Hey guys,
i recently installed Packetfence on a little Testnetwork here in the
company.
I now have a problem i could not solve yet.
It seems that the Radius Server is not getting the Radius Access Requests
or Packetfence is not forwarding them properly.
I let tcpdump run to check if i get something from my Switch with the IP
10.55.55.4
10:16:34.331070 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x01 length: 258
10:16:36.371459 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x01 length: 258
10:16:38.416326 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x01 length: 258
10:16:40.477446 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x01 length: 258
10:26:30.213888 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x02 length: 258
10:26:32.225838 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x02 length: 258
10:26:34.269958 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x02 length: 258
10:26:36.309788 IP 10.55.55.4.datametrics > 10.66.66.2.radius: RADIUS,
Access Request (1), id: 0x02 length: 258
This seems to be working fine.Output of my Switch is as follows.
Mar 30 02:23:31.739: %AUTHMGR-5-START: Starting 'mab' for client
(0009.6b02.5828) on Interface Gi0/2 AuditSessionID
0A37370400000012003387DD
Mar 30 02:23:39.886: %MAB-5-FAIL: Authentication failed for client
(0009.6b02.5828) on Interface Gi0/2 AuditSessionID
0A37370400000012003387DD
Mar 30 02:23:39.886: %AUTHMGR-7-STOPPING: Stopping 'mab' for client
0009.6b02.5828 on Interface Gi0/2 AuditSessionID 0A37370400000012003387DD
Mar 30 02:23:39.886: %AUTHMGR-5-FAIL: Authorization failed or unapplied
for client (0009.6b02.5828) on Interface Gi0/2 AuditSessionID
0A37370400000012003387DD
This is the Output at the end of the Debug Messages from the Radius Server
... adding new socket proxy address * port 51996
... adding new socket proxy address * port 36203
Listening on authentication address 10.66.66.2 port 1812 as server
packetfence
Listening on accounting address 10.66.66.2 port 1813 as server packetfence
Listening on command file /usr/local/pf/var/run/radiusd.sock
Listening on authentication address * port 18120 as server inner-tunnel
Listening on proxy address 10.66.66.2 port 1814
Ready to process requests.
And this is the Tail of the Packetfence.log
Sep 19 10:17:33 pfmon(1) INFO: running expire check (main::cleanup)
Sep 19 10:17:33 pfmon(1) INFO: checking registered nodes for expiration
(main::cleanup)
Sep 19 10:17:33 pfmon(1) INFO: checking violations for expiration
(main::cleanup)
Sep 19 10:17:33 pfmon(1) INFO: checking accounting data for potential
bandwidth abuse (main::cleanup)
Sep 19 10:17:33 pfmon(1) INFO: getting violations triggers for accounting
cleanup (pf::accounting::acct_maintenance)
Sep 19 10:17:33 pfmon(1) INFO: Calling node acct maintenance total with
monthly and 1 for 21474836480 (pf::accounting::acct_maintenance)
Sep 19 10:27:33 pfmon(1) INFO: running expire check (main::cleanup)
Sep 19 10:27:33 pfmon(1) INFO: checking registered nodes for expiration
(main::cleanup)
Sep 19 10:27:33 pfmon(1) INFO: checking violations for expiration
(main::cleanup)
Sep 19 10:27:33 pfmon(1) INFO: checking accounting data for potential
bandwidth abuse (main::cleanup)
Sep 19 10:27:33 pfmon(1) INFO: getting violations triggers for accounting
cleanup (pf::accounting::acct_maintenance)
Sep 19 10:27:33 pfmon(1) INFO: Calling node acct maintenance total with
monthly and 1 for 21474836480 (pf::accounting::acct_maintenance)
Kind regards,
Patrick Schadewitz
Aprentice Qualified IT-Specialist for Systemintegration
Vocational Training.
---------------------------------------------------------
Sennheiser electronic GmbH & Co. KG
Am Labor 1
30900 Wedemark
(Phone
*email
:
:
:
+49 5130 600 0
[email protected]
www.sennheiser.com
________________________________________________________________________________________
Sennheiser electronic GmbH & Co. KG · Sitz 30900 Wedemark, Amtsgericht Hannover
HRA 120100
phG: Sennheiser Beteiligungs-GmbH · Sitz 30900 Wedemark, Amtsgericht Hannover
HRB 120179
Geschäftsführende Gesellschafter Dr. sc. techn. Andreas Sennheiser, Daniel
Sennheiser · Vorsitzender des Aufsichtsrates Prof. Dr. sc. techn. Jörg
Sennheiser
Diese E-Mail enthält vertrauliche oder rechtlich geschützte Informationen. Wenn
Sie nicht der beabsichtigte Empfänger sind, informieren Sie bitte sofort den
Absender
und löschen Sie diese E-Mail. Das unbefugte Kopieren dieser E-Mail oder die
unbefugte Weitergabe der enthaltenen Informationen ist nicht gestattet.
The information contained in this message is confidential or protected by law.
If you are not the intended recipient, please contact the sender
and delete this message. Any unauthorized copying of this message or
unauthorized distribution of the information contained herein is prohibited.
________________________________________________________________________________________
------------------------------------------------------------------------------
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes
Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13.
http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
