Re: [Packetfence-users] DHCP Mode

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi Tim,

PacketFence should be able to do the same. What you would have to do is
1) comment the check in bin/pfcmd which generated to initial error you  
reported
2) setup dhcpd

Let us know how it goes and I'll then fix the documentation !

Dominik

On 29-Apr-09, at 10:20 AM, Wier, Timothy A. wrote:

> DNS manipulation. All web request resolve to the Netreg box so when  
> a user connects an unregistered computer the DNS server it receives  
> is the Netreg box. The Netreg box responds with the registration  
> page and the users register and reboot. The unregistered leases are  
> only 2 minutes long so by the time most computers reboot they get a  
> registered IP address with our real DNS servers.
>
> Tim
>
> -----Original Message-----
> From: Dominik Gehl [mailto:dg...@in...]
> Sent: Wednesday, April 29, 2009 9:01 AM
> To: Wier, Timothy A.
> Cc: pac...@li...
> Subject: Re: [Packetfence-users] DHCP Mode
>
> Hi Tim,
>
> I believe that it was me who wasn't clear in my question ;-)
>
> In fact, what I was interested in was the exact way your current setup
> with netreg is working. I understand that the netreg server is the
> DHCP server for all users and assigns a specific IP subnet depending
> on the nodes status. Now, when a user is placed in the 'registration'
> scope how are the users HTTP queries directed to the portal for
> registration ? Is this done using DNS manipulation, using some routing
> 'tricks' ?
>
> Thanks,
> Dominik
>
> On 29-Apr-09, at 8:56 AM, Wier, Timothy A. wrote:
>
>> Sorry I guess I didn't make myself clear. We are currently not using
>> Packetfence in a production setting yet. Our production NAC system
>> is NetReg (http://netreg.sourceforge.net/) which uses DHCP to force
>> registration through a fake DNS server. Right now Netreg allows us
>> to register devices but it cannot register game consoles
>> automatically and it doesn't support multiple authentication sources.
>>
>> I was looking at Packetfence for these features but was hoping DHCP
>> mode would operate like NetReg so we would not have to make as big
>> of a change to the network. In DHCP mode does Packetfence become the
>> gateway for all subnets or just the registration subnet?
>>
>> Tim
>>
>> -----Original Message-----
>> From: Dominik Gehl [mailto:dg...@in...]
>> Sent: Tuesday, April 28, 2009 7:10 PM
>> To: Wier, Timothy A.
>> Cc: pac...@li...
>> Subject: Re: [Packetfence-users] DHCP Mode
>>
>> Hi Tim,
>>
>>> We are currently using NetReg for our registration needs so we are
>>> coming from a setup where we could have a single server sit on the
>>> server subnet but still perform DHCP for all client subnets using
>>> DHCP relay on the routers to forward the requests. I was looking
>>> into DHCP mode to make the conversion from NetReg to Packetfence
>>> less drastic. Some of the issues I'm trying to address are automatic
>>> registration for game consoles, detection of SOHO routers, multiple
>>> authentication sources.
>>
>> How are you currently handling registration when PacketFence is not  
>> in
>> registration subnet ? Do you use a 'fake' DNS server in the
>> registration subnet in order to resolve all name queries to
>> PacketFence's IP ?
>>
>>> The other problem I can see us having is that we have VLANs that are
>>> specific to each building so I would need to make some modifications
>>> so that the user would get the right VLAN depending on which
>>> building they plugged into. I noticed this seemed pretty easy to do
>>> just haven't looked into it yet.
>>
>> This can be done using the custom_getCorrectVlan function in /usr/
>> local/pf/lib/pf/vlan.pm (just override it in /usr/local/pf/lib/pf/
>> vlan/
>> custom.pm).
>>
>> Dominik
>>
>>
>>
>>
>>
>