Hi Everyone,
I've recently deployed PF 6.5.1 with pretty good success. I'm running in a
basic captive-portal setup, with my users connecting to an SSID, and
getting presented with a captive portal page. They log in, which is checked
against AD via LDAP, and then get re-directed to their operational VLAN.
The setup is such that the registration is valid for 5 days, after which my
intent is that they should have to re-agree to the ToS, and log in again to
get another 5 days of access.
It's this latter part that is causing me issues with iOS devices. As the
first batch of registrations has timed out, for whatever reason my users
that are using iPhones and iPads and the like aren't getting the captive
portal again, or so is being reported to me. I've looked at the PF logs,
and it appears that they are being appropriately deregistered and sent back
to the registration VLAN.
This smells to me like it is an interaction between DHCP lease time, DHCP
implementation, and changing the network out underneath the client. On my
operational network (VLAN 12), DHCP is serviced by a pair of Windows Server
2012 DHCP servers running in high availability/failover mode. The lease
time there is set for 1 day. I have the packetfence DHCP forwarder running
on both of these servers, which are the servers for my entire network. The
exception is on my registration VLAN, which is served by Packetfence, and
issuing 30 second leases.
Conversely, when I manually deregister a node through the administration
interface, they get kicked back to the captive portal pretty quickly. Is
there a difference in the way that this happens?
Any thoughts on how to resolve this would be appreciated.
Regards,
Hans
--
---------------------------------------------
Hans Johnson ([email protected])
B.ASc, Computer Engineering
Simon Fraser University
... Si hoc legere scis numium eruditionis habes. -- Anonymous
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
