Re: [PacketFence-users] Google oauth2 - Behavior/Troubleshooting

2020-04-23 Thread Diego Garcia del Rio via PacketFence-users
Hi bill Please look at ALL the log files under /usr/local/pf/var/logs (the httpd logs only cover the requests from the devices). There will be two requests going to google.. one where Packetfence is doing NAT for the devices to be onboarded (this is the traffic from the user's browser) and then

Re: [PacketFence-users] Google oauth2 - Behavior/Troubleshooting

2020-04-23 Thread Bill Handler via PacketFence-users
I’m hoping I’ve set up the Google part correctly, if not the authentication wouldn’t go through correct? I just needed to setup OAuth 2.0 Client IDs. I don’t need any API Keys or Service Accounts correct? In the Client ID I listed it as a web application Diego, Thanks for your help… This

Re: [PacketFence-users] VLAN isolation and routed networks

2020-04-23 Thread Erik via PacketFence-users
On 23-04-2020 18:19, Ludovic Zammit wrote: Hello Erik, If you check the routed network documentation you can see an example for a remote site. https://packetfence.org/doc/PacketFence_Installation_Guide.html#_routed_networks With VLAN enforcement you would need to have one registration

[PacketFence-users] OpenVAS - Greenbone Security Assistant

2020-04-23 Thread George G via PacketFence-users
Hi everybody, we're trying to integrate Greenbone Security Assistant, former OpenVAS, with PF. We're running version 8.2.0 The official PF documentation states: *In order to validate proper connectivity from PacketFence to OpenVAS for remote management,execute the following command (replacing

Re: [PacketFence-users] VLAN isolation and routed networks

2020-04-23 Thread Erik via PacketFence-users
On 23-04-2020 13:50, Ludovic Zammit wrote: Hello Erik, Hello Ludovic, Yes it can assign VLAN only. Ah, nice. Do you want a captive portal to register your devices or just do 802.1x/ mac authentication ? To begin with, just 802.1x and/or MAC auth. Local equipment can handle a

Re: [PacketFence-users] VLAN isolation and routed networks

2020-04-23 Thread Ludovic Zammit via PacketFence-users
Hello Erik, If you check the routed network documentation you can see an example for a remote site. https://packetfence.org/doc/PacketFence_Installation_Guide.html#_routed_networks With VLAN enforcement you

Re: [PacketFence-users] Radius Filter - Block Mac Auth for certain roles

2020-04-23 Thread Ludovic Zammit via PacketFence-users
Hello Robert, A fix has been done yesterday regarding the connection type: https://github.com/inverse-inc/packetfence/commit/176c6d6df606cff86a83c9cf93a571c44dd52da0 Apply the maintenance branche and

Re: [PacketFence-users] VLAN isolation and routed networks

2020-04-23 Thread Ludovic Zammit via PacketFence-users
Hello Erik, Yes it can assign VLAN only. Do you want a captive portal to register your devices or just do 802.1x/ mac authentication ? There a lot of feature that rely on DHCP handled by PacketFence for the captive portal, for example you will lose a good part the Profiling with Fingerbank

Re: [PacketFence-users] Packetfence iptables-restore issues and windbind domain join not working after upgrade to 10

2020-04-23 Thread Ludovic Zammit via PacketFence-users
Hello tomasz, Radius Accounting is disabled by default, we created PFAcct to handle accounting traffic to fix some bandwidth issues. Thanks, Ludovic Zammit lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca Inverse inc. ::

Re: [PacketFence-users] Packetfence iptables-restore issues and windbind domain join not working after upgrade to 10

2020-04-23 Thread Tomasz Karczewski via PacketFence-users
There is missing kernel module dkms-ipt-netflow in packetfence-zen installation Solution is to reinstall module. yum reinstall dkms-ipt-netflow --enablerepo=packetfence After reinstallation iptables started properly. Tomasz Karczewski Administrator Sieci tkarczew...@man.olsztyn.pl

Re: [PacketFence-users] VLAN isolation and routed networks

2020-04-23 Thread Erik via PacketFence-users
On 23-04-2020 00:24, Sallee, Jake via PacketFence-users wrote: PF works great with routed networks and depending on the details of your VPN connection I think it should work in your situation. Thanks, it's not the VPN I am wondering about, though. The most important requirement is that PF

[PacketFence-users] PF10 Inactive since bug

2020-04-23 Thread Tomasz Karczewski via PacketFence-users
HI, I noticed that in Packetfence V10 in node info last seen dhcp value is taken from end time of dhcp lease not from start time. Fresh Packetfence ZEN installation. Tomasz Karczewski Administrator Sieci tkarczew...@man.olsztyn.pl http://www.man.olsztyn.pl

Re: [PacketFence-users] Google oauth2 - Behavior/Troubleshooting

2020-04-23 Thread Jonathan Nathanson via PacketFence-users
I had this very similar problem recently. Does A3 manage DHCP in the reg VLAN? The role should be assigned following a disconnect / COA packet sent to the client device to get them to reconnect, I believe. You should do a packet trace and check. You might also want to check corresponding log