That tcpdump indicates that you are hitting the portal. What you see in
Post by clfso I tried today editing those two lines but still no success
I tried then disabling the iptables service and still the same problem
then I released the tcpdump -i eth1.2 command (eth1.2 is the
registration interface) and got this output at the moment I opened the
web browser on the client side and IŽm supposed to hit the captive portal
14:39:24.171855 IP 192.168.2.10.59015 > 192.168.2.1.domain: 41910+ A?
www.google.com <http://www.google.com>. (32)
14:39:24.176052 IP 192.168.2.1.domain > 192.168.2.10.59015: 41910*
1/1/1 A 192.168.2.1 (88)
Flags [S], seq 3594596785, win 65535, options [mss
1460,nop,nop,sackOK], length 0
Flags [S.], seq 4272748915, ack 3594596786, win 5840, options [mss
1460,nop,nop,sackOK], length 0
Flags [.], ack 1, win 65535, length 0
Flags [P.], seq 1:653, ack 1, win 65535, length 652
Flags [.], ack 653, win 6520, length 0
Flags [P.], seq 1:581, ack 653, win 6520, length 580
Flags [F.], seq 653, ack 581, win 64955, length 0
14:39:24.184521 IP 192.168.2.10.iclpv-dm > 192.168.2.1.http: Flags
[S], seq 289044139, win 65535, options [mss 1460,nop,nop,sackOK], length 0
14:39:24.184592 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[S.], seq 4278928276, ack 289044140, win 5840, options [mss
1460,nop,nop,sackOK], length 0
14:39:24.184922 IP 192.168.2.10.iclpv-dm > 192.168.2.1.http: Flags
[.], ack 1, win 65535, length 0
14:39:24.185210 IP 192.168.2.10.iclpv-dm > 192.168.2.1.http: Flags
[P.], seq 1:623, ack 1, win 65535, length 622
14:39:24.185265 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], ack 623, win 6842, length 0
Flags [F.], seq 581, ack 654, win 6520, length 0
Flags [.], ack 582, win 64955, length 0
14:39:24.453054 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], seq 1:1461, ack 623, win 6842, length 1460
14:39:24.453363 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], seq 1461:2921, ack 623, win 6842, length 1460
14:39:24.453504 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], seq 2921:4381, ack 623, win 6842, length 1460
14:39:27.453316 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], seq 1:1461, ack 623, win 6842, length 1460
14:39:33.453327 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], seq 1:1461, ack 623, win 6842, length 1460
14:39:45.453211 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], seq 1:1461, ack 623, win 6842, length 1460
14:39:47.654597 IP 192.168.2.10.netbios-dgm >
192.168.2.255.netbios-dgm: NBT UDP PACKET(138)
BOOTP/DHCP, Request from 00:14:22:fd:cd:5f (oui Unknown), length 319
BOOTP/DHCP, Reply, length 300
14:40:09.453231 IP 192.168.2.1.http > 192.168.2.10.iclpv-dm: Flags
[.], seq 1:1461, ack 623, win 6842, length 1460
now it gets stuck there
do you find something there?
thanks again in advance
Hi François,
that's a good tip, I won't be able to try this until monday since
today I'm out of office, but I will post the results as soon as I
make this
thanks again and have a nice weekend
RewriteRule ^.*$
https://%%hostname%%.%%domain%%/captive-portal?destination_url=http://%{HTTP_HOST}%{REQUEST_URI}
[R=307,L]
to
RewriteRule ^.*$
http://%%hostname%%.%%domain%%/captive-portal?destination_url=http://%{HTTP_HOST}%{REQUEST_URI}
[R=307,L]
You will need to change it two times. Next, restart
packetfence and retry. This will prevent the redirect to
https, and will use plain http. Let's see if it works that way.
My other question, do you have a proxy configured for your browser?
Post by clfI have to add something, the PF is a virtual machine running
on Virtual Box, this is configured with tho NICs and the NIC
configured to use with PF is a trunk with all VLANs needed,
is set as follows
eth1management
eth1.10 normal vlan
eth1.2 registration
eth1.3 isolation
eth1.5 normal vlan guests
the other NIC is connected to a management switch
yes, I tried two computers both with firefox and explorer
when I check the access_log I can see the attempts from
explorer and firefox, I can also see the attempts from
the antivirus trying to update
something is wrong loading the certificate or the reg page
Am 01/12/2011 um 20:47 schrieb Francois Gaudreault
Post by Francois GaudreaultHi,
Yes the nslookup is fine, as long as the PC also have a
192.168.2.x IP Address, and that you can ping 192.168.2.1.
Again, you are reaching the server if you get the SSL
warning. Did you test using another PC?
Post by clfthanks again
François, I didn't change any of the templates, no html
files were modified
Damian, restarting service doesn't help at this moment
can you tell me if the nslookup is correct? where
should I have a look?
If you start and stop the PF service does the
registration page work?
Thats the problem Im having works one time
after starting and stopping the service
*Sent:* Thursday, December 01, 2011 6:42 AM
*Subject:* Re: [Packetfence-users] Registration
page doesnŽt show up, certificate?
Hi Francois,
thanks for your reply, IŽve tried both mozilla and
explorer and IŽm still not able to see the
registration page...
IŽve solved those errors on the access_log creating
new cert files with openssl with the right server
name and replacing the old ones. Now I only get
[notice] caught SIGTERM, shutting down
[Thu Dec 01 10:38:18 2011] [notice] Apache/2.2.15
(Unix) mod_ssl/2.2.15 OpenSSL/1.0.0-fips PHP/5.3.2
mod_perl/2.0.4 Perl/v5.10.1 configured -- resuming
normal operations
I realized that if i release the nslookup command
server: packetfence
address: 192.168.2.1
name: www.google.com.registration.mydomain.com
<http://www.google.com.registration.mydomain.com>
address: 192.168.2.1
is something wrong with dns?
thanks again
Hi,
What if you try with another browser (ie.
Chrome/Firefox)? Do you have
the same thing?
Post by clfHi All,
I just set up a new PF server yesterday,
everything went fine and I
Post by clfcould start the service and access the GUI.
The server is set up in VLAN enforcement mode so
when a new device is
Post by clfconnected to the switch, PF changes the VLAN (MAC
detection) to the
Post by clfregistration VLAN and when the client opens the
web browser it comes
Post by clfup the classic "Certificate Error" in Internet
Explorer but when I
Post by clfclick the link to ignore the message it just
hangs and the reg page
Post by clfdoesnŽt
I can see PF knows the client is trying to access
to the Internet as I
Post by clfsee this in the access_log
192.168.2.10 - - [01/Dec/2011:10:50:30 +0100] "GET
/captive-portal?destination_url=http://www.google.com/
HTTP/1.1" 200
Post by clf7093 "-" "Mozilla/4.0 (compatible; MSIE 8.0;
Windows NT 5.1;
Post by clfTrident/4.0; .NET CLR 2.0.50727; .NET CLR
3.0.4506.2152 <tel:3.0.4506.2152>; .NET CLR
Post by clf3.5.30729; .NET CLR 1.1.4322; InfoPath.2)"
Having a look at the logs I see nothing strange
but this on the error_log
Post by clf[Thu Dec 01 10:36:37 2011] [notice] caught
SIGTERM, shutting down
Post by clf[Thu Dec 01 10:38:12 2011] [warn] RSA server
certificate is a CA
Post by clfcertificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 01 10:38:12 2011] [warn] RSA server
certificate CommonName
Post by clf(CN) `packetfence' does NOT match server name!?
[Thu Dec 01 10:38:12 2011] [warn] RSA server
certificate is a CA
Post by clfcertificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 01 10:38:12 2011] [warn] RSA server
certificate CommonName
Post by clf(CN) `packetfence' does NOT match server name!?
[Thu Dec 01 10:38:13 2011] [warn] RSA server
certificate is a CA
Post by clfcertificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 01 10:38:13 2011] [warn] RSA server
certificate CommonName
Post by clf(CN) `packetfence' does NOT match server name!?
[Thu Dec 01 10:38:13 2011] [warn] RSA server
certificate is a CA
Post by clfcertificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 01 10:38:13 2011] [warn] RSA server
certificate CommonName
Post by clf(CN) `packetfence' does NOT match server name!?
[Thu Dec 01 10:38:18 2011] [notice] Apache/2.2.15
(Unix)
Post by clfmod_ssl/2.2.15 OpenSSL/1.0.0-fips PHP/5.3.2
mod_perl/2.0.4
Post by clfPerl/v5.10.1 configured -- resuming normal operations
Any advice?
Thanks in advance
clf
------------------------------------------------------------------------------
Post by clfAll the data continuously generated in your IT
infrastructure
Post by clfcontains a definitive record of customers,
application performance,
Post by clfsecurity threats, fraudulent activity, and more.
Splunk takes this
Post by clfdata and makes sense of it. IT sense. And common
sense.
Post by clfhttp://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
<tel:%2B1.514.447.4918> (x130) :: http://www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu
<http://www.sogo.nu>) and PacketFence
(www.packetfence.org <http://www.packetfence.org>)
------------------------------------------------------------------------------
All the data continuously generated in your IT
infrastructure
contains a definitive record of customers,
application performance,
security threats, fraudulent activity, and more.
Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu>) and PacketFence (www.packetfence.org <http://www.packetfence.org>)
------------------------------------------------------------------------------
All the data continuously generated in your IT
infrastructure
contains a definitive record of customers, application
performance,
security threats, fraudulent activity, and more. Splunk
takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu>) and PacketFence (www.packetfence.org <http://www.packetfence.org>)
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application
performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Packetfence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users