We are implementing PF in VLAN Enforcement mode, with the active/standby PF
servers in a central data center, which is remote from the campuses
containing the switches and wireless controllers that are its clients.
My reading of the available documentation and forum posts suggests that not
only must I configure registration and isolation network interfaces,
separate from the management interface, but that these must be reachable on
the network, and these serve as targets for DNS, DHCP, and captive portal
traffic on the registration and isolation networks, respectively.
I would prefer to just direct all this traffic to the management IP
address, if possible, rather than configure VLANs and IP subnets for
registration and isolation networks in the central data center. Do I
understand this requirement correctly, and is it an option to serve DNS,
DHCP (via IP helper), and captive portal traffic only through the
management interface's IP address?
Dale Whiteaker-Lewis
Security Engineering Lead
Indeed, Inc.
------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
