Hi Antoine, could you give me a hint where in the code / in which PM the trapping and decision what DNS configuration to use takes place?
Thanks, Till On 14.07.2016 16:09, [email protected] wrote: > Hello Antoine, > > thank you for your reply. > > Our client has several locations using Packetfence, and he wanted a > centralized server for CP with a customizable CMS. So we are using > mod_proxy directive in captive-portal-common.tt to forward requests to > this centralized CP. > > We already tested the pass through configuration which works fine. But > sadly it is not really an option for because this implies that there is > always access to Facebook, Google, Twitter etc. > Sadly, most of the login screens of these social networks use the > www.xxx.com domain name and also refer to a lot of external resources > for JS, images etc. Because of this it is not possible to disable access > to Facebook for example in general, but allow access to the login screen > of facebook. This only could be done with firewall rules on the protocol > / HTTP level. > > So we decided to give the users temporary access to the Internet when > they decide to get verified by social networks. > > I wonder if pfdns and trapping mechanism could be configured to sent the > right local IP address for CP name resolution and forwards all other > requests to the external DNS. > > Thanks, > Till > > > > On 14.07.2016 15:11, Antoine Amacher wrote: >> Hello Till, >> >> I am not sure how your authentication by social media is working but why >> not use OAuth2 sources? >> >> You could also add any domains you want to authorize to the pass through >> list, in this way people will be in the registration VLAN with access to >> authorized sites. If you need sites to enable for your social media >> access, you can check in the OAuth sources, each have a predefined list. >> >> Thanks >> >> On 07/14/2016 12:03 AM, [email protected] wrote: >>> Hi there, >>> >>> We wrote our own captive portal, which allows the user to get verified >>> by social networks. For this reason we give him temporary access first >>> so he can reach the social network login pages. >>> >>> But now we have the problem that he can not be directed back to the >>> captive portal as long as he as the temporary Internet access. The >>> reason is that DNS resolution of captive portal (i.e. PF server) does >>> not work anymore. >>> >>> Because we are using a public DNS server, we can not add the captive >>> portal IP (which is a local one in the LAN) to this DNS. >>> >>> Is there a way to tell Packetfence to continue trapping and resolving >>> DNS requests of the captive portal's name, as long as we grant temporary >>> Internet access to the user? >>> This would solve our problem. >>> >>> Or is there another way to resolve the PF name without using a local DNS? >>> >>> Best regards, >>> Till >>> >>> ------------------------------------------------------------------------------ >>> What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic >>> patterns at an interface-level. Reveals which users, apps, and protocols are >>> consuming the most bandwidth. Provides multi-vendor support for NetFlow, >>> J-Flow, sFlow and other flows. Make informed decisions using capacity >>> planning >>> reports.http://sdm.link/zohodev2dev >>> _______________________________________________ >>> PacketFence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic > patterns at an interface-level. Reveals which users, apps, and protocols are > consuming the most bandwidth. Provides multi-vendor support for NetFlow, > J-Flow, sFlow and other flows. Make informed decisions using capacity planning > reports.http://sdm.link/zohodev2dev > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports.http://sdm.link/zohodev2dev _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
