Ok, so I can telnet in to the controller from my packtefence server,
execute "config client deauthenticate xx:xx:xx:xx:xx:xx" on the controller
itself, and then the device is put on the right vlan. When I run the
pfcmd_vlan command I get the following error. I have checked the passwords,
cli interface, and snmp private string in the switches.conf file and they
all seem to be fine. Where else can I look to see what is preventing
PacketFence from properly deauthenticating my clients after registration?
Thanks!
/usr/local/pf/bin/pfcmd_vlan -deauthenticate -switch 192.168.1.11 -mac
00:1e:65:1f:4e:fc -verbose 4
DEBUG - instantiating new SwitchFactory object
DEBUG - reading config file /usr/local/pf/conf/switches.conf
DEBUG - creating new pf::SNMP::Cisco::WLC_2106 object
DEBUG - start handling 'deauthenticate' command
ERROR - ERROR: Can not connect to WLC 192.168.1.11 using Telnet
DEBUG - finished handling 'deauthenticate' command
On Thu, Dec 8, 2011 at 9:14 AM, Francois Gaudreault
<fgaudrea...@inverse.ca>wrote:
> **
> Ah! Yes, that would help. But what misleaded me is when you said that you
> rebooted the client, and it did get the same VLAN even if it was reg.
>
>
> On 11-12-08 11:10 AM, Jordan Hinman wrote:
>
> Hmm, that's odd. I have read about pkm caching but I am not using wpa2. I
> do get an error in the packetfence log stating that packetfence cannot
> telnet into controller. Is it trying to deauthenticate the wireless
> clients? If I fix telnet to the controller would that fix my issue? Also I
> am using a Cisco Wireless Controler Model 2006 not a 2106. I'm not sure if
> that makes a difference. Thanks!
>
> Jordan
>
> On Thu, Dec 8, 2011 at 7:20 AM, Francois Gaudreault <
> fgaudrea...@inverse.ca> wrote:
>
>> Hi Jordan,
>>
>> > When I connect a new client to the ssid I get placed on
>> > the appropriated registration vlan, and I can then register in
>> > PacketFence. But after I reboot the computer I am then placed back
>> > onto the registration vlan not onto the regular vlan. When watching
>> > radiusd -X I see the controller perform an authentication request the
>> > first time I connect but not after. I have to "remove" the client from
>> > the controller, then re join the appropriate ssid, then the controller
>> > will do another radius authentication request and put me on the
>> > correct vlan.
>> >
>> > Is there any way to force my cisco wireless controller to do a radius
>> > authentication request every time a client connects to the ssid?
>> > Should I be looking somewhere else? Thanks for the help!
>> Not really, except if the controller has an option to disable it. Are
>> you running the latest firmware? We are seeing this when people use
>> WPA2-Enterprise with PMK Caching enabled on the client, but not on mac
>> authentication.
>>
>> --
>> Francois Gaudreault, ing. jr
>> fgaudrea...@inverse.ca :: +1.514.447.4918 (x130) :: www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
>> www.packetfence.org)
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Cloud Services Checklist: Pricing and Packaging Optimization
>> This white paper is intended to serve as a reference, checklist and point
>> of
>> discussion for anyone considering optimizing the pricing and packaging
>> model
>> of a cloud services business. Read Now!
>> http://www.accelacomm.com/jaw/sfnl/114/51491232/
>> _______________________________________________
>> Packetfence-users mailing list
>> Packetfence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
>
>
> --
> *Jordan Hinman*
> Network Analyst | Technology Services | Elk Island Catholic Schools
> T: (780) 449-6484 ext. 222 | E: jord...@eics.ab.ca
>
>
> ------------------------------------------------------------------------------
> Cloud Services Checklist: Pricing and Packaging Optimization
> This white paper is intended to serve as a reference, checklist and point of
> discussion for anyone considering optimizing the pricing and packaging model
> of a cloud services business. Read
> Now!http://www.accelacomm.com/jaw/sfnl/114/51491232/
>
>
> _______________________________________________
> Packetfence-users mailing
> listPacketfence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
> Francois Gaudreault, ing. jrfgaudrea...@inverse.ca :: +1.514.447.4918
> (x130) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
> (www.packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> Cloud Services Checklist: Pricing and Packaging Optimization
> This white paper is intended to serve as a reference, checklist and point
> of
> discussion for anyone considering optimizing the pricing and packaging
> model
> of a cloud services business. Read Now!
> http://www.accelacomm.com/jaw/sfnl/114/51491232/
> _______________________________________________
> Packetfence-users mailing list
> Packetfence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
--
*Jordan Hinman*
Network Analyst | Technology Services | Elk Island Catholic Schools
T: (780) 449-6484 ext. 222 | E: jord...@eics.ab.ca
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and point of
discussion for anyone considering optimizing the pricing and packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/
_______________________________________________
Packetfence-users mailing list
Packetfence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
