> Yes that is correct I work for Meraki. Am I not allowed to participate?
I meant that in a positive sense -- you're likely to have some influence and a better-than-average chance of knowing what you're talking about. > The idea is that both the wired and wireless clients use packetfence for a > single pane of management and authorization. Well, the captive portal is very tightly coupled with the rest of the system. I could possibly imagine making it work with a lot of hackery, with out-of-band messages from the Meraki triggering the same sort of pfcmd work that the PF captive portal does, but it's probably not worth the trouble. Just let PF run the captive portal and flap the VLANs. You're correct that it's redundant, but it should also be harmless. I'm not familiar with Meraki, but on an Aruba network, I'd just create a firewall policy that restricts what people in the quarantine VLAN's IP space can do, and apply it globally. The quarantine ACLs will still apply to production traffic, but they'll be irrelevant. Another approach to a single point of control is to extend your captive portal to wired networks. Aruba does that. But not nicely enough for me, so I'm using PF instead. ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Packetfence-users mailing list Packetfence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
