Hi, > I did the test you suggested without success, ruckus ignores requests. There > is no firewall between PF and ZD so the problem is certainly with ZD. Anything on the Ruckus side (event logs) ? I forgot to tell, Calling-Station-Id format is using dashes (-) not columns (:).
> Apart from declaring Radius and Radius Accounting servers, is there another > configuration on ZD ? Nope. CoA is enabled by default. > > Thanks, > > Regards, > > Olivier ROCH VILATO > Informaticien > CHI Lorrain Basse Pointe > > ----- Mail original ----- > De: "Francois Gaudreault"<[email protected]> > À: [email protected] > Envoyé: Mercredi 14 Mars 2012 12:32:12 > Objet: Re: [Packetfence-users] Radius Disconnect-Message on Ruckus > ZoneDirector 1100 > > Hi, > > I would try a manual PoD using radclient then. > > 1. Put RADIUS is debug mode > 2. Connect a client to your ruckus, grab the acct-session-id > 3. Using another terminal, use radclient to send a disconnect packet > vim pod.txt > Calling-Station-Id = MACOFYOURDEVICE > Acct-Session-Id = SESSIONID > > cat pod.txt | radclient -x nasip:3799 disconnect shared_secret > > 4. See the result. > > If the PoD not working, then you either have a firewall somewhere that > blocks the port 3799, or the firmware you are running doesn't support > PoD. We tested using 9.3.0.0.83. > > > On 12-03-14 9:00 AM, Olivier Roch Vilato wrote: >> Hi, >> >> Thanks for your answer, >> >> My RADIUS secret is all lowercase. >> >> PF as RADIUS Accounting server is defined on ZoneDirector >> Is there a specific parameter to enable accounting on PF ? >> >> Here is log messages when PF tries to change node VLAN : >> >> Mar 14 08:52:00 pfsetvlan(8) INFO: desAssociate trap received on >> 129.184.121.100 for wireless client 0c:df:a4:7f:cb:db (main::handleTrap) >> Mar 14 08:52:10 pfcmd_vlan(20343) WARN: Unable to perform RADIUS >> Disconnect-Request: Timeout waiting for a reply from 129.184.121.100 on port >> 3799 at /usr/local/pf/lib/pf/util/radius.pm line 160. (pf::SNMP::__ANON__) >> Mar 14 08:52:10 pfcmd_vlan(20343) ERROR: Wrong RADIUS secret or unreachable >> network device... (pf::SNMP::__ANON__) >> >> Thanks, >> >> >> Salutations, >> >> Olivier ROCH VILATO >> Informaticien >> CHI Lorrain Basse Pointe >> Tel : 05 96 53 27 41 >> >> ----- Mail original ----- >> De: "Francois Gaudreault"<[email protected]> >> À: [email protected] >> Envoyé: Mercredi 14 Mars 2012 08:34:07 >> Objet: Re: [Packetfence-users] Radius Disconnect-Message on Ruckus >> ZoneDirector 1100 >> >> Hi, >> >> I am wandering, does your RADIUS secret contains capital letters? You >> may be impacted by this: >> http://www.packetfence.org/bugs/view.php?id=1392 >> >> Another possibility is the accounting, did you enable the accounting >> properly on the Ruckus and on PF? We rely on the acct-session-id to >> perform the Packet-of-Disconnect. >> >> Thanks! >> >> On 12-03-13 5:21 PM, Olivier Roch Vilato wrote: >>> Hello, >>> >>> I'm trying to get Radius Disconnect-Message working on my Ruckus >>> ZoneDirector 1100 (firmware : 9.3.0.0 build 87) >>> >>> I've followed network device configuration documentation for Ruckus. >>> >>> Everything is working except Disconnect Requests. >>> >>> I have the following message in packetfence.log : (129.184.121.100 is >>> ZoneDirector) >>> >>> WARN: Unable to perform RADIUS Disconnect-Request: No answer from >>> 129.184.121.100 on port 3799 at /usr/local/pf/lib/pf/util/radius.pm line >>> 142. (pf::SNMP::__ANON__) >>> WARN: Unable to perform RADIUS Disconnect-Request: Timeout waiting for a >>> reply from 129.184.121.100 on port 3799 at >>> /usr/local/pf/lib/pf/util/radius.pm line 160. (pf::SNMP::__ANON__) >>> >>> >>> >>> Is there a configuration on ZoneDirector to make it listen to UDP packets >>> on port 3799 ? >>> >>> Thanks, >>> >>> Regards, >>> >>> Olivier ROCH VILATO >>> >>> >>> ------------------------------------------------------------------------------ >>> Keep Your Developer Skills Current with LearnDevNow! >>> The most comprehensive online learning library for Microsoft developers >>> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, >>> Metro Style Apps, more. Free future releases when you subscribe now! >>> http://p.sf.net/sfu/learndevnow-d2d >>> _______________________________________________ >>> Packetfence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >> >> > > -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
