Antonio,
Looks like the PacketFence perl module is not called by Radius. The
output should look like :
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
+- entering group post-auth {...}
*rlm_perl: PacketFence RESULT VLAN: 5
rlm_perl: PacketFence RESULT RESPONSE CODE: 2 (2 means OK)*
rlm_perl: Added pair NAS-Port-Type = Wireless-802.11
rlm_perl: Added pair Service-Type = Login-User
rlm_perl: Added pair Aruba-Essid-Name = InverseGuest
rlm_perl: Added pair Called-Station-Id = 000B86600190
rlm_perl: Added pair Calling-Station-Id = 60334B29DE19
rlm_perl: Added pair Aruba-Location-Id = 00:0b:86:ce:e0:48
rlm_perl: Added pair User-Name = 60-33-4b-29-de-19
rlm_perl: Added pair User-Password = 60-33-4b-29-de-19
rlm_perl: Added pair NAS-IP-Address = 10.0.0.10
rlm_perl: Added pair NAS-Port = 0
rlm_perl: Added pair Tunnel-Private-Group-ID = 5
rlm_perl: Added pair Tunnel-Medium-Type = 6
rlm_perl: Added pair Tunnel-Type = 13
rlm_perl: Added pair Auth-Type = Accept
++[perl] returns ok
++[exec] returns noop
Sending Access-Accept of id 81 to 10.0.0.10 port 32838
Tunnel-Private-Group-Id:0 = "5"
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Type:0 = VLAN
On 11-02-04 10:00 AM, Manueco, Antonio wrote:
I am attaching both files. The PF log and the radius log as requested. I feel
like there's a small change missing somewhere. As to where, no idea... From
the PF log, I feel like it's just listening for the DHCP Discover from the
client, it just doesn't offer an IP but the client still get's an IP in the
same subnet of the Meru Controller.
Antonio Mañueco
Network Engineer
UM Telecommunications
Mobile: 305.213.4525
Office: 305.284.5177
-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Thursday, February 03, 2011 9:52 PM
To: [email protected]
Subject: Re: [Packetfence-users] Meru and PacketFence
Antonio,
Hehe ok that eliminate another potential problem in your case ;) Can you
send me back your RADIUS output? (earlier message) What the packetfence
logs tell you when you receive the requests from radius?
Yes, that's how it's currently configured for us as well. I just thought
I'd answer his question :)
Antonio Mañueco
Telecommunications
University of Miami
305.213.4525
________________________________________
From: [email protected] [[email protected]]
Sent: Thursday, February 03, 2011 7:39 PM
To: [email protected]
Subject: Re: [Packetfence-users] Meru and PacketFence
Antonio,
I think his message was more of a "You need to have SSID profile->Tunnel
Interface Type set to Radius Assigned Only" in order to have it working
with PacketFence. Also, you need a "Radius profile with the Mac Address
Delimiter set to Hyphen with Password Type set to Mac Address table".
What is your controller configuration?
Hi Thomas,
The difference between tunneled and bridged is the following: When
configuration is tunneled it means that the AP's operate at L3 and
tunnel
the clients' MAC addresses straight to the controller. This is why you
will never see the MAC addresses of wireless clients on the switch.
When
you are configured for bridged mode, the switch is aware of all the MAC
addresses of your wireless clients. Hope that helps!
[cid:[email protected]]
-----Original Message-----
From: Thomas Woody [mailto:[email protected]]
Sent: Thursday, February 03, 2011 5:04 PM
To: [email protected]
Subject: Re: [Packetfence-users] Meru and PacketFence
Antonio,
Thought I would but this out there for all the Meru/PacketFence
installers... We are configured for MAC Auth not 802.11x.
On our Meru controller we have the SSID profile->Tunnel Interface Type =
Radius Assigned Only. What is Tunnel configuration?
Also, my Meru - Radius profile has Mac Address Delimiter = Hyphen;
Password Type = Mac Address table.
Regards,
Thomas
Thomas Woody
Computer Systems Support Analyst
Loyola University New Orleans
Office: 504.865.2792
Mobile: 504.258.9920
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access
resources
and provide services. The best practices for maximizing a physical
server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access
resources
and provide services. The best practices for maximizing a physical
server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical
server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical
server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
[email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
The modern datacenter depends on network connectivity to access resources
and provide services. The best practices for maximizing a physical server's
connectivity to a physical network are well understood - see how these
rules translate into the virtual world?
http://p.sf.net/sfu/oracle-sfdevnlfb
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
