Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: IPCOP Blue Interface

IPCOP Blue Interface 9 years 10 months ago #19387

  • codiac
  • codiac's Avatar
  • Offline
  • Frequent Member
  • Posts: 33
  • Karma: 0
Hi guys :)

is this possible.........................

When using the blue interface to MAC filter clients, is it possible to display a custom webpage to users who are not in the list instead of a "page cannot be displayed"?

something like "you are not authorised to view web pages, please contact bla bla for access"?

Thanks peeps

Jay
The administrator has disabled public write access.

Re: IPCOP Blue Interface 9 years 10 months ago #19399

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
I don't think you can do that using the Blue Access screen, codiac. This is because the unauthorised clients are actually prevented from acquiring an IP address in the first place, so there is no way of serving them with a webpage.

In order to do what you want to do, you would have to allow anyone to connect to BLUE (i.e. allow any client to acquire an IP by DHCP) then you would use an addon like Advproxy to control web access based on MAC and use that to provide a customised error message.
The administrator has disabled public write access.

Re: IPCOP Blue Interface 9 years 10 months ago #19401

  • codiac
  • codiac's Avatar
  • Offline
  • Frequent Member
  • Posts: 33
  • Karma: 0
Hi Dalight!

Hope you are well old friend :D

I have setup a number of boxes with blue interfaces, and they all give out an IP address, they just dont get any web pages (maybe I have been configuring them wrong) :oops:

If I used something like Adv Proxy, which I believe only blocks port 80 I cant see how I could utilise it?

Never mind, maybe I need to invent a "Purple interface" :lol:

Thanks again

Jay
The administrator has disabled public write access.

Re: IPCOP Blue Interface 9 years 10 months ago #19410

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
Hi Dalight!
Hope you are well old friend :D
Still smarting though because you haven't yet sent me a Vigor 3300v to play with yet :x
I have setup a number of boxes with blue interfaces, and they all
give out an IP address, they just dont get any web pages (maybe I have been configuring them wrong) :oops:
Sorry codiac ... my mistake. If DHCP is setup, any clients may be given an IP by DHCP. You can then use MAC or IP filtering (or both) to control access to the internet as you are already doing.
If I used something like Adv Proxy, which I believe only blocks port 80 I cant see how I could utilise it?
That is true if you are running Squid in transparent mode, and you have not blocked off direct access through iptables. If you do block off access via iptables and then distribute proxy information to clients using (WPAD) Web Proxy Auto Discovery Protocol, you will be able use Adv Proxy and then customise the Squid error page. But you will also need to grant internet access to every IP addess in your DHCP range (using the Blue Access screen), and then Adv Proxy will act as your policeman.
The administrator has disabled public write access.

Re: IPCOP Blue Interface 9 years 10 months ago #19434

  • codiac
  • codiac's Avatar
  • Offline
  • Frequent Member
  • Posts: 33
  • Karma: 0
Hi Dalight!
Still smarting though because you haven't yet sent me a Vigor 3300v to play with yet
Ive used all the 3300v's up! (fitted them all over the place); dont worry though, im getting some more :wink:
That is true if you are running Squid in transparent mode, and you have not blocked off direct access through iptables. If you do block off access via iptables and then distribute proxy information to clients using (WPAD) Web Proxy Auto Discovery Protocol, you will be able use Adv Proxy and then customise the Squid error page. But you will also need to grant internet access to every IP addess in your DHCP range (using the Blue Access screen), and then Adv Proxy will act as your policeman.
wouldnt this still only block port 80 and still allow other traffic through? (MSN, https etc)

Cheers
Jay
The administrator has disabled public write access.

Re: IPCOP Blue Interface 9 years 10 months ago #19439

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
wouldnt this still only block port 80 and still allow other traffic through? (MSN, https etc)

Not if you do this:
... If you do block off access via iptables ...
The administrator has disabled public write access.
Time to create page: 0.079 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup