Oh I see. Thanks. I have completely confused the modes here. So for me Out of
Band is of no use. How do I NAT traffic coming on eth1 (all the clients) on to
eth0? Is that possible inline mode?
So far I have done the following...iptables -t nat -A POSTROUTING -o eth0 -j
MASQUERADEiptables -A FORWARD -i eth0 -o eth1 -m state --state
RELATED,ESTABLISHED -j ACCEPTiptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
net.ipv4.ip_forward = 1
But this doesn't work. Clients have eth1 as their default gateway after
authentication. Here's my routing information
route-eth1172.31.30.0/24 dev eth1 src 172.31.30.X table TEST1default via
172.31.30.1 dev eth1 table TEST1
route-eth0172.25.30.0/24 dev eth0 src 172.25.30.X table WEBdefault via
172.25.30.1 dev eth0 table WEB
rule-eth1from 172.31.30.X table TEST1
rule-eth0from 172.25.30.X table WEB
From: [email protected]
Date: Fri, 24 Apr 2015 12:37:07 -0400
To: [email protected]
Subject: Re: [PacketFence-users] Out of Band explanation
Hi Andy,I think you are confusing a few things.
Out of band mode is by definition a mode where traffic does not flow through
the PacketFence server.You are expected to return a VLAN id, role or ACL
(whichever is actually supported by the NAS, switch or AP).
What devices are allowed to do in that VLAN (for instance) is up to you. You
are supposed to be providing DHCP in that VLAN (therefore assigning the default
gateway) and access limitations are yours to configure.
Regards,
--Louis Munro
[email protected] :: www.inverse.ca
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
On Apr 24, 2015, at 12:27 , Andy A <[email protected]> wrote:Hi.
In out of band mode, how do I make sure that after authentication, the user has
access to the internet? I am a little confused around isolation and
registration VLANs.eth0 is the outside interface, and eth1 is the internal
interface. I have defined eth1.30 (isolated) eth1.50(registration) and eth1 as
management interfaces. Only eth0 is connected to the outside world. The default
gateway is defined on eth0.
Can someone explain?
Thanks.------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
