The Inverse team is pleased to announce the immediate availability of 
PacketFence v11.1. This is a major release with new features, enhancements and 
bug fixes. This release is considered ready for production use and upgrading 
from previous versions is strongly advised.
What is PacketFence?
PacketFence is a fully supported, trusted, Free and Open Source Network Access 
Control (NAC) solution. Boasting an impressive feature set, PacketFence can be 
used to effectively secure small to very large heterogeneous networks.

Among the features provided by PacketFence, there are:
powerful BYOD (Bring Your Own Device) capabilities
multiple enforcement methods including Role-Based Access Control (RBAC) and 
built-in network behaviour anomaly detection
state-of-the art devices identification with Fingerbank
compliance checks for endpoints present on your network
integration with various vulnerability scanners, intrusion detection solutions, 
security agents and firewalls
bandwidth accounting for all devices
A complete overview of the solution is available from the official website:
Changes Since Previous Release
New Features
Support for Akamai MFA in VPN/CLI RADIUS authentication and on the captive 
Support for TOTP MFA in VPN/CLI RADIUS authentication and on the captive portal
Automation of upgrades for standalone installations (#6583)
MikroTik DHCP MAC authentication support
Allow to use the sAMAccountName from the searchattributes in MSCHAP machine 
authentication (#6586)
Improve the Data Access Layer to work in MariaDB's default sql_mode
New command pfcmd mariadb [mariadb options]
Deauth request can be made on the previous equipment the device was connected
Allow the bulk import of config items to be async
Remove unused/deprecated sources (AuthorizeNet, Instagram, Twitter, Pinterest, 
and Mirapay) (#6560)
Automation of supported equipment page on PacketFence website (#6611)
Use Venom 1.0.0 through Ansible to run integration tests (#6573)
Import script will migrate the networks configuration if the new IP is in the 
same subnet (#6636)
EAP-TLS integration tests using manual deployment and SCEP protocol (#6647)
Added a monit check to ensure winbindd is still connected (11.1 - AD failover 
doesn’t work #6655)
Improve ZEN builds (#6663)
Bug Fixes
Match the realm more strictly when its not a regex in EAP-TTLS PAP
Populate the LDAP config for enabled LDAP EAP-TTLS PAP realms
Only call oauth2 in authorize for the realms that have an Azure AD EAP-TTLS PAP 
Use source username in LDAP module for EAP-TTLS PAP instead of always using 
Support LDAP certificate client auth for LDAP EAP-TTLS PAP authentication
Allow to use Google Workspace LDAP sources in EAP-TTLS PAP authentication
Add script for removing WMI scan (#6569)
Fix Let's Encrypt renewal process restarting services even if they are disabled 
Removes the deprecated NTLM background job fields and components (#6552)
Ignore 'Mark as sponsor' administration rules when finding the access level of 
a VPN/CLI user (#6349)
Reducing time balance only when registered
See for 
the complete change log.

See the Upgrade guide for notes about upgrading:
Getting PacketFence
PacketFence is free software and is distributed under the GNU GPL. As such, you 
are free to download and try it by either getting the new release or by getting 
the sources:

Documentation about the installation and configuration of PacketFence is also 
How Can I Help?
PacketFence is a collaborative effort in order to create the best Free and Open 
Source NAC solution. There are multiple ways you can contribute to the project:
Documentation reviews, enhancements and translations
Feature requests or by sharing your ideas
Participate in the discussion on mailing lists 
Patches for bugs or enhancements
Provide new translations of remediation pages
Getting Support
For any questions, do not hesitate to contact us by writing to

You can also fill our online form ( and a 
representative from Inverse will contact you.

Inverse offers professional services to organizations willing to secure their 
wired and wireless networks with the PacketFence solution.

PacketFence-devel mailing list

Reply via email to