Gotcha, this is what I get when I configure the RADIUS MAC
radiusd -X output:
rlm_perl: PacketFence RESULT VLAN: 113
rlm_perl: PacketFence RESULT RESPONSE CODE: 2 (2 means OK)
rlm_perl: Added pair NAS-Port-Type = Wireless-802.11
rlm_perl: Added pair User-Name = bc773744f2d2
rlm_perl: Added pair NAS-Identifier = Sanderford-3
rlm_perl: Added pair User-Password = bc773744f2d2
rlm_perl: Added pair Connect-Info = CONNECT 1Mbps/6Mbps 802.11g
rlm_perl: Added pair Calling-Station-Id = BC-77-37-44-F2-D2
rlm_perl: Added pair Called-Station-Id = 00-0F-7D-05-0E-B0:Connection Assistance
rlm_perl: Added pair NAS-IP-Address = 10.11.30.3
rlm_perl: Added pair Message-Authenticator = 0xb1d9c4066184ed76458fd556868917ec
rlm_perl: Added pair Tunnel-Private-Group-ID = 113
rlm_perl: Added pair Tunnel-Medium-Type = 6
rlm_perl: Added pair Tunnel-Type = 13
rlm_perl: Added pair Auth-Type = Accept
++[perl] returns ok
} # server packetfence
Sending Access-Accept of id 1 to 10.11.30.3 port 32799
Tunnel-Private-Group-Id:0 = "113"
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Type:0 = VLAN
Finished request 39.
Everything looks fine but my client does not get an IP? I am looking into it
now but any assistance would be greatly appreciated.
Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton, Texas
76513
Fone: 254-295-4658
Phax: 254-295-4221
From: Francois Gaudreault [mailto:[email protected]]
Sent: Wednesday, June 29, 2011 8:27 AM
To: [email protected]
Subject: Re: [Packetfence-users] No location Log entry
Jake,
On an open SSID, you need to configure some kind of RADIUS mac-filtering
otherwise it won't be "packetfenced" using VLAN mode. By default, we will
accept everything that is not EAP and return the proper VLAN using the RADIUS
attributes.
ie. for a Cisco aironet :
aaa authentication login mac_methods group rad_mac
dot11 ssid MySSID
...
authentication open mac-address mac_methods
...
!
I think this is explained in the network configuration guide.
On 11-06-29 9:11 AM, Sallee, Stephen (Jake) wrote:
> The entry is triggered by the RADIUS request.
So, how does it work with an open SSID and no encryption?
Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton, Texas
76513
Fone: 254-295-4658
Phax: 254-295-4221
From: Francois Gaudreault [mailto:[email protected]]
Sent: Wednesday, June 29, 2011 7:08 AM
To:
[email protected]<mailto:[email protected]>
Subject: Re: [Packetfence-users] No location Log entry
HI Jake,
The entry is triggered by the RADIUS request. The locationlog entry will
contain, if we can grab it, the SSID where the user connected to, and the ip of
the AP/controller from where the RADIUS request came from.
On 11-06-28 7:41 PM, Sallee, Stephen (Jake) wrote:
When a wireless user is redirected to the captive portal for authentication
what triggers an entry to be made in the location log and when does it get
triggered? If I have an open SSID what tells PF where the user is so it can
make the entry in the log?
Jake Sallee
Godfather of Bandwidth
System Engineer
University of Mary Hardin-Baylor
900 College St.
Belton, Texas
76513
Fone: 254-295-4658
Phax: 254-295-4221
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Packetfence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
[email protected]<mailto:[email protected]> :: +1.514.447.4918
(x130) :: www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Packetfence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
[email protected]<mailto:[email protected]> :: +1.514.447.4918
(x130) :: www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
