Just in case anyone else runs into this problem. Seems to be working so
thus far!
Add delay into /usr/local/pf/raddb/sites-available/packetfence-tunnel at
the top of the authorize section.
/usr/local/pf/raddb/delay.pm
#!/usr/bin/perl
use strict;
use Time::HiRes qw (usleep);
use constant RLM_MODULE_OK=> 2;
sub authorize {
usleep (500000);
return RLM_MODULE_OK;
}
sub post_auth {
return RLM_MODULE_OK;
}
sub authenticate {
return RLM_MODULE_OK;
}
sub preacct {
return RLM_MODULE_OK;
}
sub accounting {
return RLM_MODULE_OK;
}
sub checksimul {
return RLM_MODULE_OK;
}
sub pre_proxy {
return RLM_MODULE_OK;
}
sub post_proxy {
return RLM_MODULE_OK;
}
sub xlat {
return RLM_MODULE_OK;
}
sub detach {
return RLM_MODULE_OK;
}
On Thu, Jun 27, 2013 at 1:26 PM, Tim DeNike <[email protected]> wrote:
> Thats kind of what I was thinking. Just didnt know if someone thought of
> a better way.
>
>
> On Thu, Jun 27, 2013 at 11:45 AM, Francois Gaudreault <
> [email protected]> wrote:
>
>> Bah... the not-so-sexy-hack way would be to add a simple perl module
>> before 'packetfence' in the packetfence-tunnel virtual server with only
>> a sleep in it...
>>
>> Francois
>>
>> On 2013-06-27 11:40 AM, Tim DeNike wrote:
>> > Actually, i mean add .5 second delay for 802.1x auth. Id want that
>> > auth to always come second. :D
>> >
>> >
>> > On Thu, Jun 27, 2013 at 10:24 AM, Tim DeNike <[email protected]
>> > <mailto:[email protected]>> wrote:
>> >
>> > My switches (Extreme) support mac auth and dot1x simultaneously.
>> > 99% of the time, it works fine because the dot1x response comes
>> > back maybe .1-.2 seconds after the mac auth response. If, for
>> > some reason, the mac auth response comes second, the client gets
>> > joined to the right network based on 802.1x response, then
>> > immediately shuffled to macdetect or whatever vlan is default for
>> > that mac address.
>> >
>> > Simple solution would be to add a .5-1 second delay in processing
>> > non-eap requests?
>> >
>> > Unless there is something else i should be trying?
>> >
>> >
>> >
>> >
>> >
>> ------------------------------------------------------------------------------
>> > This SF.net email is sponsored by Windows:
>> >
>> > Build for Windows Store.
>> >
>> > http://p.sf.net/sfu/windows-dev2dev
>> >
>> >
>> > _______________________________________________
>> > PacketFence-users mailing list
>> > [email protected]
>> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>> --
>> Francois Gaudreault
>> Architecte de Solution Cloud | Cloud Solutions Architect
>> [email protected]
>> 514-629-6775
>> - - -
>> CloudOps
>> 420 rue Guy
>> Montréal QC H3J 1S6
>> www.cloudops.com
>> @CloudOps_
>>
>>
>>
>> ------------------------------------------------------------------------------
>> This SF.net email is sponsored by Windows:
>>
>> Build for Windows Store.
>>
>> http://p.sf.net/sfu/windows-dev2dev
>> _______________________________________________
>> PacketFence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
>
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
