View previous topic :: View next topic |
Author |
Message |
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
Posted: Tue Aug 08, 2006 10:51 pm Post subject: Client appear with the router's MAC |
|
|
I tried something that looks like topology 3.
A network segment is routed by a windows server with 2 network interfaces to the Firstspot server.
The problem is that all the clients of this segment appear to Firstspot with the router's MAC, which means that if one client is logged, all other clients of the same segment will have free access.
Did I do something wrong? |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Wed Aug 09, 2006 2:16 am Post subject: |
|
|
This is normal as MAC is a level-2 header.
You need use IP-based Session Handling and make sure the NAT within your router is turned off. Refer to the manual firstspot_giude.pdf for details. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
Posted: Wed Aug 09, 2006 5:03 pm Post subject: |
|
|
Hello Alan
I have tried IP-based handling.
It seems to work but IPs from various clients, from different segments including from same segment as FirtsSpot server, show all 255.255.255.255.
Is that normal? |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Thu Aug 10, 2006 2:32 am Post subject: |
|
|
This is normal if you turn on Client Isolation. The client connection should still work though. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
Posted: Thu Aug 10, 2006 5:58 am Post subject: |
|
|
Client isolation is turned off - Clients seem to go through normally |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Thu Aug 10, 2006 6:52 am Post subject: |
|
|
Please post your log file firstspot_gw_srv_[timestamp].log at FirstSpot\log directory for further analysis. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
Posted: Thu Aug 10, 2006 7:22 am Post subject: |
|
|
Where should I post the file?
I'm afraid I don't understand what is the "FirstSpot\log directory"
Thank you |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Thu Aug 10, 2006 7:35 am Post subject: |
|
|
Just post the file in the forum. The file is in the log subdirectory under FirstSpot installation directory (i.e. FirstSpot\log). _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Thu Aug 10, 2006 10:29 am Post subject: |
|
|
You can just "copy and paste" the log file to the forum. BTW, we prefer to have the current log file (under FirstSpot\log, not FirstSpot\log\archive).
Couple of points:
1) make sure you use IP-based session handling. MAC-based won't work
2) try to use simple subnet like 255.255.255.0 (instead of 255.255.255.224). This will make the troubleshooting much easier
3) also, start with one network segment first. Once you confirm everything is working correctly, then you can add more network segments.
4) Can you confirm that you have DHCP relay working correctly in your router? You might want to post the ipconfig/all dump from the client PC once you make the above adjustment. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
Posted: Thu Aug 10, 2006 3:47 pm Post subject: |
|
|
Thank you Alan for your fast replies.
When I tested, I used static IPs on the clients. It doesn't seem that DHCP relay is working in the router.
Is it mandatory to use Firspot as the DHCP server in the subnets as well? |
|
Back to top |
|
|
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
Posted: Thu Aug 10, 2006 6:59 pm Post subject: |
|
|
Please confirm or correct me with the following points:
1) Clients (with static IPs) from a different network segment will appear in Firstspot with the router's IP and it is enough that one is connected to open the way to any other client from the same segment.
2) I'm suspecting that DHCP forwarding will resolve the issue but it seemed to me that it might be a bit tricky to have DHCP forwarding work in a Linksys WRTG router with Talisman or Openwrt firmware.
3) Would it be better to try to avoid having multiple segments?
And one question: does Patronsoft has a special pricing policy in the case of a topology requiring more than one firstspot server?
Thaks a lot |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Fri Aug 11, 2006 3:53 am Post subject: |
|
|
1) So you can accept the per-segment login? Normally, FirstSpot is designed so that each client needs to login.
3) One of the more common use for Multiple Network Segments is if you have remote location. For your case, I suggest you to use single segment (Scenario 1) to confirm everything works fine first
FirstSpot pricing policy is per-installation. So just count how many FirstSpot you install and that is the number of licenses you need. Refer to http://patronsoft.com/firstspot/buy_now.html for details. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
stnicolas
Joined: 06 Aug 2006 Posts: 12
|
Posted: Tue Aug 15, 2006 5:58 pm Post subject: |
|
|
Because I wouldn't like to accept the per-segment login, I will have to get rid of the multiple network segments if I will want to use Firstspot.
In fact I do have remote locations, must most of them are bridged in the same network.
I tried again Firstspot with single segment, mac handling- it seems to be working fine.
NAT is handled by an ADSL/modem-router, next hop after Firstspot.
The question is: should NAT be on in Fistspot? I tried both alternatives and didn't notice any difference.
Thank You |
|
Back to top |
|
|
alan Forum facilitator
Joined: 26 Sep 2003 Posts: 4435
|
Posted: Wed Aug 16, 2006 2:45 am Post subject: |
|
|
Again, per-segment login is not normal. Please make sure IP-based Session Handling is used and the router's (between FirstSpot and client PC) NAT is turned off. Anyway for your case, single network segment (Scenario 1) should suffice.
Regarding the NAT within FirstSpot, just leave it on if you are okay. The setting is slightly easier. _________________ ~ Patronsoft Limited ~ |
|
Back to top |
|
|
|