What I want to accomplish with this is basically to provode packetfence Captive Portal registration on routed Network. So this is use case: User connects to the Open WiFi SSID with MAC authentication and 802.1x, and Packetfence assigns to it Pre-Auth access list where he cannot access internet until registered. After he has been registered packetfence assigns Authorize_any access list, where he is granted internet access. Is this possible on the routed Network which uses production DHCP and DNS?
---- On Thu, 03 Jan 2019 16:09:29 +0100 Kalcho <[email protected]> wrote ---- > Hello all, > > I have configured Web Authentication for Cisco WLC as described in Network > Devices Guide. > I am using network 192.168.1.0/24 for this WiFi SSID, which is open with Mac > filtering. > I am using two access list Pre-Auth-For-WebRedirect-PF and Authorize_any. > I have added WLC in the packetfence, and activated "Role by Switch Role": > registration->Pre-Auth-For-WebRedirect-PF, and default->Authorize_any. > > These two access lists are defined on the WLC. > Authorize_any permits everything, while Pre-Auth-For-WebRedirect-PF > 1. permits DNS traffic > 2. permits DHCP traffic > 3. permit packets to Packetfence management interface as destination and > source. > > I have also added portal role on management interface. > Management interface is on 172.16.0.10. > VLAN which is assigned to WiFi SSID interface uses network 192.168.1.0/24 > which is routable and uses production DHCP hosted on L3 switch. Also it uses > production DNS servers. > > Clients when connected receive correct DHCP address. > I am having problem that not being redirected to the captive portal > automatically. I can open it in browser, but no redirection. I guess this > has something to do with the fact I am not using packetfence DHCP and DNS. > > > _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
