Hi Enrique,
unifi controller is at 8.4.59. Almost the latest version...
Am 16.09.2024 um 13:05 schrieb Enrique Gross via PacketFence-users:
Hi Robin
What version of the Unifi Software are you running?
Enrique
El lun, 16 de sept de 2024, 06:42, Robin Buhr (filder.cloud)
<robin@filder.cloud> escribió:
Hi Enrique,
yes, the CoA Option is available in Unifi-Controller. But it
appears only, if Wireless Security Protocoll is set to "WPA2
Enterprise" within a specific SSID. Since I want to use the
CP-Portal in my scenario, Security Protocoll is set to "Open". Is
it even possible to deauth in this combination?
I have one more question: Must the controller be set up as a
switch in PF? If not, when do I set Switch Type to "Unifi Controller"?
Regards
Robin
Am 10.09.2024 um 20:56 schrieb Enrique Gross via PacketFence-users:
Hi Robin
If your deauth method is RADIUS, just configure a RADIUS secret
password, use CoA, and your VLANS per role. There is no need to
configure web services or SNMP, controller ip address.
I think the radius connector should be disabled too
And of course don't forget to configure RADIUS profile on the
unifi controller.
Like Micheal said, Unifi is doing a massive reworking on the UI.
I didn't know the CoA option is now back on new UI, good news.
You can debug CoA on the UAPs with tcpdump so you can check if
RADIUS messages are reaching APs.
Enrique
El mar, 10 de sept de 2024, 12:24, Michael Preissner via
PacketFence-users <packetfence-users@lists.sourceforge.net> escribió:
I know there are several folks with working solutions, but
many of them rely on using the old legacy interface and/or
outdated firmware versions. UI did recently re-introduce the
RADIUS CoA to the New interface in the SSID configuration
(might still be an EA feature). I haven't had an opportunity
to test yet, but we should be able to do it at this point
without going back to the legacy interface.
Mike
On Tue, Sep 10, 2024 at 11:04 AM Robin Buhr (filder.cloud)
via PacketFence-users
<packetfence-users@lists.sourceforge.net> wrote:
Hello Community,
I am new to the topic of Packetfence and find it really exciting.
Currently, I am trying to overcome the following challenge: Dynamic VLAN
assignment with Unifi APs/Controller(VM) after authentication via a captive
portal provided by Packetfence. Since it is an open SSID provided by the Unifi
AP, RADIUS (and CoA?) is not possible.
I am stuck at the point of Deauth. Is there a guide on how the
"switch" in PF must be configured for Deauth to work? The protocol
(SSH/SNMP/HTTP/S/RADIUS) doesn't matter to me. I simply want a device to be moved to
another VLAN after successful authentication.
--
Beste Grüße
Robin
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Beste Grüße
Robin Buhr
T +49 (711) 50483726
Mrobin@filder.cloud
filder.cloud UG (Haftungsbeschränkt)
In den Gärtlesäckern 18/2 70771 Leinfelden-Echterdingen
<https://www.google.com/maps/search/In+den+G%C3%A4rtles%C3%A4ckern+18%2F2+%0D%0A70771+Leinfelden-Echterdingen?entry=gmail&source=g>
HRB 778485
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Beste Grüße
Robin Buhr
T +49 (711) 50483726
Mrobin@filder.cloud
filder.cloud UG (Haftungsbeschränkt)
In den Gärtlesäckern 18/2
70771 Leinfelden-Echterdingen
HRB 778485
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
