Hi, In the Hope to solve my issue I just downloaded and configured the ZEN. I believed I may have missed something during the installation ore messed something up while installing. However I am running into the same issue. I configured the ZEN to work only with one “physical” network interface and configured my management interface as a VLAN.
To be honest I don’t really know how to troubleshoot this at this point. Does anybody have good suggestions? Regards Christian > Am 07.01.2020 um 22:26 schrieb Christian Hillebrand via PacketFence-users > <[email protected]>: > > Hi, > I just checked the settings: > The command " ip route get 10.0.1.101" returns: > 10.0.1.101 dev ens192 src 10.0.1.2 > > I checked if ip forwarding is activated by executing sysctl > net.ipv4.ip_forward which returned: > net.ipv4.ip_forward = 1 > so ip forwarding is activated at the moment. > > Additionally here a quick overview of my network interfaces: > Name IP/Mask VLAN (name) Type > ens192 10.0.1.2/24 101 management Management > ens224.10 10.1.0.2/16 10 executive User none > ens224.20 10.2.0.2/16 20 users none > ens224.30 10.3.0.2/16 30 guests none > ens224.200 10.0.200.2/24 200 registration registration > ens224.201 10.0.201.2/24 201 isolation isolation > > Packetfence is running as a virtual machine on an ESXi host. > Ens192 is connected to the virtual switch and sharing the port with esxi. > The Hardware port on this virtual switch connected to a tagged port on my > switch, so VLAN 101 is native here. > Ens224 is also connected to a virtual switch, but does not share the hardware. > > -----Ursprüngliche Nachricht----- > Von: Durand fabrice via PacketFence-users > <[email protected]> > Gesendet: Sonntag, 5. Januar 2020 22:41 > An: [email protected] > Cc: Durand fabrice <[email protected]> > Betreff: Re: [PacketFence-users] Failed to join domain > > Hello Christian, > > can you try to see if the following command return the mgmt interface ? > > ip route get 10.0.1.101 > > Also can you check if ip_forwarding is enabled on the packetfence server ? > > Regards > > Fabrice > >> Le 20-01-05 à 06 h 05, Christian Hillebrand via PacketFence-users a écrit : >> Hi, >> >> I am new to packetfence and currently trying to setup packetfence to >> work as a VLAN enforcement and radius authenticationServer. >> I worked through the installation documentation and everything went >> fine so far. >> However when trying to join my AD domain I am getting the Error: >> >> Joining <domain> domain failed. Failed to join domain: failed to find >> DC for domain <domain> - Undetermined error. >> >> I first suspected that I am not getting any DNS responses by my AD DNS. >> However a quick nslookup successfully returned correct DNS entries. >> The entries which I tested are: >> _msdcs.<domain> >> _ldap._tcp.pdc._msdcs.<domain> >> _ldap._tcp.gc._msdcs.<domain> >> _ldap._tcp.dc._msdcs.<domain> >> _kerberos._tcp.dc._msdcs.<domain> >> <domainControllerFQDN> >> <dsaGUID>._msdcs.<domain> >> >> After some research I tried to join the domain manually by executing: >> net ads join -U Administrator >> However this also returned with an error: >> >> Host is not configured as a member server. >> Invalid configuration. Exiting.... >> Failed to join domain: This operation is only allowed for the PDC of >> the domain. >> >> So after researching a bit I checked that my Server is known by my DC, >> which is the case. >> I also checked that both system have the correct time and installed >> and configured ntp on my packetfence machine. >> However this did not resolve any of my issues. >> Here my current setup: >> >> Firewall/Router: >> pfSense ( just a basic configuration to provide my VLAN's ) >> hostname: pfsense >> Version: 2.4.4-RELEASE-p3 >> IP in Management VLAN: ^ 10.0.1.1 >> >> NAS with DC: >> QNAP ts-432XU >> Hostname: nas0 >> Firmware: 4.4.1.1146 build 20191206 >> IP: 10.0.1.101 (VLAN 101 Management) & >> 10.0.0.101 (VLAN 100) >> >> My Users are in the main Users CN, the Computers are in the main "Computers" >> CN, I did not configure any additional OU's >> >> packetfence: >> Debian 4.9.0-11-amd-64 >> Hostname: nac0 >> IP Management: 10.0.1.2 ( in all my VLAN's pfSense is assigned to >> the second IP ) >> IP Registration: 10.0.253.2 >> IP Isolation: 10.0.254.2 >> ... >> >> AD Domain settings in packetfence: >> Workgroup: <domain> (without tld) >> DNS name of this domain: <domain> >> This server's name: %h >> Active Directory server: nas0.<domain> >> DNS server(s): 10.0.1.101 >> OU: Computers >> Ntlm2 only: false >> Allow on registration: false >> >> So what am I missing? Is packetfence searching for any additional DNS >> entries to connect to the DC? >> I tried joining the domain with realmd which worked, so I am not sure >> where I am doing something wrong... >> Thanks! >> >> Best regards, >> Christian >> >> >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
