From: Dominik G. <dg...@in...> - 2009-04-29 15:47:15
|
Hi Tim, PacketFence should be able to do the same. What you would have to do is 1) comment the check in bin/pfcmd which generated to initial error you reported 2) setup dhcpd Let us know how it goes and I'll then fix the documentation ! Dominik On 29-Apr-09, at 10:20 AM, Wier, Timothy A. wrote: > DNS manipulation. All web request resolve to the Netreg box so when > a user connects an unregistered computer the DNS server it receives > is the Netreg box. The Netreg box responds with the registration > page and the users register and reboot. The unregistered leases are > only 2 minutes long so by the time most computers reboot they get a > registered IP address with our real DNS servers. > > Tim > > -----Original Message----- > From: Dominik Gehl [mailto:dg...@in...] > Sent: Wednesday, April 29, 2009 9:01 AM > To: Wier, Timothy A. > Cc: pac...@li... > Subject: Re: [Packetfence-users] DHCP Mode > > Hi Tim, > > I believe that it was me who wasn't clear in my question ;-) > > In fact, what I was interested in was the exact way your current setup > with netreg is working. I understand that the netreg server is the > DHCP server for all users and assigns a specific IP subnet depending > on the nodes status. Now, when a user is placed in the 'registration' > scope how are the users HTTP queries directed to the portal for > registration ? Is this done using DNS manipulation, using some routing > 'tricks' ? > > Thanks, > Dominik > > On 29-Apr-09, at 8:56 AM, Wier, Timothy A. wrote: > >> Sorry I guess I didn't make myself clear. We are currently not using >> Packetfence in a production setting yet. Our production NAC system >> is NetReg (http://netreg.sourceforge.net/) which uses DHCP to force >> registration through a fake DNS server. Right now Netreg allows us >> to register devices but it cannot register game consoles >> automatically and it doesn't support multiple authentication sources. >> >> I was looking at Packetfence for these features but was hoping DHCP >> mode would operate like NetReg so we would not have to make as big >> of a change to the network. In DHCP mode does Packetfence become the >> gateway for all subnets or just the registration subnet? >> >> Tim >> >> -----Original Message----- >> From: Dominik Gehl [mailto:dg...@in...] >> Sent: Tuesday, April 28, 2009 7:10 PM >> To: Wier, Timothy A. >> Cc: pac...@li... >> Subject: Re: [Packetfence-users] DHCP Mode >> >> Hi Tim, >> >>> We are currently using NetReg for our registration needs so we are >>> coming from a setup where we could have a single server sit on the >>> server subnet but still perform DHCP for all client subnets using >>> DHCP relay on the routers to forward the requests. I was looking >>> into DHCP mode to make the conversion from NetReg to Packetfence >>> less drastic. Some of the issues I'm trying to address are automatic >>> registration for game consoles, detection of SOHO routers, multiple >>> authentication sources. >> >> How are you currently handling registration when PacketFence is not >> in >> registration subnet ? Do you use a 'fake' DNS server in the >> registration subnet in order to resolve all name queries to >> PacketFence's IP ? >> >>> The other problem I can see us having is that we have VLANs that are >>> specific to each building so I would need to make some modifications >>> so that the user would get the right VLAN depending on which >>> building they plugged into. I noticed this seemed pretty easy to do >>> just haven't looked into it yet. >> >> This can be done using the custom_getCorrectVlan function in /usr/ >> local/pf/lib/pf/vlan.pm (just override it in /usr/local/pf/lib/pf/ >> vlan/ >> custom.pm). >> >> Dominik >> >> >> >> >> > |