I don't have any ACLs between my routed network and the network PF is on. I
allow everything so I know this is not an ACL issue.
This is a routed out of band set up. I followed the PF Administration Guide
on page 25. Are there any logs that may be helpful to look at?
On Thu, Apr 23, 2015 at 5:16 PM, Tyler Conrad <[email protected]> wrote:
> Make sure you apply an ACL to the SVI of your routed network. I generally
> use something like below:
> (172.20.87.1 being the IP address of your PF server's registration
> interface).
>
> access-list 125 permit ip host 172.20.87.1 any
>
> access-list 125 permit icmp any host 172.20.87.1
>
> access-list 125 permit tcp any host 172.20.87.1 eq www
>
> access-list 125 permit tcp any host 172.20.87.1 eq 443
>
> access-list 125 permit udp any host 172.20.87.1 eq domain
>
> access-list 125 permit udp any host 255.255.255.255 eq bootps
>
> access-list 125 permit udp any host 172.20.87.1 eq bootps
>
> access-list 125 deny ip any any
>
> On Thu, Apr 23, 2015 at 1:19 PM, Chris Abel <[email protected]>
> wrote:
>
>> Hello All,
>>
>> I'm having a very tough time configuring PF to work on a routed network.
>> I seem to have most of it functioning the way it should and have checked my
>> configuration numerous times.
>>
>> PacketFence Server Info:
>> Version 5.0.1
>> Debian 7.8
>>
>> When I connect to my AP on the routed network, I am given an ip address
>> and DNS information by pf. When I ping any host, the returned address is
>> the pf server, but when I browse the web, I get through all http sites
>> without any issue and I'm never prompted for the captive portal page. If I
>> browse to a https site, I am prompted with a certificate error and if I
>> continue, I am prompted with my captive portal page and can register the
>> device. This happens with both my OSX 10.10 and android device. It does not
>> appear to happen on the network that the pf server sits on.
>>
>> Any help is greatly appreciated. Please let me know of any
>> troubleshooting techniques I can use as I am currently stuck right now.
>>
>> Thanks!
>>
>>
>>
>> IMPORTANT NOTICE: This message and any attachments are solely for the
>> intended recipient and may contain confidential information, which is, or
>> may be, legally privileged or otherwise protected by law from further
>> disclosure. If you are not the intended recipient, any disclosure, copying,
>> use, or distribution of the information included in this email and any
>> attachments is prohibited. If you have received this communication in
>> error, please notify the sender by reply email and immediately and
>> permanently delete this email and any attachments.
>>
>> ------------------------------------------------------------------------------
>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>> Develop your own process in accordance with the BPMN 2 standard
>> Learn Process modeling best practices with Bonita BPM through live
>> exercises
>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>> event?utm_
>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>> _______________________________________________
>> PacketFence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>
>
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
Chris Abel
Systems and Network Administrator
Wildwood Programs
2995 Curry Road Extension
Schenectady, NY 12303
518-836-2341
--
IMPORTANT NOTICE: This message and any attachments are solely for the
intended recipient and may contain confidential information, which is, or
may be, legally privileged or otherwise protected by law from further
disclosure. If you are not the intended recipient, any disclosure, copying,
use, or distribution of the information included in this email and any
attachments is prohibited. If you have received this communication in
error, please notify the sender by reply email and immediately and
permanently delete this email and any attachments.
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
