any role configured on a different subnet other than the native subnet
where the captive portal is located will not work.
So, what i do have working is my Fac-Staff SSID which is on VLAN 4/
10.4.0.0/24
captive portal is located at: 10.4.0.3
WLC is configured at Network | Switches | and is configured to do Role by
Switch Role, where WLC ACL’s are entered to define Registration and then
Fac-Staff access upon registration.
The Portal URL is in the Fac-Staff registration network - IP address, in
this case: 10.4.0.3
So, the problem I’m running into, is that i want Guests on a different
subnet and SSID other than where Fac-Staff reside. So I create a new
interface, on a different subnet, as: Type - Registration, and configure a
new SSID on the WLC side.
So, for now, I configure the WLC under switches with the same ACL’s as
Fac-Staff for the Guest role - just for simplicity i’m using the same ACL’s
for now, since I know they work.
The Guest network info is: vlan 5 | 10.5.0.0
So, when logging on as guest, it appears as though a redirect attempts to
happen, but doing a port scan shows that a computer attached to the guest
SSID does not have http/https available to them on 10.4.0.3 - the captive
portal.
looking at the PF iptables config, it appears as though there is a variable
that says any registration network should have access to the captive
portal. but that seems t not be the case.
So, why am i trying to configure this?
with guests on a different vlan, i can very easily control the bandwidth
available to them in multiple places - from the WLC, from the core
switches, or from our NetEnforcer.
Basic network configuration is correct: PF can ping guest network gateway
and WLC interfaces as well.
But, it seems to me like its definitely in IPTables, but I'm hesitant to
make changes in case what i'm trying to accomplish is way off base.
Hopefully its somewhat clear what i’m trying to do here, any ideas?
--
Justin Nelson
Network Engineer
Augustana College
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
