Hi there, Trying to work out how to get PF to work as NAT/Firewall to the internet whilst doing Radius and VLAN enforcement.
Is this possible? Reading the documentation, it appears that the current version will work in hybrid mode (A combination of both) but seems to be for "flat" networks on switches that can not be managed. I run a wireless network controller, where visitors connect to an SSID (Assigned to a specific VLAN). This VLAN has no Internet access. Authentication is 802.1x. Once authenticated, visitor is directed to one of a number of predetermined VLAN's by PF. Each of the VLAN's shall have Internet access through the same PF box. PF tells Ruckus to put the visitor in the assigned VLAn. DHCP is used on the initial connection and each of the VLAN's shall have their own DHCP scope. I have done this before using FreeRadius with DaloRadius and a Ruckus controller, configured manually on CentOS 7.3 with Firewall/NAT. That solution is lacking some of the nice extra stuff integrated in PF. Whilst not expecting someone to give me the whole solution, I am looking for some pointers and confirmation that PF is suitable for what I want to do. Thanks in advance Tony _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
