From: Dooza on 18 Jun 2010 04:09 On 18/06/2010 04:06, Markla wrote: > Thanks Dooza& Ken, appreciated. > > My understanding to do this with a proxy, I'd need each user to configure a > proxy, which would be complex when anyone can join. Whereas using a DNS, the > DNS server is assigned with a DHCP IP address, so I can control by DNS > easier, and only while people are on my locally created network. Correct me > if I'm wrong. Not sure, but doesn't DHCP set the default gateway? Isn't that the proxy address? Dooza
From: Grant Taylor on 18 Jun 2010 19:49 Markla wrote: > My understanding to do this with a proxy, I'd need each user to > configure a proxy, which would be complex when anyone can join. You can set your proxy up as a /transparent/ proxy and the users would not have to make any configuration changes. > Whereas using a DNS, the DNS server is assigned with a DHCP IP > address, so I can control by DNS easier, and only while people are on > my locally created network. Correct me if I'm wrong. See my comment about transparent caching above. You are correct about controlling things via DNS. > I've found some internet access hardware which says it supports it, > although haven't been able to get confirmation yet, have been looking > at the Cisco 881 in particular. Seeing that you are using Cisco equipment, you might want to look in to WCCP. Link - Configuring Web Cache Services Using WCCP - http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf018_ps1835_TSD_Products_Configuration_Guide_Chapter.html > I'm also told this type of solution is called a "walled garden", > searching for that has found some options as well. There are two types of walled gardens. 1) presents a splash page that users have to acknowledge something to be able to proceeded to the internet at large. 2) is a completely isolated network that you can't access the internet from yet pretends to be everything. > I acknowledge this isn't going be an IIS solution so I'll look for > another forum. If anyone knows a forum where I might get further > info, I'd appreciate it. You can probably configure DNS to resolve all host names to the IIS server and configure IIS to answer requests on any host name. So, you might be able to do a (limited?) form of what you are wanting with IIS & DNS (poisoning). Grant. . . .
From: Markla on 22 Jun 2010 05:35 "Dooza" wrote: > Not sure, but doesn't DHCP set the default gateway? Isn't that the proxy > address? Yes- my networking is rusty, I'd been thinking of the proxy settings in browsers. I believe what I need to find, is a device as that gateway/proxy, which can be configured to redirect port 80 traffic to a specified address. It becomes then a question of function, capacity and cost. Any suggestions on such a device appreciated. I'm looking at the Cisco 88x series or a PC configured for it, at the moment. Thanks for your responses, much appreciated. +M
From: Markla on 22 Jun 2010 07:41 Thanks, that's given me another leg-up to the solution. A few questions: > You can set your proxy up as a /transparent/ proxy and the users would > not have to make any configuration changes. I follow the words but am stuck on the gap to how, can you guide me to a product or web page which describes specifics of how? > Seeing that you are using Cisco equipment, you might want to look in to > WCCP. Looking into it. My issue with Cisco is IOS can be a pain, and in the middle of an event I won't have a Cisco tech handy when things go wrong... the upside is they're reliable. Looking further, my options appears to be one of these, configured to redirect all traffic to a single IP address of an IIS server: 1. DNS poisoning (configured on the gateway) 2. Router which supports redirection (eg. WCCP, above) 3. PC running Linux and router software (eg. pfSense, MicroTik) (unless someone can suggest a windows alternative) Given I'm at an event including weekends, simplicity for support is vital. Also important is while only 20-40 people might be browsing at one time, 100+ could be connected but idle, as they walk around, so I need to be wary of user limits catching the higher number. Performance should be ok given it's a relatively light web traffic load. I'd appreciate if someone can confirm my understanding, that (2) or (3) will offer more complete solutions by also redirecting/catching people who type in direct IP addresses? I think based on cost, (3) with a not-too-old PC wins, and also make it easier to find a spare if one fails. I'd prefer windows simply because other SW I use needs Win device drivers, and I'd prefer just one platform, but I can't find a win based alternative at the moment. Thanks, +M
From: Markla on 22 Jun 2010 11:35 While looking into the responses further, I've just found this page on captive portals & walled gardens, which gives a good overview along the lines of the posts above, and some additional links: http://en.wikipedia.org/wiki/Captive_portal With this plus the very helpful replies above, it's all making sense now. Thanks for taking the time, appreciated. +M
First
|
Prev
|
Pages: 1 2 Prev: Exchange 2010 OWA and IIS Filter Redirection Problem Next: Installation Error IIS_asps05kj.asp |