Hi !
We are using PacketFence 8.1 on a Debian 8.11 server in inline mode (no
NAT). Works great.
I need to add a passthrough to the registration Vlan for an IP server,
not domains. I can not use a domain (application has static IP built-in,
so I have no choice).
So I went to the GUI Configuration/Network/Fencing and added my IP
server "a.b.c.d:nnn" in "Passthrough domains" with the Passthrough box
ticked. I then restarted pfdns and iptables from the Status/Service GUI
as instructed.
Unfortunately, that does not seem to work. At least for an IP address.
After some investigation, it seems that the ipset group
"pfsession_passthrough" is not updated with the IP addresses I provided
in the GUI ("ipset list pfsession_passthrough"). I checked, and pf.conf
has my server IP populated there.
If I manualy perform an "ipset add pfsession_passthrough
a.b.c.d,tcp/nnn" that works (my server is acessible from the
registration VLAN without registration).
However, it is not persistent. Furthermore, if I try to add that to
/etc/ipset.conf with the proper "ipset save pfsession_passthrough
>/etc/ipset.conf" that doesn't work either after a reboot ; maybe ipset is not working as a service for PacketFence.
Can you please help me how to add an IP address:port as passthrough to
packetfence/registration vlan for it to be persistent upon reboot ?
Thank you very much in advance :)
And thank you for that great software.
Best regards,
Nicolas
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
