Hi Antonio, On 15/02/11 6:55 PM, Manueco, Antonio wrote: > Thank you for the reply Olivier, I actually found a work around that works > for our environment by tweaking some things in our end. The more I get to > know PF the more I like it. Basically for anyone interested, what we did is > change the VLAN that returns from our production DB once a client has > registered through our own portal. This VLAN that comes from the controller > is the PF Registration VLAN. We have added registration expire settings in > PF to kick people out after a certain amount of time and force them to > re-authenticate. > > Q1) I added an expire.node to the conf but it's not taking effect. I look in > the status of the Node in the GUI, and regardless whether the clients > wireless adapter is on or off, it always shows as currently active, I'm sure > this is the problem. How does PF determine whether a client is active or not? > Forget about active status. It is being reconsidered since it's meaning was lost between the ARP / DHCP mode transition into VLAN isolation.. expire.node's support in VLAN isolation mode is also unknown right now.
To see if a client is allowed on the network or not check the node's status for reg (registered aka allowed) or unreg (unregistered). > I've set up FreeRadius to forward all MAC auth to our production RADIUS > server, return the correct VLAN. The client gets put in the right VLAN, now > my issue is adding RADIUS auth for that username/password field for > registration. I've configured registration to radius, and all clients are > allowed in (from the documentation and testing purposes), but I don't see the > RADIUS request package coming into PF. I'm trying to look at some of the > scripts to see what's going on at the captive portal side. You've set auth=radius under [registration] in pf.conf? Then it should trigger the module conf/authentication/radius.pm. Have a look at it too. Cheers! -- Olivier Bilodeau obilod...@inverse.ca :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev _______________________________________________ Packetfence-devel mailing list Packetfence-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-devel
