Hello Brian,
did you try to use the same acl that we have in the documentation ?
https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_wireless_lan_controller_wlc_web_auth
This acl is more a trigger than a real acl.
Also can you paste a radius answer when you try to connect on the ssid
(Radius audit log).
Regards
Fabrice
Le 2017-10-17 à 10:30, bott a écrit :
>
> Hi Fabrice,
>
>
> Here is a screenshot of the ACL: https://imgur.com/a/Br66F
>
>
> As mentioned I can go to the portal page if I input the URL manually.
> However going to google.com doesn't forward the traffic. This is when
> I use a production DNS server.
>
>
> I've also confirmed that NAC State is "Radius NAC".
>
>
> On 2017-10-17 10:26 AM, Fabrice Durand wrote:
>>
>> Hello Brian,
>>
>>
>> the dns must be a production one.
>>
>> The wlc is suppose to intercept the http/https traffic and forward
>> you to the captive portal.
>>
>>
>> So it can be an issue with the ACL (i am not sure since you are able
>> to hit it), or a maybe you didn't enabled Radius NAC in the ssid config.
>>
>> Regards
>>
>> Fabrice
>>
>>
>>
>> Le 2017-10-17 à 09:50, bott a écrit :
>>>
>>> Actually I'm wrong, although I changed the DNS server to point to
>>> the portal page I do now get redirected, however after registration
>>> nothing works as DNS is still pointing to the portal IP and it
>>> answers every query with the portal page.
>>>
>>>
>>>
>>>
>>> On 2017-10-12 08:41 AM, Fabrice Durand wrote:
>>>>
>>>> Hello Brian,
>>>>
>>>> are you able to resolve a fqdn from your laptop ?
>>>>
>>>> What is your acl , can you show me how it look ?
>>>>
>>>> Regards
>>>> Fabrice
>>>>
>>>>
>>>> Le 2017-10-11 à 09:23, Brian Ott a écrit :
>>>>>
>>>>> Thanks for the reply Fabrice!
>>>>>
>>>>>
>>>>> Changing to HTTP doesn't alter the results, it still doesn't forward.
>>>>>
>>>>>
>>>>> Brian Ott
>>>>>
>>>>> Ontario Institute for Cancer Research
>>>>> MaRS Centre, South Tower
>>>>> 101 College Street, Suite 800
>>>>> Toronto, Ontario, Canada M5G 0A3
>>>>>
>>>>> Telephone: 647-260-7977
>>>>> Email: brian....@oicr.on.ca
>>>>> www.oicr.on.ca
>>>>>
>>>>>
>>>>>
>>>>> This message and any attachments may contain confidential and/or
>>>>> privileged information for the sole use of the intended recipient.
>>>>> Any review or distribution by anyone other than the person for
>>>>> whom it was originally intended is strictly prohibited. If you
>>>>> have received this message in error, please contact the sender and
>>>>> delete all copies. Opinions, conclusions or other information
>>>>> contained in this message may not be that of the organization.
>>>>> ------------------------------------------------------------------------
>>>>> *From:* Durand fabrice via PacketFence-users
>>>>> <packetfence-users@lists.sourceforge.net>
>>>>> *Sent:* Friday, October 6, 2017 5:54:37 PM
>>>>> *To:* packetfence-users@lists.sourceforge.net
>>>>> *Cc:* Durand fabrice
>>>>> *Subject:* Re: [PacketFence-users] Packetfence working with WLC
>>>>> 8.3.122
>>>>>
>>>>>
>>>>> Hello,
>>>>>
>>>>> can you try to set the redirect url in http instead of https ?
>>>>>
>>>>> Regards
>>>>> Fabrice
>>>>>
>>>>> Le 2017-10-06 à 16:02, bott via PacketFence-users a écrit :
>>>>>> Hello,
>>>>>>
>>>>>> We have had packetfence working on older versions and are looking
>>>>>> upgrade our WLC and Packetfence install.
>>>>>>
>>>>>>
>>>>>> From a fresh install only using "web-auth" and following the
>>>>>> provided guide on the website for the WLC controller it looks as
>>>>>> if everything is fine. I see the client connect, the ACL is sent
>>>>>> and in the client information as well as the redirect URL.
>>>>>>
>>>>>> However a few things happen:
>>>>>> 1. The user does not get redirected when attempting to browse.
>>>>>> (IE: input google.com in browser and nothing happens but a
>>>>>> timeout - no redirect)
>>>>>> 2. I can access the URL directly that is listed in the "Redirect
>>>>>> URL" on the WLC.
>>>>>>
>>>>>> The interface is different from version 6 so I'm not sure if I'm
>>>>>> missing something. I've provided screenshots here to show that it
>>>>>> looks fine:
>>>>>> https://imgur.com/a/KGjRx
>>>>>>
>>>>>> I'm not sure why its not forcing a redirect when trying to
>>>>>> browse, any help would be appreciated.
>>>>>>
>>>>>>
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Check out the vibrant tech community on one of the world's most
>>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> PacketFence-users mailing list
>>>>>> PacketFence-users@lists.sourceforge.net
>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>
>>>>
>>>> --
>>>> Fabrice Durand
>>>> fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
>>>> (http://packetfence.org)
>>>
>>
>> --
>> Fabrice Durand
>> fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
>> (http://packetfence.org)
>
--
Fabrice Durand
fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
