So, I've got PacketFence up and running now - partly ...
My gear:
PF 4.0.6-2 on a Centos 6.4 x64 Server
Extreme Networks Summit X460-48t, XOS 15.3.1.4-patch19, all ports configured
into macregistration-vlan (tag 302)
PacketFence properly learns all the nodes on my network, I can manually
pre-register these nodes and they got dropped into the correct role/vlan. So
far so good ...
But ...
An directly attached, unregistered node (that stays in macregistration-vlan)
gets blackholed in the fdb and - ergo - can't connect to the captive-portal for
user-self-registration:
switch1 # show netlogin port 11
Port : 11
Port Restart : Disabled
Allow Egress : None
Vlan : macregistration
Authentication : mac-based
Port State : Enabled
Guest Vlan : Disabled
Auth Failure Vlan : Disabled
Auth Service-Unavailable Vlan : Disabled
MAC IP address Authenticated Type
ReAuth-Timer User
00:1b:78:3c:8f:99 0.0.0.0 Yes(B), Radius MAC 7106
001B783C8F99
-----------------------------------------------
(B) - Client entry Blackholed in FDB
while a virtual machine on a registered node or a node on a miniswitch with
some other registered node can properly connect to the captive-portal, register
and connect to its target vlan!
PF-Radius says:
Wed Nov 13 10:45:18 2013 : Auth: Login OK: [001B783C8F99] (from client
10.4.201.18 port 1011 cli 00-1B-78-3C-8F-99)
Wed Nov 13 10:45:18 2013 : Auth: rlm_perl: Returning vlan 302 to request from
00:1b:78:3c:8f:99 port 1011
So, as far as I can see, the unregistered node is authenticated correctly to
the macregistration-vlan (302) and SHOULD get an ipaddress for further
proceeding. But instead I got no network connectivity at all.
Am I missing something? Because configuration actually was pretty
straightforward (switch- and PF-side) ...
FYI: When I deselect the "force-registration"-checkbox in PF, the unregistered
nodes get a correct macregistration-ipaddress, but then there is no
captive-portal to register (works as designed, I guess).
Thanks in advance!
regards
Mark
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
