Hi again folks,
John Sayce - Your suggestion is great and is working perfectly.
But I need to pick peoples’ brains again.
I have been asked if it is possible to include ask the same question a second
time at activation.
It could be included in the ‘Activation E-Mail’ that is sent to the customer or
in the E-Mail activation page itself.
Either way the ‘powers that be’ have been advised that they should give the
user a second chance to opt out of
something.
We would also like to ask a similar question regarding ‘Content filtering’
option (aka family friendly filters).
What we would want to do in this case is to change the VLAN that a customer is
on based on their response
to the question.
Any suggestions would be great.
Andrew
From: Torry, Andrew [mailto:[email protected]]
Sent: 28 March 2017 14:11
To: [email protected]
Subject: Re: [PacketFence-users] Bespoke questions in registration portal pages
Hi John,
I have tried your suggested modification but cannot see any additional content
on the registration page.
It just has fields for the person’s First name, Last name and E-Mal address.
What am I missing here?
Andrew
From: John Sayce [mailto:[email protected]]
Sent: 23 March 2017 16:02
To: '[email protected]'
Subject: Re: [PacketFence-users] Bespoke questions in registration portal pages
I'm no packetfence expert but I managed to do exactly this using the custom
fields and a tweak to the templates. If you edit the signin.html (probably
best for a new portal profile.) in a you'll see this which generates the form:
<div class="card[% IF fields.exists('aup') %] card--hidden card--disabled[% END
%] layout layout--center">
<div class="layout__item u-2/3 u-1/1-palm">
[% FOREACH field IN fields.keys %]
[% NEXT IF field == 'aup' %]
<div class="input-container">
[% form.get_field(field).render | none %]
</div>
[% END %]
<button type="submit" name="submit" class="btn btn--full u-mt">
<div class="flag flag--light">
<div class="flag__img">[%
svgIcon(id='ic_done_black_24px',size='small') %]</div>
<p class="flag__body">[% i18n("Continue") %]</p>
</div>
</button>
</div>
Which I modified to
<div class="card[% IF fields.exists('aup') %] card--hidden card--disabled[% END
%] layout layout--center">
<div class="layout__item u-2/3 u-1/1-palm">
[% FOREACH field IN fields.keys %]
[% NEXT IF field == 'aup' %]
[% IF field == 'custom_field_1' %]
<div class="layout--center u-pt">
<div class="layout__item u-2/3 u-1/1-palm btn btn--light">
<input type="checkbox" name="fields[custom_field_1]"
id="custom_field_1" value="1"><label for="custom_field_1">I accept the
terms</label>
</div>
</div>
[% ELSE %]
<div class="input-container">
[% form.get_field(field).render | none %]
</div>
[% END %]
[% END %]
<button type="submit" name="submit" class="btn btn--full u-mt">
<div class="flag flag--light">
<div class="flag__img">[%
svgIcon(id='ic_done_black_24px',size='small') %]</div>
<p class="flag__body">[% i18n("Continue") %]</p>
</div>
</button>
</div>
The CSS still needs tweaking but it's functional. Does that make sense? It's
all in the development manual, sort of.
From: Torry, Andrew [mailto:[email protected]]
Sent: 23 March 2017 15:48
To: [email protected]
Cc: Fitzgerald, Heather
Subject: Re: [PacketFence-users] Bespoke questions in registration portal pages
Hi folks,
I’ve been asked to find out if it is possible to ask a bespoke question in a
portal registration page.
Currently our ‘Guests’ register their devices on a guest wifi using an e-mail
address or mobile phone number.
What we want is some way of asking them to tick a box option in/out of any
marketing campaigns.
Sort of:-
Click here if you do no not wish to receive E-Mails and/or text messages
regarding upcoming special events/offers.
And then to populate a field in the user database with a relevant flag
indicating their acceptance of this or not.
And ideas folks?
Andrew
Andrew Torry
Senior Infrastructure Engineer
Tel: 01326 370760
Email: [email protected]<mailto:[email protected]>
[cid:[email protected]]
[Falmouth Exeter Plus]
[cid:[email protected]]
[Twitter]<https://twitter.com/falmouthexeter>
[Facebook]<https://www.facebook.com/falmouthexeter>
[Instagram]<https://www.instagram.com/falmouthexeterplus/>
[YouTube]<https://www.youtube.com/channel/UC5-Jq4vTOhWgYoJJDYrZHWw>
[cid:[email protected]]
[Falmouth University]
Falmouth Exeter Plus is an exempt charity established by Falmouth University
and the University of Exeter to deliver their shared Higher Education services
in Cornwall.
From: Fabrice Durand [mailto:[email protected]]
Sent: 22 March 2017 17:26
To:
[email protected]<mailto:[email protected]>
Subject: Re: [PacketFence-users] Prevent Cross SSID Connecting
So what you can do is to trigger a violation when the device try to reach the
wrong ssid and remove it when it go back on the good ssid.
Regards
Fabrice
Le 2017-03-21 à 22:33, Charles Rumford a écrit :
I had thought about doing something like this, but the registration is
the part that I'm concerned about. If we have a user accidentally
connect to the wrong network, the user is going to have to go through
the entire registration again.
I could do an auto-registration thing in the VLAN filters, but the
unregistration date is lost after you unregistered a device. When the
user returns to the correct SSID, the device needs to be auto registered
the same date as before.
In playing with ways to preserve the unregdate, I though about storing
it in the notes field temporarily, and then using it later to register
the device, but I seem to have run into an issue.
If I do something like:
[not_apng:PennDevice_dev&PennDevice_Roles]
scope = RegisteredRole
action = modify_node
action_param = mac = $mac, notes = $node_info.unregdate
All I get in the notes field is: HASH(0x7f480d7f8990).unregdate
In the VLAN filters file, there is an example for getting data from
radius requests by doing:
$radius_request->{'Called-Station-Id'}
But this results in something similar.
I can get around the unregdate issue if $node_info.unregdate worked.
On 3/21/17 9:50 PM, Durand fabrice wrote:
Hello Charles,
i will do something like that:
VLAN Filters:
[Guest]
filter = ssid
operator = is
value = Guest
[IoT]
filter = ssid
operator = is
value = IoT
[IoT_Roles]
filter = node_info.category
operator = regex
value = ^IoT.*
[Guest_Roles]
filter = node_info.category
operator = regex
value = ^Guest.*
[not_guest:Guest&IoT_Roles]
scope = RegisteredRole
role = Guest-Reg #Tells the WLAN controller to do captive portaling
action = modify_node
action_param = mac = $mac, status = unreg
[not_apnd:IoT&Guest_Roles]
scope = RegisteredRole
role = IoT-Reg #Tells the WLAN controller to do captive portaling
action = modify_node
action_param = mac = $mac, status = unreg
You need to change the status of the device in the database because when
the device will hit the portal PacketFence test the status of the device
and if it's reg then it will revaluate the access.
Btw you will need to register the device again.
Regards
Fabrice
Le 2017-03-21 à 18:29, Charles Rumford a écrit :
Hey -
I'm currently in the process of setting up PacketFence to handle our
Guest Networking. Down the line, we are going to be adding more services
to this server.
This server will eventually be handling two different SSIDs: Guest and
IoT. I have a number of different roles associated with the two SSIDs:
Guest-Reg, Guest-Auth, IoT-Reg, and IoT-Auth. What I want to do is if a
node has a role of IoT and connects to Guest to present them with a
captive portal telling they aren't allowed there, and vice versa.
I have the following in place:
VLAN Filters:
[Guest]
filter = ssid
operator = is
value = Guest
[IoT]
filter = ssid
operator = is
value = IoT
[node_is_registered]
filter = node_info.status
operator = is
value = reg
[IoT_Roles]
filter = node_info.category
operator = regex
value = ^IoT.*
[Guest_Roles]
filter = node_info.category
operator = regex
value = ^Guest.*
[not_guest:Guest&IoT_Roles&node_is_registered]
scope = RegisteredRole
role = Guest-Reg #Tells the WLAN controller to do captive portaling
[not_apnd:IoT&Guest_Roles&node_is_registered]
scope = RegisteredRole
role = IoT-Reg #Tells the WLAN controller to do captive portaling
profiles.conf:
[Guest-Violation]
filter_match_style=all
preregistration=disabled
locale=
root_module=Guest-Violation
filter=ssid:Guest
sources=null
advanced_filter=category == "IoT-Auth"
dot1x_recompute_role_from_portal=0
[Guest]
dot1x_recompute_role_from_portal=0
preregistration=disabled
locale=
filter=ssid:Guest
reuse_dot1x_credentials=enabled
sources=email-only
always_use_redirecturl=enabled
redirecturl=http://www.upenn.edu
root_module=Guest-Root
I'm able to get a the captive portal generated by the profile
Guest-Violation, the problem is the captive portal doesn't present the
message I have configured in the module. It presents a error message
saying the network will be available shortly, and then PacketFence does
a re-eval of the node and sends role IoT-Auth to the controller.
Is there any way to prevent the re-eval in the captive portal and to
force it into the message? The major thing is if the device returns to
the IoT SSID then I want it to connect successfully.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected]<mailto:[email protected]> :: +1.514.447.4918 (x135) ::
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
