Are you doing inline routed or routed out of band with routes registration
and isolation?
Sent from my iPhone
On Apr 23, 2015, at 6:22 PM, Tyler Conrad <[email protected]> wrote:
Make sure you apply an ACL to the SVI of your routed network. I generally
use something like below:
(172.20.87.1 being the IP address of your PF server's registration
interface).
access-list 125 permit ip host 172.20.87.1 any
access-list 125 permit icmp any host 172.20.87.1
access-list 125 permit tcp any host 172.20.87.1 eq www
access-list 125 permit tcp any host 172.20.87.1 eq 443
access-list 125 permit udp any host 172.20.87.1 eq domain
access-list 125 permit udp any host 255.255.255.255 eq bootps
access-list 125 permit udp any host 172.20.87.1 eq bootps
access-list 125 deny ip any any
On Thu, Apr 23, 2015 at 1:19 PM, Chris Abel <[email protected]>
wrote:
> Hello All,
>
> I'm having a very tough time configuring PF to work on a routed network. I
> seem to have most of it functioning the way it should and have checked my
> configuration numerous times.
>
> PacketFence Server Info:
> Version 5.0.1
> Debian 7.8
>
> When I connect to my AP on the routed network, I am given an ip address
> and DNS information by pf. When I ping any host, the returned address is
> the pf server, but when I browse the web, I get through all http sites
> without any issue and I'm never prompted for the captive portal page. If I
> browse to a https site, I am prompted with a certificate error and if I
> continue, I am prompted with my captive portal page and can register the
> device. This happens with both my OSX 10.10 and android device. It does not
> appear to happen on the network that the pf server sits on.
>
> Any help is greatly appreciated. Please let me know of any troubleshooting
> techniques I can use as I am currently stuck right now.
>
> Thanks!
>
>
>
> IMPORTANT NOTICE: This message and any attachments are solely for the
> intended recipient and may contain confidential information, which is, or
> may be, legally privileged or otherwise protected by law from further
> disclosure. If you are not the intended recipient, any disclosure, copying,
> use, or distribution of the information included in this email and any
> attachments is prohibited. If you have received this communication in
> error, please notify the sender by reply email and immediately and
> permanently delete this email and any attachments.
>
> ------------------------------------------------------------------------------
> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
> Develop your own process in accordance with the BPMN 2 standard
> Learn Process modeling best practices with Bonita BPM through live
> exercises
> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
> event?utm_
> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
