Now I have the vlan_filters in front of me, does this look doable? [reg_devices] filter = node_info operator = is attribute = status value = reg
[reg_network] filter = ssid operator = is value = setup_wifi [block_reg_devices:reg_devices®_network] role = blocked Cheers, Andi From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk] Sent: 03 November 2015 20:08 To: packetfence-users@lists.sourceforge.net Subject: [PacketFence-users] Registered devices sitting in captive portal Hi all, I'm still having a large problem with devices sitting in my captive portal, and as such using up a lot of PF resources. With others help on here I've setup a violation that I can trigger if I see a device sitting in there for too long, and I've managed to get any long term devices off the network in that way, but the main problem I'm getting is with devices that are setup and registered for my main SSID, however the setup SSID isn't forgotten on the device, which means that as users roam around the devices switch between networks frequently. There are simply too many of these devices for me to capture and notify the users manually (20,000 registered devices, 3000 main SSID and 500 in setup SSID during peak times). Is there a way, and is it advisable, to block a device from the registration network once it is registered? Perhaps using vlan filters? Something like (rough pseudo code sorry, I don't have the filters in front of me): If SSID = setup_network device = registered then role = blocked Then outside of vlan filters the blocked role assigns the vlan of -1 in switches.conf? I know that if a device then need to get setup again they will need to contact our helpdesk to get them unregistered (I can't get status page working here), but at the moment I think that's a better solution than having the PF box run out of CPU during peak hours. Cheers, Andi ________________________________ [Image removed by sender. Cardiff Metropolitan University - 150 years of nurturing talent]<http://www.cardiffmet.ac.uk/cardiffmet150>
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
