[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] A new draft / idea - draft-wkumari-capport-icmp-unreach



Le Ven 1 mai 2015 13:42, Yaron Sheffer a écrit :
> As a user, I have never seen a case where the captive portal is not on
> the same link as the client device, and never seen a case where an IP is
> obtained using a non-DHCP mechanism when in a CP setting. Can you give
> some concrete examples?

user   ]
(local ]---[ Corp Network ]
dhcp ) ]     |
             |   [ Corp Datacenter 1     ]   [ www gateway 1 ]
             |---[ with internal webapps ]---[ with captive  ]-|
             |   [ in direct access      ]   [ portal        ] |--[ W ]
             |                                                    [ W ]
             |   [ Corp Datacenter 2     ]   [ www gateway 2 ] |--[ W ]
             |---[ with internal webapps ]---[ with captive  ]-|
                 [ in direct access      ]   [ portal        ]
                          |
                 [ Permanent VPN tunnel ]
                          |
                 [ Partner datacenter   ]
                 [ and internal webapps ]
                 [ in direct access     ]

Two datacenters and www links since that's the minimum for business
continuity, can be more easily. Captive portal can and is dedicated to www
http(s) access not other firewalled protocols

If such configurations didn't exist there would be no need for pac files.

-- 
Nicolas Mailhot