Reply To: captive portal for one vlan with Cisco router as a gateway

Home Page Forums Network Management ZeroShell captive portal for one vlan with Cisco router as a gateway Reply To: captive portal for one vlan with Cisco router as a gateway

#53525

gordonf
Member

Sorry, but a ZS captive portal might not be feasible in this example without a lot of re-working.

So the idea is to insert the ZS between VLAN 10 clients and the 1921 router and use as a transparent proxy… were this a physical PC one would do that with a dual NIC PC and insert it between your 2960 and 1921 router, but with a separate cable, something like:

[Let’s pretend the 1921 has a 4-port switch card in it for a moment]

[1921 fa2]

[ZS appliance PC]
[2960 VLAN 10]
[1921 fa3]
[2960 VLAN 1]

OK, so we don’t have a spare PC we can use as an appliance, and we don’t have a 4-port switch card in the 1921. But if we create another VLAN to put in between the 1921 and ZS we might be able to simulate it:

[1921 fa0.110 (VLAN 110)]

[ZS VM]
[2960 VLAN 10]
[1921 fa0 (VLAN 1)]
[2960 VLAN 1]

I’m using a hypothetical VLAN 110 that only the 1921 and ZS would see. If you got the transparent part of ZS working normally, this should behave like a physical ZS appliance doing a bridge would. fa0.110 would replace fa0.10 but would otherwise have its IP configuration including DHCP.

Here’s a more complete example:

[1921 fa0.110 (VLAN 110)] --- [2960 VLAN 110] --- [ESXi vSwitch 110] --- [ZS VM] --- [ESXi vSwitch 10] --- [2960 VLAN 10]
[1921 fa0 (VLAN 1)]
[2960 VLAN 1]

Now, I never got a ZS virtual machine on ESXi to transparently pass packets between its interfaces successfully. I wanted to try this approach once, but following the Bridging FAQ didn’t produce the intended result. Maybe you’d have better luck.