Zentyal Forum, Linux Small Business Server
Zentyal Server => Installation and Upgrades => Topic started by: c4rdinal on October 06, 2011, 11:08:32 am
-
Hi,
I have a problem with my deployment with captive portal + wifi for my wireless clients.
My network looks like this:
Captive Portal (eth3), 192.168.100.1 ---> Wifi (internet Port), 192.168.100.2 | Wifi (LAN), 192.168.200.0/24
Users connected to the Wifi (LAN), 192.168.200.0/24 don't get the Captive Portal Login. Is this because it's in a different Subnet as the server?
Is this the expected outcome?
Thanks
-
hi, to make captive portal work, zentyal needs to be dns, dhcp and router/gateway for the network.
to make this work ... this requires it to have an ip/interface in the target network,
to make this work set captive portal on network interface, or a vlan interface... if you want to work on a vlan only you will require lvl3 (smart) switches. otherwise any lvl2 switch will do. if you want it wireless than add a wap (wireless access point) to your network segment if you use consumer based wireless routers, be sure to disable its dhcp and dns functions completly before connecting it to your captiveportal network.
-
Being the gateway is enough, DNS+DHCP could be another server. Anyway, my suggestion is just to put the AP in bridged mode so you have everything in the same network.
-
Being the gateway is enough, DNS+DHCP could be another server. Anyway, my suggestion is just to put the AP in bridged mode so you have everything in the same network.
This is exactly what I'm trying to accomplish; making the AP (Linksys WAP54G with DD-WRT Firmware) bridged with the Zentyal Interface but can't find ways to establish it.
Anyone have setup the same?
As a summary of my requirement:
Zentyal Captive Portal Interface (eth3) = 192.168.100.1
AP WAN Interface = Bridged to Zentyal eth3
So that LAN clients will be in the same subnet as Zentyal (192.168.100.0/24). DHCP+DNS will be Zentyal.
I'll appreciate any hint on how to do this.
Thanks
-
I think, I know the answer. I think i'll make the Zentyal Captive Portal (eth3) set as bridge and My AP WAN interface as 192.168.100.100/24?
-
I am not sure why you need to bridge the wifi router. You can and it will work. Simpler way is to turn off the wifi router dhcp & dns and instead of connecting to a separate ethernet port just place it on your lan switch.
Stuart
-
I am not sure why you need to bridge the wifi router. You can and it will work. Simpler way is to turn off the wifi router dhcp & dns and instead of connecting to a separate ethernet port just place it on your lan switch.
Stuart
Worked like a charm, thanks!
-
By the way, this work-around did not work for my Linksys DIR-655 AP and Netgear WNR3500 Router.
In this case the Netgear WNR3500 is configured as gateway.
For some reasons disabling the DHCP Service on the AP/Router did not allow clients to get an IP coming from Zentyal.
Any thoughts?
Thanks
-
I have used one of the Netgear nMax routers and had it working.
I guess it must be configuration.
Make sure you turn off the internal dhcp server function in the advanced section but leave it to autoconfigure via a dhcp server. Also turnoff the spi firewall.
So to start from scratch reset the router to factory defaults and then just turn off the above two. Place the router on the lan switch via its wan port.
Boot it up and it should first pick up the zentyal dhcp infomation check you are getting that far.
If it isn't try entering a static IP address and use your server address for default gateway, dns...
There shouldn't be a reason why it didn't apart from possibly configuration.
Stuart
-
Make sure you turn off the internal dhcp server function in the advanced section but leave it to autoconfigure via a dhcp server. Also turnoff the spi firewall.
So to start from scratch reset the router to factory defaults and then just turn off the above two. Place the router on the lan switch via its wan port.
Boot it up and it should first pick up the zentyal dhcp infomation check you are getting that far.
Hello Stuart,
Thanks for taking time to answer.
Actually, I already have taken those steps prior to posting here. (Disable = SPI, Disable DHCP (LAN), Router Reset). But still had no luck to gain Dynamic address from Zentyal. Unlike my Linksys WAP54G which worked flawlessly using the same settings.
-
Its always hard to envisage remotely so please humour me and ignore if this sounds condescending.
Reset the router to defaults.
See if you get the DHCP from the server.
I think you might be turning off the DHCP in the basic settings which will stop you recieving DHCP.
In the advanced section turn off the DHCP server and SIP firewall.
Otherwise I am a bit stumped without looking myself.
-
I think you might be turning off the DHCP in the basic settings which will stop you recieving DHCP.
In the advanced section turn off the DHCP server and SIP firewall.
Stuart, thanks for your reply.
Hehe, sorry for not explaining it clearly.
In Basic Settings = I can get a DHCP Address from Zentyal.
But my clients connected to the AP cannot get DHCP address from Zentyal. I'm expecting clients will get DHCP Leases from Zentyal and not from the Netgear AP, right?
In Advanced, DHCP and SPI Firewall are disabled.
-
Hehe, sorry for not explaining it clearly.
In Basic Settings = I can get a DHCP Address from Zentyal.
But my clients connected to the AP cannot get DHCP address from Zentyal. I'm expecting clients will get DHCP Leases from Zentyal and not from the Netgear AP, right?
In Advanced, DHCP and SPI Firewall are disabled.
So basic settings work for you or not ??? I'm very confused. You wrote that you get IP from Zentyal DHCP isn't it? Or is it a typo?
Anyway, if it doesn't work, you may have also to enable an option permitting broadcast sent by clients to be relayed by your router. I can't help with details here because I'm not using Netgear but you may get the idea and look at config options.
-
I have a wrn2000 and if I get the chance I will replace the belkin one at a site I can get to this weekend.
Will report back.
-
So basic settings work for you or not ??? I'm very confused. You wrote that you get IP from Zentyal DHCP isn't it? Or is it a typo?
Yes, DHCP is working on the Netgear AP (on Internet Interface/port) but clients, connected to the AP (Wireless/LAN), cannot Lease an IP address from Zentyal via the access point. This should be the case so that clients and Zentyal will be on the same subnet. Otherwise, Captive Portal won't work.
Anyway, if it doesn't work, you may have also to enable an option permitting broadcast sent by clients to be relayed by your router. I can't help with details here because I'm not using Netgear but you may get the idea and look at config options.
I'll try this and report back of any development.
Thanks!
-
Being the gateway is enough, DNS+DHCP could be another server. Anyway, my suggestion is just to put the AP in bridged mode so you have everything in the same network.
jsalamero, thank you for taking time to answer.
I just wanna clarify how to accomplish what you said " just to put the AP in bridged mode so you have everything in the same network."
Shall I make the Zentyal Interface connected to the AP in bridge mode and assign an IP address to the AP the same subnet as the Zentyal server?
Thank you in advance.
-
The AP has DD-WRT on it, as I understand correctly?
It seems like you still do some sort of routing because you talk about WAN and LAN interface, just go into the DD-WRT configuration and make the WAN port part of the switch. Then it will just be an AP, no WAN interface.
Proceed to assign the IP address that will be only for the AP's managment purposes, for clients it will be transparent as they all sit on the same subnet.
If you can't do that, plug the network cable coming from Zentyal in one of the lan ports. Then it is bridged.
I have a DIR-300 flashed with DD-WRT and it is only AP. Clients get their IP from Zentyal and Zentyal is the gateway for the wireless clients.
The DHCP server of DD-WRT will still work (it can hand out IP's on that same LAN segment) but I prefer Zentyal handing out IP's.
Cheers.
-
The AP has DD-WRT on it, as I understand correctly?
No, Netgear WNR3500 does not have DD-WRT firmware.
It seems like you still do some sort of routing because you talk about WAN and LAN interface, just go into the DD-WRT configuration and make the WAN port part of the switch. Then it will just be an AP, no WAN interface.
I'm sorry, I don't know what you mean by this. Do you mean WAN AND LAN will be of the same subnet?
Proceed to assign the IP address that will be only for the AP's management purposes, for clients it will be transparent as they all sit on the same subnet. If you can't do that, plug the network cable coming from Zentyal in one of the lan ports. Then it is bridged.
I did this but (AP connected to a switch together with Zentyal Server on the same VLAN) but did not get any DHCP IP Lease from Zentyal server for the my client PC or wireless and wired connection.
I disabled DHCP (advanced settings) on the AP and then plug a pc in the switch part of the AP. This setting doesn't give a DHCP Address from Zentyal server.
Any thoughts?
Thanks
-
Just my 2 cents on how I have setup my AP and captive portal... maybe this will help you.
zentyal server (internal interface)------switch------AP-------client
Zentyal internal interface is using 802.1Q Vlan. It is connected to a VLan capable switch. One of the Vlans is designated for wifi guest. In zentyal under captive portal I have this Vlan checked. Under the DHCP module I have setup a range for this VLan.
From the VLAN switch (in the correct port) I have it connected to my AP. The AP is set to AP mode and the DHCP server is turned off.
I can see the AP device under zentyal DHCP leases and when clients connect to it they also get a DHCP lease from zentyal and they have to authenticate through captive portal.
Now I have also done this setup using my Netgear WNDR3700 rounter. The only thing is you cant connect from the VLAN switch to the WAN of the router..... you have to connect to the LAN of the router.
If you connect to the LAN port of the router (make sure your netgear has DHCP turned off) it will become a regular switch. After that your clients should start getting DHCP lease from the zentyal when they are connected to the netgear.
zentyal(internal interface 802.1Q)(captive port, DHCP,DNS Vlan13)-------(trunk port)VLAN switch(vlan13port)------(lan port)Netgear(Netgear DHCP turned off)--------client(the client receive DHCP, DNS and captive portal from Zentyal)
-
Problem solved. Thanks for all the inputs!