Hi, Yes, this is a known "issue". If you set a global radiusSecret, we also put that secret for the 127.0.0.1 switch. There is a default 127.0.0.1 client in /etc/raddb/clients.conf, so RADIUS bail out with a duplicate client entry. radiusd -X should have provided the hint.
I will make sure we open a bug in our BTS to track this, and resolve it. Thanks! On 12-07-19 9:15 AM, Curtis Clemons wrote: > Got it fixed. For some reason there was an issue if the 127.0.0.1 client > as left in the clients.conf for freeradius. I commented it out and > everything is working correctly now. > > Curtis Clemons > > Network Systems Supervisor > > Guilford Technical Community College > > Email: [email protected] <mailto:[email protected]> > > Phone: 3363344822 ext 50100 > > PGP key ID-1308FF29 > > *From:*Derek Wuelfrath [mailto:[email protected]] > *Sent:* Wednesday, July 18, 2012 9:02 AM > *To:* [email protected] > *Subject:* Re: [PacketFence-users] Issue in Packetfence 3.4.1 > > Hi Curtis, > > First of all, you shouldn't remove the "default" switch (127.0.0.1). > That being said, can you send us your switches.conf file. Is the > 10.10.10.10 switch configured in it? > > Thanks > > On 7/17/12 16:12 , Curtis Clemons wrote: > > Hello all, > > I am having a small problem when installing pf 3.4.1. What is happening > is if I leave the default switch entry of 127.0.0.1 then I have a > problem with radius authentication. The error I get is below: > > Tue Jul 17 15:57:16 2012 : Error: Ignoring request to authentication > address * port 1812 as server packetfence from unknown client > 10.10.10.10 port 41323 > > Tue Jul 17 15:57:21 2012 : Error: Ignoring request to authentication > address * port 1812 as server packetfence from unknown client > 10.10.10.10 port 41323 > > Tue Jul 17 15:57:26 2012 : Error: Ignoring request to authentication > address * port 1812 as server packetfence from unknown client > 10.10.10.10 port 41323 > > If I remove the switch entry then radius authentication works fine, as > detailed in a post I had found. However If I try to register or > unregister a node manually from with the web admin interface the > commands are not sent to the switch and I have to manually either shut > the port down, reboot the device, or unplug the network cable from the > device to get the vlan to change. The error from the packetfence log is > below: > > Jul 17 15:58:03 pfcmd(19118) ERROR: ERROR ! Unknown switch 127.0.0.1 > (pf::SwitchFactory::instantiate) > > Jul 17 15:58:03 pfcmd(19118) ERROR: Can't instantiate switch 127.0.0.1! > Check your configuration! (pf::enforcement::_vlan_reevaluation) > > If I add 127.0.01 back as a network switch as a packetfence device, > making changes are again pushed down to the switch via SNMP however > radius stops working again if packetfence is restarted. Has anyone ran > into this issue and know what’s going on? I didn’t have this issue in > 3.3. I did an upgrade but also have done a fresh install and the same > problem persists. > > Thanks for any help. > > > > > ------------------------------------------------------------------------------ > > Live Security Virtual Conference > > Exclusive live event will cover all the ways today's security and > > threat landscape has changed and how IT managers can respond. Discussions > > will include endpoint security, mobile security and the latest in malware > > threats.http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > > > _______________________________________________ > > PacketFence-users mailing list > > [email protected] > <mailto:[email protected]> > > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > -- > Derek Wuelfrath > [email protected] <mailto:[email protected]> :: +1.514.447.4918 > x110 :: www.inverse.ca <http://www.inverse.ca> > Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu>) > and PacketFence (www.packetfence.org <http://www.packetfence.org>) > > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
