I am attaching both files. The PF log and the radius log as requested. I feel
like there's a small change missing somewhere. As to where, no idea... From
the PF log, I feel like it's just listening for the DHCP Discover from the
client, it just doesn't offer an IP but the client still get's an IP in the
same subnet of the Meru Controller.
Antonio Mañueco
Network Engineer
UM Telecommunications
Mobile: 305.213.4525
Office: 305.284.5177
-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Thursday, February 03, 2011 9:52 PM
To: [email protected]
Subject: Re: [Packetfence-users] Meru and PacketFence
Antonio,
Hehe ok that eliminate another potential problem in your case ;) Can you
send me back your RADIUS output? (earlier message) What the packetfence
logs tell you when you receive the requests from radius?
> Yes, that's how it's currently configured for us as well. I just thought
> I'd answer his question :)
>
> Antonio Mañueco
> Telecommunications
> University of Miami
> 305.213.4525
> ________________________________________
> From: [email protected] [[email protected]]
> Sent: Thursday, February 03, 2011 7:39 PM
> To: [email protected]
> Subject: Re: [Packetfence-users] Meru and PacketFence
>
> Antonio,
>
> I think his message was more of a "You need to have SSID profile->Tunnel
> Interface Type set to Radius Assigned Only" in order to have it working
> with PacketFence. Also, you need a "Radius profile with the Mac Address
> Delimiter set to Hyphen with Password Type set to Mac Address table".
>
> What is your controller configuration?
>
>> Hi Thomas,
>>
>>
>>
>> The difference between tunneled and bridged is the following: When
>> configuration is tunneled it means that the AP's operate at L3 and
>> tunnel
>> the clients' MAC addresses straight to the controller. This is why you
>> will never see the MAC addresses of wireless clients on the switch.
>> When
>> you are configured for bridged mode, the switch is aware of all the MAC
>> addresses of your wireless clients. Hope that helps!
>>
>>
>>
>>
>> [cid:[email protected]]
>>
>>
>>
>> -----Original Message-----
>> From: Thomas Woody [mailto:[email protected]]
>> Sent: Thursday, February 03, 2011 5:04 PM
>> To: [email protected]
>> Subject: Re: [Packetfence-users] Meru and PacketFence
>>
>>
>>
>> Antonio,
>>
>>
>>
>> Thought I would but this out there for all the Meru/PacketFence
>>
>> installers... We are configured for MAC Auth not 802.11x.
>>
>>
>>
>> On our Meru controller we have the SSID profile->Tunnel Interface Type =
>>
>> Radius Assigned Only. What is Tunnel configuration?
>>
>>
>>
>> Also, my Meru - Radius profile has Mac Address Delimiter = Hyphen;
>>
>> Password Type = Mac Address table.
>>
>>
>>
>> Regards,
>>
>> Thomas
>>
>>
>>
>> Thomas Woody
>>
>> Computer Systems Support Analyst
>>
>> Loyola University New Orleans
>>
>> Office: 504.865.2792
>>
>> Mobile: 504.258.9920
>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>>
>> The modern datacenter depends on network connectivity to access
>> resources
>>
>> and provide services. The best practices for maximizing a physical
>> server's
>>
>> connectivity to a physical network are well understood - see how these
>>
>> rules translate into the virtual world?
>>
>> http://p.sf.net/sfu/oracle-sfdevnlfb
>>
>> _______________________________________________
>>
>> Packetfence-users mailing list
>>
>> [email protected]
>>
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>> ------------------------------------------------------------------------------
>> The modern datacenter depends on network connectivity to access
>> resources
>> and provide services. The best practices for maximizing a physical
>> server's
>> connectivity to a physical network are well understood - see how these
>> rules translate into the virtual world?
>> http://p.sf.net/sfu/oracle-sfdevnlfb_______________________________________________
>> Packetfence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
>
>
> ------------------------------------------------------------------------------
> The modern datacenter depends on network connectivity to access resources
> and provide services. The best practices for maximizing a physical
> server's
> connectivity to a physical network are well understood - see how these
> rules translate into the virtual world?
> http://p.sf.net/sfu/oracle-sfdevnlfb
> _______________________________________________
> Packetfence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
> ------------------------------------------------------------------------------
> The modern datacenter depends on network connectivity to access resources
> and provide services. The best practices for maximizing a physical
> server's
> connectivity to a physical network are well understood - see how these
> rules translate into the virtual world?
> http://p.sf.net/sfu/oracle-sfdevnlfb
> _______________________________________________
> Packetfence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
Feb 04 09:55:52 pfdhcplistener(0) INFO: f8:1e:df:ec:97:ff requested an IP. DHCP
Fingerprint: OS::200 (Mac OS X). Modifying node with last_dhcp = 2011-02-04
09:55:52,computername = tinyMonkey,dhcp_fingerprint =
1,3,6,15,119,95,252,44,46,47 (main::listen_dhcp)
Feb 04 09:55:52 pfdhcplistener(0) INFO: f8:1e:df:ec:97:ff requested an IP. DHCP
Fingerprint: OS::200 (Mac OS X). Modifying node with last_dhcp = 2011-02-04
09:55:52,computername = tinyMonkey,dhcp_fingerprint =
1,3,6,15,119,95,252,44,46,47 (main::listen_dhcp)
Feb 04 09:55:54 pfdhcplistener(0) INFO: f8:1e:df:ec:97:ff requested an IP. DHCP
Fingerprint: OS::200 (Mac OS X). Modifying node with last_dhcp = 2011-02-04
09:55:54,computername = tinyMonkey,dhcp_fingerprint =
1,3,6,15,119,95,252,44,46,47 (main::listen_dhcp)
rad_recv: Access-Request packet from host 10.224.232.220 port 32774, id=119,
length=182
Service-Type = Login-User
Framed-MTU = 1250
User-Name = "f8:1e:df:ec:97:ff"
User-Password = "f8:1e:df:ec:97:ff"
Calling-Station-Id = "f8:1e:df:ec:97:ff"
Called-Station-Id = "00:a0:a5:5f:42:1a"
Connect-Info = "CONNECT Unknown Radio"
NAS-IP-Address = 10.224.232.220
NAS-Port-Type = Wireless-802.11
NAS-Port = 0
Message-Authenticator = 0x1b842c56319cea130a55b40be9e33def
+- entering group authorize {...}
++[preprocess] returns ok
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
rlm_perl: Added pair NAS-Port-Type = Wireless-802.11
rlm_perl: Added pair Service-Type = Login-User
rlm_perl: Added pair Called-Station-Id = 00:a0:a5:5f:42:1a
rlm_perl: Added pair Calling-Station-Id = f8:1e:df:ec:97:ff
rlm_perl: Added pair Message-Authenticator = 0x1b842c56319cea130a55b40be9e33def
rlm_perl: Added pair User-Name = f8:1e:df:ec:97:ff
rlm_perl: Added pair User-Password = f8:1e:df:ec:97:ff
rlm_perl: Added pair Connect-Info = CONNECT Unknown Radio
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair NAS-IP-Address = 10.224.232.220
rlm_perl: Added pair Framed-MTU = 1250
rlm_perl: Added pair Auth-Type = Accept
++[perl] returns ok
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
rlm_perl: Added pair NAS-Port-Type = Wireless-802.11
rlm_perl: Added pair Service-Type = Login-User
rlm_perl: Added pair Calling-Station-Id = f8:1e:df:ec:97:ff
rlm_perl: Added pair Called-Station-Id = 00:a0:a5:5f:42:1a
rlm_perl: Added pair Message-Authenticator = 0x1b842c56319cea130a55b40be9e33def
rlm_perl: Added pair User-Name = f8:1e:df:ec:97:ff
rlm_perl: Added pair User-Password = f8:1e:df:ec:97:ff
rlm_perl: Added pair Connect-Info = CONNECT Unknown Radio
rlm_perl: Added pair NAS-IP-Address = 10.224.232.220
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair Framed-MTU = 1250
rlm_perl: Added pair Auth-Type = Accept
++[perl] returns ok
Sending Access-Accept of id 119 to 10.224.232.220 port 32774
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 3 ID 119 with timestamp +12675
Ready to process requests.------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
