Use of different network configs, one for the office, where the AD
domain is, and one for roaming, i.e. wireless, hotels, etc.
On 8/31/06, Mark Opert <marko at clinedavis dot com> wrote:
> I am testing a m0n0wall captive portal with our corporate wireless network
> and have found a problem for us.
> With our large number Apple laptops that are bound to Active Directory, the
> laptops become incapacitated when they boot up from a DNS issue.
> When the Apple systems boot they perform a DNS lookup for the AD servers.
> M0n0wall blocks all the DNS lookups until it is an authorized machine. So
> the Apple system hangs by either waiting for a response from an AD server,
> if the m0nowall is a DNS relay, or the Apple system freezes attempting to
> contact a DNS server that m0n0wall is blocking.
> This occurs at boot for all systems and logout for any system that has not
> authorized from the m0nowall portal page.
> What the Apple systems need it when the system boots and makes a request for
> ad.xxx.com to respond with a failure (no answer does not work, it must be a
> failure), and once the laptop makes a portal login to get a different DNS
> server that will then respond with the proper addresses.
> Has anyone have a suggestion?
> Thank you
"Nothing on earth can overcome an absolutely non-resistant person."