Hello, Thank you for your answer. pfdns is runing. In fact, I have solved the issue by modifying the hostname (packetfence) in the captive portal settings, it was not matching username (user) runing packetfence on the machine. So now I can see the registration page but the demouser/demouser username/password is not working. I manually register the computer in the packetfence web UI but when I try to access a website (let's say www.packetfence.com) then nothing happens.
If I tcpdump on the inline interface of the packetfence machine while trying to access a website on the registered computer (192.168.10.11): 15:05:49.864959 IP 192.168.30.11.47679 > 104.25.160.20.80: Flags [S], seq 3801662405, win 29200, options [mss 1460,sackOK,TS val 1580628 ecr 0,nop,wscale 7], length 0 15:05:50.114961 IP 192.168.30.11.47680 > 104.25.160.20.80: Flags [S], seq 855267102, win 29200, options [mss 1460,sackOK,TS val 1580690 ecr 0,nop,wscale 7], length 0 15:05:50.863602 IP 192.168.30.11.47679 > 104.25.160.20.80: Flags [S], seq 3801662405, win 29200, options [mss 1460,sackOK,TS val 1580878 ecr 0,nop,wscale 7], length 0 15:05:51.111583 IP 192.168.30.11.47680 > 104.25.160.20.80: Flags [S], seq 855267102, win 29200, options [mss 1460,sackOK,TS val 1580940 ecr 0,nop,wscale 7], length 0 15:05:52.867584 IP 192.168.30.11.47679 > 104.25.160.20.80: Flags [S], seq 3801662405, win 29200, options [mss 1460,sackOK,TS val 1581379 ecr 0,nop,wscale 7], length 0 15:05:53.115568 IP 192.168.30.11.47680 > 104.25.160.20.80: Flags [S], seq 855267102, win 29200, options [mss 1460,sackOK,TS val 1581441 ecr 0,nop,wscale 7], length 0 15:05:56.871534 IP 192.168.30.11.47679 > 104.25.160.20.80: Flags [S], seq 3801662405, win 29200, options [mss 1460,sackOK,TS val 1582380 ecr 0,nop,wscale 7], length 0 15:05:57.127536 IP 192.168.30.11.47680 > 104.25.160.20.80: Flags [S], seq 855267102, win 29200, options [mss 1460,sackOK,TS val 1582444 ecr 0,nop,wscale 7], length 0 15:06:00.663503 IP 192.168.30.11.57658 > 91.109.29.120.443: Flags [S], seq 392423075, win 29200, options [mss 1460,sackOK,TS val 1583328 ecr 0,nop,wscale 7], length 0 15:06:04.887596 IP 192.168.30.11.47679 > 104.25.160.20.80: Flags [S], seq 3801662405, win 29200, options [mss 1460,sackOK,TS val 1584384 ecr 0,nop,wscale 7], length 0 15:06:05.143599 IP 192.168.30.11.47680 > 104.25.160.20.80: Flags [S], seq 855267102, win 29200, options [mss 1460,sackOK,TS val 1584448 ecr 0,nop,wscale 7], length 0 15:06:05.671642 ARP, Request who-has 192.168.30.67 tell 192.168.30.11, length 46 15:06:05.671655 ARP, Reply 192.168.30.67 is-at 80:3f:5d:09:64:9b, length 28 15:06:20.919680 IP 192.168.30.11.47679 > 104.25.160.20.80: Flags [S], seq 3801662405, win 29200, options [mss 1460,sackOK,TS val 1588392 ecr 0,nop,wscale 7], length 0 15:06:21.175617 IP 192.168.30.11.47680 > 104.25.160.20.80: Flags [S], seq 855267102, win 29200, options [mss 1460,sackOK,TS val 1588456 ecr 0,nop,wscale 7], length 0 15:06:53.015537 IP 192.168.30.11.47679 > 104.25.160.20.80: Flags [S], seq 3801662405, win 29200, options [mss 1460,sackOK,TS val 1596416 ecr 0,nop,wscale 7], length 0 15:06:53.271520 IP 192.168.30.11.47680 > 104.25.160.20.80: Flags [S], seq 855267102, win 29200, options [mss 1460,sackOK,TS val 1596480 ecr 0,nop,wscale 7], length 0 15:06:58.023654 ARP, Request who-has 192.168.30.67 tell 192.168.30.11, length 46 15:06:58.023673 ARP, Reply 192.168.30.67 is-at 80:3f:5d:09:64:9b, length 28 15:07:05.505654 IP 192.168.30.11.49385 > 195.154.74.39.23232: Flags [S], seq 777144145, win 29200, options [mss 1460,sackOK,TS val 1599538 ecr 0,nop,wscale 7], length 0 15:07:06.503611 IP 192.168.30.11.49385 > 195.154.74.39.23232: Flags [S], seq 777144145, win 29200, options [mss 1460,sackOK,TS val 1599788 ecr 0,nop,wscale 7], length 0 15:07:08.507574 IP 192.168.30.11.49385 > 195.154.74.39.23232: Flags [S], seq 777144145, win 29200, options [mss 1460,sackOK,TS val 1600289 ecr 0,nop,wscale 7], length 0 [...] The default gateway on the registered device is packetfence (192.168.30.67). The resolv.conf looks like: domain inline2.mydomain.com search inline2.mydomain.com nameserver 192.168.30.253 <= my router Where am I wrong ? 2015-12-21 14:55 GMT+01:00 Fabrice DURAND <[email protected]>: > Hello Mathieu, > > can you check if pfdns is running ? , if no then restart it (pfcmd > service pfdns restart) > > > Regards > Fabrice > > Le 2015-12-21 04:26, Mathieu Fourcroy a écrit : > > Hello, > > > > I'm new to packetfence software and to NAC softwares. Packetfence > > looks like a very great open source NAC and I am trying to set it up > > using inline enforcement mode. > > > > I set up the two networks: > > - managment: 192.168.30.0/24 <http://192.168.30.0/24> > > - inline: 192.168.10.0/24 <http://192.168.10.0/24> > > > > I have a machine on the manament network so I have step through the > > configurator and then I connect another machine in the inline network. > > The computer successfully get an IP address from the Packetfence's > > DHCP: 192.168.10.10. > > I can ping the Packetfence machine (192.168.10.67) but when I try to > > access an HTTP website I am not redirected to the captive portal. > > If I try to browse to 192.168.10.67 I am redirected to > > > https://packetfence.pf.com/captive-portal?destination_url=http://192.168.10.67/&; > > but the address is unreachable. > > > > On the Packetfence machine, the captive portal settings are: > > IP: 192.168.10.67 > > IMG path: /common/network-access-detection.gif > > > > The rest is leave as default. > > > > Thank you in advance for your help. > > > > > > > ------------------------------------------------------------------------------ > > > > > > _______________________________________________ > > PacketFence-users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > -- > Fabrice Durand > [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence ( > http://packetfence.org) > > > > ------------------------------------------------------------------------------ > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > >
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
