já está funcionando. Como o modo é o INLINE não precisava eu ter colocado ACL na controladora.
Em qui., 22 de ago. de 2024 às 08:52, FLÁVIO Silva <admpubfla...@gmail.com> escreveu: > Text in English (first) and Portuguese (just below the text in English). > Guys, Good morning. > I have a WLC Cisco 8500, IOS 8.5 and a packetfence in debian 11 in a VM > with hypervisor. I have 2 network cards in the VM, 1 management and another > inline layer 2. > I already went to the file /etc/sysctl.conf and uncommented the > line #net.ipv4.ip_forward=1 and then applied the command sysctl -p. In > Config policies, switch group, Role switch , Registration, I put the > redirection ACL for the packetfence portal (the ACL is configured on the > WLC in security, ACLs) and what happens is that the devices that try to > connect to the wireless network do not get the IP. > I have already changed the ACL to authorize any traffic, but it still > doesn't get IP. When I remove the ACL it gets IP and navigation occurs > normally without asking for any authentication. > The WLC is configured according to the packetfence manual for Cisco WLC. > Applying the command sudo tail -f /usr /local/pf/logs/packetfence.log in > CLI packetfence's server I have a message from an endpoint that > is persisting on accessing the captiveportal: "Device is registered and > still on the portal, attempting to release it again: > (captiveportal::PacketFence::DynamicRouting::Module::Root::unknown_state)Aug > 21 15:25:58 vmnac01 httpd.dispatcher-docker-wrapper[79410]: > httpd.dispatcher: Ip2Mac mac for 0.0.0.0 not found sql : no rows in result > set" Can anyone help me resolve this? > > Pessoal, > Bom dia. > Tenho uma WLC Cisco 8500, IOS 8.5 e um packetfence em debian 11 numa VM > com hypervisor. > Estou com 2 placas de rede na VM, 1 management e outra inline layer 2. > Já fui no arquivo /etc/sysctl.conf e descomentei a > linha #net.ipv4.ip_forward=1 e depois apliquei o comando sysctl -p. > Em Políticas de config., switch group, Role switch, Registration, coloco > a ACL de redirecionamento para o portal do packetfence ( a ACL está > configurada na WLC em security, ACLs) e o que acontece ´é que os aparelhos > que tentam se conectar na rede sem fio não pegam IP. > Já mudei a ACL para autorizar qualquer tráfego, mas mesmo assim não pega > IP. > Quando tiro a ACL pega IP e a navegação ocorre normalmente sem pedir > qualquer autenticação. > A WLC está configurada conforme o manual do packetfence para WLC Cisco. > aplicando o comando sudo tail -f /usr/local/pf/logs/packetfence.log tenho > uma mensagem de um endpoint que está persistindo em acessar o portal > cativo: > "Device is registered and still on the portal, attempting to release it > again. > (captiveportal::PacketFence::DynamicRouting::Module::Root::unknown_state) > Aug 21 15:25:58 vmnac01 httpd.dispatcher-docker-wrapper[79410]: > httpd.dispatcher: Ip2Mac mac for 0.0.0.0 not found sql: no rows in result > set" > Alguém pode me ajudar a resolver isso? >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
