Yes by RADIUS server we mean our own. As of now we are proxying the
MAC-Auth request to our server, and it returns an Access-Accept which
lets us attach to the AP. Everything looks good in the radius.pm
module, and registration.auth is set to radius.
Our RADIUS server is returning an Access-Accept for the
username/password, but the CP still says invalid login or password.
At this point, nothing comes out in the error log, and the only message
that comes in the packefence log is a redirection to the portal:
Apr 07 11:01:36 register.cgi(0) INFO: 10.224.38.255 - e0:f8:47:18:93:d0
(ModPerl::ROOT::ModPerl::PerlRun::usr_local_pf_cgi_2dbin_register_2ecgi::handler)
Going to phase two of your suggestion. If anything comes to mind before
let me know.
-Antonio
On 04/07/2011 03:43 PM, Olivier Bilodeau wrote:
> Hi Antonio,
>
>> Ok, that makes sense. So from what you're telling me, the node status
>> needs to change for PF to actually initiate an SSH session to the
>> controller. If this is the case, the problem is why I can't register a
>> node using the CP via RADIUS even though the an Access-Accept comes back
>> from the RADIUS server. The CP gives me an invalid username&
>> password. How do I fix this?
>>
> PacketFence's own FreeRADIUS is not configured to be used as a CP auth
> end-point. So I hope that by 'the RADIUS server' you mean your own
> RADIUS to perform the CP user authentication correct?
>
> If so, then validate that the conf/authentication/radius.pm module is
> configured correctly, that your conf/pf.conf's auth=radius under
> [registration], that you have no errors in logs/error_log and
> logs/packetfence.log.
>
> If all the above failed, insert $logger->debug("..."); statements in the
> conf/authentication/radius.pm module and try to trace the problem. Don't
> forget to add a my $logger = Log::Log4perl::get_logger(__PACKAGE__);
> statement if there's none already.
>
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
