+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 43
How do you do....it? Thread, BYOD with Smoothwall and Ruckus in Technical; ...
  1. #16
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    The auth in ruckus is authenticating against AD which is working fine. I am stuck on trying to get the smoothwall auth page to display. Ive set up transparent proxies with ssl page with cookie but no luck. Just to make sure ive got it right...
    192.168.12.1:80 ¦ everyone, byod-staff ¦ SSL page within session

    Ive seen that my test devices are trying to access 192.168.12.1/..../login.asp which i suppose is the login page but nothing is displaying.

    Ive not been into guardian to check the new interfaces, ive only been into the web proxy side.

  2. #17
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    761
    Thank Post
    176
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    It's your ruckus config....

    In guest access on the zonedirector you need to put in exceptions for the smoothwall ips. I suspect you have client isolation on (which is a good idea) but by default the ruckus security blocks ips including the auth page.

  3. Thanks to robk from:

    timbo343 (7th March 2013)

  4. #18
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    Ahhh ok, so if i add 192.168.12.1 and 192.168.16.1 to the security policy and set to.allow it should work. Am i right in thinking this is where the private ip ranges are set to deny?

  5. #19
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    761
    Thank Post
    176
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    Yes that's it. It in the guest access tab in ruckus.

  6. #20
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    Will have a look tomorrow, thanks rob, getting there slowly

  7. #21

    Join Date
    Mar 2008
    Location
    Midlands
    Posts
    119
    Thank Post
    0
    Thanked 21 Times in 20 Posts
    Rep Power
    17
    I had to allow access from the port2 interface to port 80 and 442 - System - Administration - External Access . Otherwise the SSL page doesnt show. Strange thing is you can ping Google for instance but cant browse until you follow this step.

  8. Thanks to AliG from:

    timbo343 (7th March 2013)

  9. #22
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    Right ok. Today i have added 192.168.12.0/22 | Allow and 192.168.16/21 | Allow to Guest Access >> Restricted Subnet Access in my ruckus config.

    Thanks to @AliG, ive added in smoothwall System >> Administration >> External Access

    Interface | Source | Service | Enabled
    Port 1-1_BYOD-Staff | 192.168.12.0/22 | Other web access on HTTP (80) | Enabled
    Port 1-1_BYOD-Staff | 192.168.12.0/22 | Other web access on HTTPS (442) | Enabled
    Port 1-2_BYOD-Student | 192.168.16.0/21 | other web acess on HTTP (80) | Enabled
    Port 1-2_BYOD-Student | 192.168.16.0/21 | other web access on HTTPS (442) | Enabled

    This displays the ssl login, which when i use a test login works and i can see them in Services >> Authentication >> User Activity however i cannot browse to any sites.

    @robk i have checked Guardian >> Web filter >> location blocking and the 2 locations in there are set to allowed

    There must be something i am missing.

  10. #23
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    761
    Thank Post
    176
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    Is dns working on the client?

    Trying to think what's missing. We don't seem that far off working!

  11. #24
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    DNS seems to be kinda working. I cannot get to google however i can get to bbc but can get to google via ip address and then search in google. Oh, i cannot get to gmail.com either.

    The DNS settings on the client are 8.8.8.8 and 8.8.4.4.

    The DNS settings on the Smoothie are 8.8.8.8 and 8.8.4.4.

  12. #25
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    761
    Thank Post
    176
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    Ok does nslookup work on the client? To me it sounds like dns is blocked. I added zone bridging rules, but I think in your case I would recommend dns proxy.

    For dns proxy you turn the service on and set dns in dhcp to the smoothie ip for the subnet.

  13. #26
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    nslookup on the client gives:

    Nslookup google.co.uk
    Server: google-public-dns-a.google.com
    Address: 8.8.8.8

    Non-authoritative answer:
    Name: google.co.uk
    addresses: 173.194.44.84, 173.194.44.88, 173.194.44.95

    Also, i can ping google.co.uk and it pings fine.

    Im my Services >> DNS >> DNS Proxy i have got:

    Interfaces:
    Port1 - Main network domain = ticked
    Port 1-1_BYOD-Staff = Ticked
    Port 1-2_BYOD_Student = Ticked

    Advanced
    Forward SRV & SOA Records = Not ticked

    Just changed DHCP settings so in Services >> DHCP >> DHCP Services they now read for BYOD-Staff
    Network: 192.168.12.0
    Netmask: 255.255.252.0
    Primary DNS: 172.16.24.8
    Default Gateway: 192.168.12.1
    Enabled: Ticked

    - Tested... nslookup:
    cannot find server for address 172.16.24.8

    Setting Pri DNS back to 8.8.8.8

  14. #27
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    @robk

    Just an update on this...
    just tried it on my phone and google works fine however on a Windows XP laptop, it doesn't.... strange??

  15. #28

    Join Date
    Oct 2007
    Location
    Northamptonshire
    Posts
    311
    Thank Post
    20
    Thanked 82 Times in 69 Posts
    Rep Power
    45
    If you're using IE on the XP laptop it won't support transparent HTTPS connections if HTTPS filtering is turned on for the web proxy auth method. Try using Firefox/Chrome etc and https google/gmail should work.

    Have a look at the web filter logs, if it says something along the lines of "Transparent HTTPS connection not supported by web client" then that's the issue.

  16. Thanks to Ashm from:

    timbo343 (7th March 2013)

  17. #29
    timbo343's Avatar
    Join Date
    Dec 2005
    Location
    Leeds/York area, North Yorkshire
    Posts
    3,035
    Thank Post
    305
    Thanked 293 Times in 203 Posts
    Rep Power
    120
    AH HA!

    Working now ive turned off HTTPS.

    Thank you all especailly @robk.

  18. #30
    robk's Avatar
    Join Date
    Nov 2005
    Location
    Ashbourne
    Posts
    761
    Thank Post
    176
    Thanked 130 Times in 109 Posts
    Blog Entries
    1
    Rep Power
    48
    Glad to hear its all working! And documented on here to boot.

  19. Thanks to robk from:

    TheScarfedOne (22nd July 2014)

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Slight problem with Samsung N130 and Ruckus
    By SimpleSi in forum Wireless Networks
    Replies: 75
    Last Post: 21st October 2013, 09:52 AM
  2. BYOD with Ruckus and Smoothwall
    By denon101 in forum Wireless Networks
    Replies: 6
    Last Post: 17th January 2013, 10:57 AM
  3. Smoothwall and Exchange 2007 with Full Outlook 2010 client issue
    By _techie_ in forum Internet Related/Filtering/Firewall
    Replies: 12
    Last Post: 9th November 2011, 08:59 AM
  4. Ruckus problems with WPAD and PAC files
    By cookie_monster in forum Wireless Networks
    Replies: 2
    Last Post: 18th February 2011, 11:32 AM
  5. Odd situation with NTP and SmoothWall Corporate Firewall
    By dgordon in forum Internet Related/Filtering/Firewall
    Replies: 0
    Last Post: 31st March 2010, 06:09 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •