SearchSearch   ProfileProfile   Log inLog in   RegisterRegister 

What we have is slightly different than scenario 3

 
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum
View previous topic :: View next topic  
Author Message
esplanade



Joined: 09 Aug 2006
Posts: 18
Location: Gualala CA

PostPosted: Wed Aug 30, 2006 2:01 pm    
Post subject: What we have is slightly different than scenario 3

What we have is slightly different than scenario 3. It looks like this.


Client-->ap-->routerA----------T1---------->routerB------------------>Switch-------->A.FS.B------
| |
------------------------------->Internet Router C

In this scenerio, both the public and private interfaces of FS are attached to the same network segment.
What is happening is that the client requests an IP from FS and is assigned 10.20.2.xx. FS has an IP of
10.20.2.1 on interface A, the private side. When the client requests a web page, router B sends the request
packet directly to internet router C which cannot do anything with the packet as it is from a private address and
is non routable. I can tell router B to use FS as it's default gateway, but it receives an icmp redirect to router C
and the same problem ensues.

I could construct the network as in scenerio B, where FS sits between all traffic, however we have nearly a hundred
fixed IP customers also running across this T1 and this is a lot of IP's to place in the session exception table considering
that the session exception table does not seem to be aware of the concept of subnets for exceptions and I would have to
manually enter each ip and maintain that table going forward.

Has anyone dealt with this issue? What was your solution.?
Back to top
esplanade



Joined: 09 Aug 2006
Posts: 18
Location: Gualala CA

PostPosted: Wed Aug 30, 2006 2:03 pm    
Post subject: the || connects to the switch

in the former diagram the || connects to the switch
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Thu Aug 31, 2006 7:27 am    
Post subject:

I am not too sure about what your exact problem. In general:

1) FirstSpot needs to sit between the client PC and the Internet. In particular, FirstSpot needs to be in the outgoing path so that it can intercept the traffic (i.e. captive portal).

2) Why you need to put the IP in the Exception Free Websites table? This feature is designed so that the client PC can view some special web sites without login (e.g. Hotel guest can view the hotel web sites)

3) Regarding ICMP redirect, can you use static route instead?
_________________
~ Patronsoft Limited ~
Back to top
esplanade



Joined: 09 Aug 2006
Posts: 18
Location: Gualala CA

PostPosted: Thu Aug 31, 2006 9:56 pm    
Post subject: Mixed topology

We run a mixed network where we have hundreds of fixed customers who never authenticate through firstspot.
They are all on fixed real world IP addresses. We agree that firstspot has to be physically in the path, but we only want the
traffic from our hotspots to be actually affected by the firstspot. Hence the need to enter exceptions for all of the
downstream fixed users. How do we do this?
_________________
www.esplanade.us using Firstspot
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Fri Sep 01, 2006 3:02 am    
Post subject:

Okay, I understand. You don't need to use Exception Free Websites.

You can try network setup like:

http://patronsoft.com/firstspot/FirstSpot_Scenario3b.ppt

Note that you need to turn off NAT within FirstSpot.
_________________
~ Patronsoft Limited ~
Back to top
Display posts from previous:   
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group