Hello (new to the forum) - I've been tasked with a captive portal replacement for our companies currently paid solution - sure we all know the 'green monster' with an 'X'.
I've read through deployment and admin guides but our needs require a very vanilla offering to our customers - hospitality industry. Although a base solution of deploying PF as in-line will work we are looking for a more complete solution (not a fan of the bridged network similarity of our current solution). It seems we need a hybrid of the 2 options from web configurator. 99% of traffic will be wireless based, one offs for wired based on network printers and the like. We are a 100% Cisco house aside from our linux monitoring servers - i.e. Routers, WLC, switches, APs, etc.... Our overview of needs: 1. Captive Portal - user created login portal & portal with auto redirect (no login needed but url redirect required for 'sponsored wifi') 2. Assign portals based on access port (vlan) or Vlan assigned SSID (WLC) - DHCP assigned by our server, user is 'caught' by PF to authenticate and once registered is allowed to pass to the internet. Is PF capable: 1. Most clients will not have 802.1x logins but PF created logins - we do not need PF to manage switches or APs - unless its required to accomplish our goals. This is not preferred due to the size of our network hardware infrastructure and client footprint. 2. Assigning captive portals based on vlan of client (or even SSID) - so we can trunk to PF (allow portal vlans) and it tags traffic to correct captive portal. Is this the filter feature on portal configuration, if not how/possible? 3. Can it create micro-flow policy on user traffic, I see iptables/tc being used for user traffic shapping (in-line) but it is applied as a whole (on user group) not per user IP:MAC based on my testing. Not a huge obstacle as if we can use our VLANs structure micro-flow is applied through our layer 3 catalyst. *one note is we use converged access WLC - not as mature as WLC guide to Airespace. Though its radius/AAA configuration is similar not entirely sure it deploys the same. Thanks in advance and apologies if this is redundant thread anywhere - just trying to see if PF is worth the investment or is another solution needed. - Cory
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
