > seem to have most of it functioning the way it should and have checked my > configuration numerous times. > > PacketFence Server Info: > Version 5.0.1 > Debian 7.8 > > When I connect to my AP on the routed network, I am given an ip address and > DNS information by pf. When I ping any host, the returned address is the pf > server, but when I browse the web, I get through all http sites without any > issue and I'm never prompted for the captive portal page. If I browse to a > https site, I am prompted with a certificate error and if I continue, I am > prompted with my captive portal page and can register the device. This > happens with both my OSX 10.10 and android device. It does not appear to > happen on the network that the pf server sits on. > > Any help is greatly appreciated. Please let me know of any troubleshooting > techniques I can use as I am currently stuck right now. > > Thanks! > > > > IMPORTANT NOTICE: This message and any attachments are solely for the > intended recipient and may contain confidential information, which is, or > may be, legally privileged or otherwise protected by law from further > disclosure. If you are not the intended recipient, any disclosure, copying, > use, or distribution of the information included in this email and any > attachments is prohibited. If you have received this communication in error, > please notify the sender by reply email and immediately and permanently > delete this email and any attachments. > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
