You might be able to use the actual sql.conf (make sure to put the right db info in there). There are some table that you will need to import in the PacketFence database, such as radcheck, but it might work.
Good luck! On 11-09-23 5:55 PM, Junaid wrote: > Hi Francois, > I tested your fix and it worked with radtest. Thank you again! > I'm going to try and look into a way to modify your fix for sql so I > can get a web front-end going. > > Regards, > Junaid > > On Fri, Sep 23, 2011 at 4:57 PM, Francois Gaudreault > <[email protected]> wrote: >> The RADIUS server that comes with PF is NOT designed to perform >> authentication for users, only for devices (mac auth, 802.1x). You should >> have an infrastructure RADIUS that does user authentication. >> >> Now, if you want to use the RADIUS server that comes with PF, you will need >> to tweak things a little bit. You will need to overload the files module to >> point to another user file (see /etc/raddb/modules/files, you have an >> example), and create a new virtual-server in your RADIUS server to serve >> that new module name (so instead of files, use second_files). >> >> So rapidly, try that : >> >> /etc/raddb/modules/files, add : >> files portal_users { >> usersfile = ${confdir}/portal_users >> } >> >> /etc/raddb/portal_users : >> packet Cleartext-Password := "fence" >> >> /etc/raddb/radiusd.conf, add : >> listen { >> ipaddr = * >> port = 1814 >> type = auth >> virtual_server = packetfence-portal >> } >> >> /etc/raddb/sites-enabled/packetfence-portal: >> server packetfence-portal { >> >> authorize { >> suffix >> preprocess >> eap { >> ok = return >> } >> portal_users >> expiration >> logintime >> } >> >> authenticate { >> Auth-Type PAP { >> pap >> } >> } >> >> preacct { >> } >> >> accounting { >> } >> >> session { >> radutmp >> } >> >> post-auth { >> exec >> Post-Auth-Type REJECT { >> attr_filter.access_reject >> } >> } >> >> pre-proxy { >> } >> >> post-proxy { >> eap >> } >> } >> >> And finally, in our radius.pm, make sure to point it to port 1814. >> >> Let me know how it works for you... >> >> >> On 11-09-23 11:12 AM, Junaid wrote: >> >> Hello, >> Just installed packetfence 3.0 >> I am using radius for authentication but it seems to allow any >> username or password on the captive portal screen? >> Sorry I don't have much radius experience. >> Does that have something to do with >> >> /etc/raddb/users >> Add the following lines where we define that non EAP-messages should, >> by default, lead to an >> authentication acceptance >> DEFAULT EAP-Message !* "", Auth-Type := Accept >> >> Regards, >> Junaid >> >> ------------------------------------------------------------------------------ >> All of the data generated in your IT infrastructure is seriously valuable. >> Why? It contains a definitive record of application performance, security >> threats, fraudulent activity, and more. Splunk takes this data and makes >> sense of it. IT sense. And common sense. >> http://p.sf.net/sfu/splunk-d2dcopy2 >> _______________________________________________ >> Packetfence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> >> >> -- >> Francois Gaudreault, ing. jr >> [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca >> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence >> (www.packetfence.org) >> >> ------------------------------------------------------------------------------ >> All of the data generated in your IT infrastructure is seriously valuable. >> Why? It contains a definitive record of application performance, security >> threats, fraudulent activity, and more. Splunk takes this data and makes >> sense of it. IT sense. And common sense. >> http://p.sf.net/sfu/splunk-d2dcopy2 >> _______________________________________________ >> Packetfence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> > ------------------------------------------------------------------------------ > All of the data generated in your IT infrastructure is seriously valuable. > Why? It contains a definitive record of application performance, security > threats, fraudulent activity, and more. Splunk takes this data and makes > sense of it. IT sense. And common sense. > http://p.sf.net/sfu/splunk-d2dcopy2 > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2 _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
