Thank you for your reply.
I have no dns server. Is there a way to make packetfence handle this?I
can ping google.com but that's i think that is because I have a wireless
card I added and eth1 for. On the switch I do not have any internet
connection. Some more attached files. Ignore the comments in the files,
they are for my class and not in the actual file on the server.
*FROM /etc/sysconfig/network
*
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=localhost*
*
*FULL PF.CONF*
[general]
#
# general.domain
#
# Domain name of PacketFence system. ###### DOMAIN NAME OF PACKETFENCE
SERVER
domain=localdomain
#
# general.hostname ##### HOST NAME OF PF SERVER
#
# Hostname of PacketFence system. This is concatenated with the domain
in Apache rewriting rules and therefore must be resolvable by clients.
hostname=localhost
#
# general.dnsservers ####DNS SERVERS GO HERE
#
# Comma-delimited list of DNS servers. Passthroughs are created to
allow queries to these servers from even "trapped" nodes.
dnsservers=4.2.2.2
#
# general.dhcpservers ####DHCP SERVERS GO HERE
#
# Comma-delimited list of DHCP servers. Passthroughs are created to
allow DHCP transactions from even "trapped" nodes.
dhcpservers=192.168.200.10
[trapping] ##### RANGE OF IPS PF SHOULD MONITOR
# trapping.range
#
# Comma-delimited list of address ranges/CIDR blocks that PacketFence
will monitor/detect/trap on. Gateway, network, and
# broadcast addresses are ignored.
range=192.168.2.0/24,192.168.3.0/24,192.168.5.0/24,192.168.1.0/24,192.168.200.0/24
# trapping.registration ######SHOULD NEW DEVICES HAVE TO REGISTER
#
# If enabled, nodes will be required to register on first network
access. Further registration options are configured in the
# registration section.
registration=enabled
#
# trapping.dectection ####TRAPPING USED FOR SNORT.
#
# If enabled, nodes will be trapped if triggering a SNORT rules.
detection=disabled
[database]
#
# database.pass
#
# Password for the mysql database used by PacketFence.
pass=pfz3n
[interface eth0]
ip=192.168.200.10
mask=255.255.255.0
type=internal,management
enforcement=inline
gateway=192.168.200.10
[alerting]
emailaddr=root@localhost
[registration]
range=192.168.200.0/24*
PART OF MY ACCESS.LOGS FILE. (AS YOU CAN SEE IT ONLY SHOWS WHEN MY
ANTIVIRUS TRYS TO UPDATE OR IF I TYPE IN MY PF SERVER IP)*
*
* File: access_log
192.168.200.254 - - [11/Dec/2011:22:45:10 -0500] "GET
/captive-portal?destination_url=http://guru.avg.com/softw/12free/update/avg12infoavi.ctf
HT$
192.168.200.254 - - [11/Dec/2011:22:45:10 -0500] "GET
/softw/12free/update/avg12infowin.ctf HTTP/1.1" 307 319 "-"
"AVGINET12-WV7XX86 120FREE AVI=$
192.168.200.254 - - [11/Dec/2011:22:45:10 -0500] "GET
/captive-portal?destination_url=http://guru.avg.com/softw/12free/update/avg12infowin.ctf
HT$
192.168.200.254 - - [11/Dec/2011:23:01:32 -0500] "GET / HTTP/1.1" 307
285 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko)$
192.168.200.254 - - [11/Dec/2011:23:01:32 -0500] "GET
/captive-portal?destination_url=http://192.168.200.10/ HTTP/1.1" 200
7096 "-" "Mozilla/5.0 $
192.168.200.254 - - [11/Dec/2011:23:14:46 -0500] "GET / HTTP/1.1" 307
285 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko)$
192.168.200.254 - - [11/Dec/2011:23:14:46 -0500] "GET
/captive-portal?destination_url=http://192.168.200.10/ HTTP/1.1" 200
7096 "-" "Mozilla/5.0 $
192.168.200.254 - - [11/Dec/2011:23:17:14 -0500] "GET / HTTP/1.1" 307
285 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko)$
192.168.200.254 - - [11/Dec/2011:23:17:14 -0500] "GET
/captive-portal?destination_url=http://192.168.200.10/ HTTP/1.1" 200
7096 "-" "Mozilla/5.0 $
192.168.200.254 - - [11/Dec/2011:23:34:04 -0500] "GET
/softw/12free/update/avg12infoavi.ctf HTTP/1.1" 307 319 "-"
"AVGINET12-WV7XX86 120FREE AVI=$
192.168.200.254 - - [11/Dec/2011:23:34:04 -0500] "GET
/captive-portal?destination_url=http://guru.avg.com/softw/12free/update/avg12infoavi.ctf
HT$
192.168.200.254 - - [11/Dec/2011:23:34:05 -0500] "GET
/softw/12free/update/avg12infowin.ctf HTTP/1.1" 307 319 "-"
"AVGINET12-WV7XX86 120FREE AVI=$
192.168.200.254 - - [11/Dec/2011:23:34:05 -0500] "GET
/captive-portal?destination_url=http://guru.avg.com/softw/12free/update/avg12infowin.ctf
HT$
192.168.200.254 - - [12/Dec/2011:00:11:03 -0500] "GET / HTTP/1.1" 307
285 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.2 (KHTML, like Gecko)$
192.168.200.254 - - [12/Dec/2011:00:11:03 -0500] "GET
/captive-portal?destination_url=http://192.168.200.10/ HTTP/1.1" 403 211
"-" "Mozilla/5.0 ($
192.168.200.254 - - [12/Dec/2011:00:11:11 -0500] "GET
/captive-portal?destination_url=http://192.168.200.10/ HTTP/1.1" 403 211
"-" "Mozilla/5.0 ($
192.168.200.254 - - [12/Dec/2011:00:12:36 -0500] "GET
/captive-portal?destination_url=http://192.168.200.10/ HTTP/1.1" 200
7096 "-" "Mozilla/5.0 $
*THIS IS FROM THE CAPITAL PORTAL IP SELECTION VIA WEB IFACE.
CAPTIVE_PORTAL.NETWORK_DETECTION_IP. I HAVE NOT EDITED IT. SHOULD I?
Default: 67.205.85.245
This IP is used as the webserver who hosts the
common/network-access-detection.gif which is used to detect if network
access
was enabled. It cannot be a domain name since it is used in registration or
quarantine where DNS is blackholed. It is recommended that you allow
your users
to reach your packetfence server and put your LAN's PacketFence IP. By
default
we will make this reach PacketFence's website as an easy solution.
*
*
**
*
On 12/12/2011 8:18 AM, Francois Gaudreault wrote:
What DNS server are you receiving in your client? When you ping
google.com, is it resolving?
On 11-12-11 7:50 PM, Adam wrote:
Ok I have managed to work out my previous question. I am now getting
an ip from the zen dhcp server when I connect a 2nd computer to the
switch. Now my problem is I don't get a registration page. I looked
in my access.log and it doesn't show anything when I try to access a
website (google.com) from my browser (tried explorer and chrome).
However if i type my pf server inline ip (192.168.200.10), It shows
up in the access log and I get the registration page. I also see the
antivirus trying to update in the access log. This is due tomorrow at
6pm, hopefully someone can help me. Thanks!
-------- Original Message --------
Subject: ZEN Networking question.
Date: Sat, 10 Dec 2011 14:51:20 -0600
From: Adam <[email protected]>
To: [email protected]
<[email protected]>
I have a project due and I am stuck. Any help would be greatly
appreciated.
I have provided the files in question below. I have edited the
provided ZEN workstation. I need to get a working inline connection.
I only need one and I have it setup off of eth0 with no other NICS
installed.
My question is (see below) what is the gateway ip for from my pf.conf
file? I see it is the same as my eth0 IP. Where else do I need to put
this ip? I have a switch configured with ip 192.168.200.1/24. Do I
need to setup something on the switch using the gateway ip? I can
talk to the switch from my vmware and I can ping across my vlan to
another computer (with static ip set). When I try hooking up another
computer to the same vlan I can see the computer make the dhcp
request (wireshark) but my ZEN workstation is not responding.
Here is my /etc/sysconfig/network-scripts/ifcfg-eth0 file.
DEVICE=eth0
BOOTPROTO=static
ONBOOT=yes
HWADDR=00:50:56:29:a2:e1
IPADDR=192.168.200.10
NETMASK=255.255.255.0
*BELOW IS FROM MY pf.conf FILE.*
[interface eth0]
ip=192.168.200.10
mask=255.255.255.0
type=internal,monitor
enforcement=inline
gateway=192.168.200.10
*HERE IS MY NETWORKS.CONF
*[192.168.200.0]
type=inline
netmask=255.255.255.0
gateway=192.168.200.10
dns=4.2.2.2
dhcp_start=192.168.200.11
dhcp_end=192.168.200.254
dhcp_default_lease_time=300
dhcp_max_lease_time=600
named=disabled
dhcpd=enabled
next_hop=
domain-name=nac.zen.packetfence.org
------------------------------------------------------------------------------
Learn Windows Azure Live! Tuesday, Dec 13, 2011
Microsoft is holding a special Learn Windows Azure training event for
developers. It will provide a great way to learn Windows Azure and what it
provides. You can attend the event by watching it streamed LIVE online.
Learn more athttp://p.sf.net/sfu/ms-windowsazure
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
[email protected] :: +1.514.447.4918 (x130) ::www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Learn Windows Azure Live! Tuesday, Dec 13, 2011
Microsoft is holding a special Learn Windows Azure training event for
developers. It will provide a great way to learn Windows Azure and what it
provides. You can attend the event by watching it streamed LIVE online.
Learn more at http://p.sf.net/sfu/ms-windowsazure
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Learn Windows Azure Live! Tuesday, Dec 13, 2011
Microsoft is holding a special Learn Windows Azure training event for
developers. It will provide a great way to learn Windows Azure and what it
provides. You can attend the event by watching it streamed LIVE online.
Learn more at http://p.sf.net/sfu/ms-windowsazure
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
