> I am struggling with some rather borderline supported equipment in > vlan mode and am considering falling back to inline mode for now. > > However I am not sure that inline mode will do what I want. > > Am I right in thinking that in inline mode the 'isp' would see all the > traffic originating from the packetfence server. Does/can packetfence > support some kind of transparent bridging mode?
Yes, but not in a user friendly fashion. Modify the conf/iptables.conf *nat table so that it doesn't NAT (accept properly marked packets in post-routing instead of MASQUERADE) and add the proper return route in your infrastructure. We are looking for a sponsor to make that easier to do by configuration instead of poking in iptables rules directly. Contact us if interested to help PacketFence development! > > The main reason we are thinking of deploying packetfence is for when > we get an email from our internet provider (a university) about > illegal activity (a virus or illegal torrenting etc) we have problems > tracking down who had the IP address in the complaint at the time. > A very good use case for NAC! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
