Is it not part of your current Wireless management?
Printable View
Is it not part of your current Wireless management?
not quite how we want it. Plus we want to make it available via cable as well.Quote:
Originally Posted by TechMonkey
I have been working on this for the last couple of days on and off.
I initialy was going to use our Meru captive portal, until i discovered that it only supports one portal despite supporting 4 landing pages and 4 networks ( so even if you have a landing page associated with one ssid, the pupils can just use their user to connect to the other guest SSID !!!GREAT!!! )
So I had a quick play on a test SLES box and had some issues, so tried ClearOS and had some issues....
So tomorrow is "Untangle" day, and if that does not work without hacking then i will give pFsense a go.
What you need to do is have captive portal and have the success page forward to your internal landing page.
When the user connects to the network the portal (which must either be a transparent bridge or the default gateway ) intercepts the web traffic, whatever you go to it displays a logon page, once logged on you get the success page that can redirect to your landing page.
Thats exactly what i want. Thanks :)
Does PFSense captive portal need to use a username and password? I dont want to use that, i just want it to redirect.
Do you set PFSense as your default gateway?
DG or better a transparent bridge. Has to be one of the two so that all traffic hits it.
Rob
Once I have it working our users pupils will hit the portal, accept the AUP and then be connected to our VDI login page.
The only thing they can do is hit that, no other ports will work, no other websites will work, ( that's the Cisco access lists job )
We already have the second part in force for our IPAD wifi for Zone Leaders.
Rob
If its the DG how can the clients route to another VLAN like get to our remote access solution hosted on another VLAN? Thanks
I think it's diagram time....
Rob
I suppose its kind of like this? - http://www.edugeek.net/forums/wired-...-3-switch.html
what services do you want to achieve and from where?
What do you mean. I basically want an BYOD network that will provide access to our Remote Access solution (https site) OWA and a few select internal website. When a user opens the web browser when connected to the network they are taken to a particular website.
I plan to use ACL to control what people on the BYOD network can get from the main LAN.
the DG has a DG of the vlan interface, the access rules only permit the captive box . This is assuming the captive box is proxying and can do ssl if you need it.Quote:
Originally Posted by FN-GM
it may be simpler to run a transparent bridge.
your more or less wanting exactly what I am working through by the sound of it. I will send over my bank details via PM for the consultancy ;) ;)
Rob
you should be able to do this easily enough with squid - theres some config examples for the captive portal features here:
ConfigExamples - Squid Web Proxy Wiki
I gave up yesterday with squid on sles..
Pfsense and Untangle probably both use squid as the underlying engine but built to work.