Hello Ugur,

This is not related with pf.  Its just about ip dhcp-relay configuration on 
forti. You need to check dhcp-relay config on forti.

Kindly,


> On 25 Jul 2023, at 14:32, Uğur Aygün via PacketFence-users 
> <packetfence-users@lists.sourceforge.net> wrote:
> 
> 
> Hello guys i am new to nac environment and i am trying a simple thing;
> 
> I have a ssid named testwifi on fortigate. it's vlan id is 51 and the 
> fortigate is the dhcp of it.
> 
> In fortigate side i created radius for testwifi and connection is okay i can 
> see radius server connected from fortiside.  
> 
> On packetfence side i created management interface and added another vlan 
> with id of 51 and gave it a ip from range of vlan 51. And added active 
> directory accounts also and it works.Also i crated  authentication source, 
> connection profiles etc according to the documents.
> 
> I simply want users get ip from vlan51 when they connected to testwifi .
> 
> 
> I managed to connect testwifi with my credentials and i can see the log in 
> auditing tab on packetfence. Here is the interesting thing.
> 
> When i connect i get ip address  but that ip address is not from vlan51. 
> Instead of it is getting ip from my original personal-wifi ip addresses which 
> is on vlan 200. I even did not enter vlanid  200 into packetfence. Also 
> packetfence interface ip is not in vlan 200 it is vlan80. I am completely 
> lost how can i get ip from 200 even if it is not on packetfence.
> 
> A help would be amazing if more information is necessary i can send.
> 
> <image.png>
> 
> 
> here is the config of interfaces.
> 
> Thank you all.
> 
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to