Hi Juan,
Please post your switches.conf file, at least the relevant parts (stripped of
secrets and passwords, of course).
Regards,
--
Louis Munro
lmu...@inverse.ca :: www.inverse.ca
+1.514.447.4918 *125 :: +1 (866) 353-6153
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
On 2014-04-01, at 9:48 , Juan Camilo Valencia <juan.valen...@seguratec.com.co>
wrote:
> Hi Louis,
>
> Sorry I forget to include the pf libraries, I ran again the command and says
> syntax OK, another idea?, I will review the switches.conf again and see if I
> catch something.
>
> Regards,
>
>
> On Tue, Apr 1, 2014 at 8:40 AM, Juan Camilo Valencia
> <juan.valen...@seguratec.com.co> wrote:
> HI Louis,
>
> I just made the test that you suggest, Yes I have a problem in the
> compilation, it can not locate pf/config.pm, but the file is there, some
> suggestions, Do you prefer that I post the entire output of the command?, let
> me know.
>
> Regards,
>
>
> On Tue, Apr 1, 2014 at 8:34 AM, Louis Munro <lmu...@inverse.ca> wrote:
> Hi Juan,
> Did you check the file for syntax errors?
>
> I.e. run this command:
> perl -c -I/usr/local/pf/lib /usr/local/pf/lib/SNMP/Cisco/Aironet_1210.pm
>
> Please report any errors.
>
> Regards,
> --
> Louis Munro
> lmu...@inverse.ca :: www.inverse.ca
> +1.514.447.4918 *125 :: +1 (866) 353-6153
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
> (www.packetfence.org)
>
> On 2014-04-01, at 9:28 , Juan Camilo Valencia
> <juan.valen...@seguratec.com.co> wrote:
>
>> HI Fabrice,
>>
>> I create a file named Aironet_1210.pm in lib/pf/SNMP/Cisco/, I make it part
>> of pf:pf, when I go thorug the admin gui to configuration->Switches appear
>> an error, looking into the logs nothing appear, however when I did test with
>> the AP in packetfence.log said, "ERROR Can not load perl module for swith
>> x.x.x.x, type: pf::SNMP::Cisco::Aironet_1210. Either the type is unknown or
>> the perl module has compilation errors", and the following line said, "WARN:
>> Can't instantiate switch x.x.x.x This request will be failed. Are you sure
>> your switches.conf is correct? (pf::radius::authorize)", Maybe I'm missing
>> something in the conf, since the log said can not load perl module I tough
>> that I need to compile the module or something like that. The AP has the
>> conf line that I mentioned in the past e-mail, and there is not traffic
>> since PF can not instantiate the module.
>> What do you think?
>>
>> Best Regards,
>>
>>
>> On Tue, Apr 1, 2014 at 8:18 AM, Fabrice DURAND <fdur...@inverse.ca> wrote:
>> Hi Juan,
>>
>> i have just change a line but the code look good.
>>
>> What you have to check is if the module appear in the module list in the
>> admin gui (Switch config).
>> And did you enable RFC 3576 on the access point, and do you have traffic on
>> the udp port 3799 from pf to the access point ?
>>
>> Fabrice
>>
>>
>>
>> package pf::SNMP::Cisco::Aironet_1210;
>>
>> =head1 NAME
>>
>> pf::SNMP::Cisco::Aironet_1210 - Object oriented module to access SNMP
>> enabled Cisco Aironet 1210 APs
>>
>> =head1 SYNOPSIS
>>
>> The pf::SNMP::Cisco::Aironet_1210 module implements an object oriented
>> interface
>> to access SNMP enabled Cisco Aironet_1210 APs.
>>
>> This modules extends pf::SNMP::Cisco::Aironet
>>
>> =cut
>> use strict;
>> use warnings;
>> use Log::Log4perl;
>> use Net::SNMP;
>>
>> use pf::config;
>>
>> use base ('pf::SNMP::Cisco::Aironet');
>>
>> sub description { 'Cisco Aironet 1210' }
>>
>> =item deauthenticateMacDefault
>>
>> De-authenticate a MAC address from wireless network (including 802.1x).
>>
>> Diverges from L<pf::SNMP::Cisco::WLC> in the following aspects:
>>
>> =over
>>
>> =item No Service-Type
>>
>> =item Called-Station-Id in the Cisco format (aabb.ccdd.eeff)
>>
>> =back
>>
>> =cut
>>
>> sub deauthenticateMacDefault {
>> my ( $self, $mac, $is_dot1x ) = @_;
>> my $logger = Log::Log4perl::get_logger(__PACKAGE__);
>>
>> if ( !$self->isProductionMode() ) {
>> $logger->info("not in production mode... we won't perform
>> deauthentication");
>> return 1;
>> }
>>
>>
>> if (!defined($self)) {
>> $logger->error("deauthentication impossible, could not find AP for
>> MAC $mac");
>> return;
>> }
>>
>> $logger->debug("deauthenticate $mac on AP $ap_ip using RADIUS
>> Disconnect-Request deauth method");
>> return $self->radiusDisconnect($mac);
>>
>> }
>>
>>
>>
>>
>>
>> =item deauthTechniques
>>
>> Return the reference to the deauth technique or the default deauth technique.
>> We implement the RADIUS technique using a PoD server in the AP.
>>
>> =cut
>>
>> sub deauthTechniques {
>> my ($this, $method) = @_;
>> my $logger = Log::Log4perl::get_logger( ref($this) );
>> my $default = $SNMP::RADIUS;
>> my %tech = (
>> $SNMP::RADIUS => \&deauthenticateMacDefault,
>> );
>>
>> if (!defined($method) || !defined($tech{$method})) {
>> $method = $default;
>> }
>> return $method,$tech{$method};
>> }
>>
>>
>> =head1 AUTHOR
>>
>> Inverse inc. <i...@inverse.ca>
>>
>> =head1 COPYRIGHT
>>
>> Copyright (C) 2005-2014 Inverse inc.
>>
>> =head1 LICENSE
>>
>> This program is free software; you can redistribute it and/or
>> modify it under the terms of the GNU General Public License
>> as published by the Free Software Foundation; either version 2
>> of the License, or (at your option) any later version.
>>
>> This program is distributed in the hope that it will be useful,
>> but WITHOUT ANY WARRANTY; without even the implied warranty of
>> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>> GNU General Public License for more details.
>>
>> You should have received a copy of the GNU General Public License
>> along with this program; if not, write to the Free Software
>> Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
>> USA.
>>
>> =cut
>>
>> 1;
>>
>> Le 2014-04-01 09:02, Juan Camilo Valencia a écrit :
>>> Hi Fabrice,
>>>
>>> sure Here it is,
>>>
>>> This is based on the Aironet_WDS that I work like two years ago with
>>> Olivier, the device is a Aironet 1210 with IOS, in the AP you need to
>>> configure normally without the need of SNMP lines and you need to add the
>>> following line, "aaa pod server clients x.x.x.x por 3799 auth-type any
>>> server-key StrOnGSecreT" where x.x.x.x is the IP of the PF BOX. This is the
>>> Aironet_1210.pm that I thinking,
>>>
>>> package pf::SNMP::Cisco::Aironet_1210;
>>>
>>> =head1 NAME
>>>
>>> pf::SNMP::Cisco::Aironet_1210 - Object oriented module to access SNMP
>>> enabled Cisco Aironet 1210 APs
>>>
>>> =head1 SYNOPSIS
>>>
>>> The pf::SNMP::Cisco::Aironet_1210 module implements an object oriented
>>> interface
>>> to access SNMP enabled Cisco Aironet_1210 APs.
>>>
>>> This modules extends pf::SNMP::Cisco::Aironet
>>>
>>> =cut
>>> use strict;
>>> use warnings;
>>> use Log::Log4perl;
>>> use Net::SNMP;
>>>
>>> use pf::config;
>>> use pf::util qw(format_mac_as_cisco);
>>>
>>> use base ('pf::SNMP::Cisco::Aironet');
>>>
>>> sub description { 'Cisco Aironet 1210' }
>>>
>>> =item deauthenticateMacDefault
>>>
>>> De-authenticate a MAC address from wireless network (including 802.1x).
>>>
>>> Diverges from L<pf::SNMP::Cisco::WLC> in the following aspects:
>>>
>>> =over
>>>
>>> =item No Service-Type
>>>
>>> =item Called-Station-Id in the Cisco format (aabb.ccdd.eeff)
>>>
>>> =back
>>>
>>> =cut
>>>
>>> sub deauthenticateMacDefault {
>>> my ( $self, $mac, $is_dot1x ) = @_;
>>> my $logger = Log::Log4perl::get_logger(__PACKAGE__);
>>>
>>> if ( !$self->isProductionMode() ) {
>>> $logger->info("not in production mode... we won't perform
>>> deauthentication");
>>> return 1;
>>> }
>>>
>>>
>>> if (!defined($self)) {
>>> $logger->error("deauthentication impossible, could not find AP for
>>> MAC $mac");
>>> return;
>>> }
>>>
>>> $logger->debug("deauthenticate $mac on AP $ap_ip using RADIUS
>>> Disconnect-Request deauth method");
>>> my $mac_for_deauth = format_mac_as_cisco($mac);
>>> return $self->radiusDisconnect($mac, {
>>> 'NAS-IP-Address' => $ap_ip,
>>> 'Calling-Station-Id' => $mac_for_deauth,
>>> });
>>> }
>>>
>>>
>>>
>>>
>>>
>>> =item deauthTechniques
>>>
>>> Return the reference to the deauth technique or the default deauth
>>> technique.
>>> We implement the RADIUS technique using a PoD server in the AP.
>>>
>>> =cut
>>>
>>> sub deauthTechniques {
>>> my ($this, $method) = @_;
>>> my $logger = Log::Log4perl::get_logger( ref($this) );
>>> my $default = $SNMP::RADIUS;
>>> my %tech = (
>>> $SNMP::RADIUS => \&deauthenticateMacDefault,
>>> );
>>>
>>> if (!defined($method) || !defined($tech{$method})) {
>>> $method = $default;
>>> }
>>> return $method,$tech{$method};
>>> }
>>>
>>>
>>> =head1 AUTHOR
>>>
>>> Inverse inc. <i...@inverse.ca>
>>>
>>> =head1 COPYRIGHT
>>>
>>> Copyright (C) 2005-2014 Inverse inc.
>>>
>>> =head1 LICENSE
>>>
>>> This program is free software; you can redistribute it and/or
>>> modify it under the terms of the GNU General Public License
>>> as published by the Free Software Foundation; either version 2
>>> of the License, or (at your option) any later version.
>>>
>>> This program is distributed in the hope that it will be useful,
>>> but WITHOUT ANY WARRANTY; without even the implied warranty of
>>> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
>>> GNU General Public License for more details.
>>>
>>> You should have received a copy of the GNU General Public License
>>> along with this program; if not, write to the Free Software
>>> Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
>>> USA.
>>>
>>> =cut
>>>
>>> 1;
>>>
>>> I need to contribute the doc of the Aironet WDS modules, I will try to have
>>> a time for that and the doc of this module to if it works.
>>>
>>> Best Regards and thanks for your advance,
>>>
>>>
>>> On Tue, Apr 1, 2014 at 6:59 AM, Fabrice DURAND <fdur...@inverse.ca> wrote:
>>> Hi Juan,
>>>
>>> can you paste your module ?
>>>
>>> Regards
>>> Fabrice
>>>
>>>> Hi Guys,
>>>>
>>>> I trying to test a new ap module in packetfence, an aironet 1210 with
>>>> radius deauth, i have created the perl package, my question is, what are
>>>> the steps necessaries to make packetfence recognize that. I was reading
>>>> the developers guide but didn't see how.
>>>>
>>>> Thanks foir your advance,
>>>>
>>>> Best regards,
>>>>
>>>> --
>>>> JUAN CAMILO VALENCIA VARGAS
>>>> Ingeniero de Operaciones
>>>> SeguraTec S.A.S
>>>> Calle 11 # 43B-50 of 307
>>>> Medelllín Colombia
>>>>
>>>> “Choose a job you love, and you will never have to work a day in your life”
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>>
>>>>
>>>> _______________________________________________
>>>> PacketFence-devel mailing list
>>>> PacketFence-devel@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
>>>
>>>
>>> --
>>> Fabrice Durand
>>> fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
>>> (http://packetfence.org)
>>>
>>> ------------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> PacketFence-devel mailing list
>>> PacketFence-devel@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
>>>
>>>
>>>
>>>
>>> --
>>> JUAN CAMILO VALENCIA VARGAS
>>> Ingeniero de Operaciones
>>> SeguraTec S.A.S
>>> Calle 11 # 43B-50 of 307
>>> Medelllín Colombia
>>>
>>> “Choose a job you love, and you will never have to work a day in your life”
>>>
>>>
>>> ------------------------------------------------------------------------------
>>>
>>>
>>> _______________________________________________
>>> PacketFence-devel mailing list
>>> PacketFence-devel@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
>>
>>
>> --
>> Fabrice Durand
>> fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
>> (http://packetfence.org)
>>
>> ------------------------------------------------------------------------------
>>
>> _______________________________________________
>> PacketFence-devel mailing list
>> PacketFence-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
>>
>>
>>
>>
>> --
>> JUAN CAMILO VALENCIA VARGAS
>> Ingeniero de Operaciones
>> SeguraTec S.A.S
>> Calle 11 # 43B-50 of 307
>> Medelllín Colombia
>>
>> “Choose a job you love, and you will never have to work a day in your life”
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> PacketFence-devel mailing list
>> PacketFence-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> PacketFence-devel mailing list
> PacketFence-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
>
>
>
>
> --
> JUAN CAMILO VALENCIA VARGAS
> Ingeniero de Operaciones
> SeguraTec S.A.S
> Calle 11 # 43B-50 of 307
> Medelllín Colombia
>
> “Choose a job you love, and you will never have to work a day in your life”
>
>
>
> --
> JUAN CAMILO VALENCIA VARGAS
> Ingeniero de Operaciones
> SeguraTec S.A.S
> Calle 11 # 43B-50 of 307
> Medelllín Colombia
>
> “Choose a job you love, and you will never have to work a day in your life”
> ------------------------------------------------------------------------------
> _______________________________________________
> PacketFence-devel mailing list
> PacketFence-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-devel
------------------------------------------------------------------------------
_______________________________________________
PacketFence-devel mailing list
PacketFence-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-devel
