I have been using packetfence for years and had the remote sites working and
now they are not working. I have been racking my brain to try and figure this
out. I am running 3.6.1.
In the Packetfence.log it shows but doesn’t switch the port over. I am using
MAB authentication and I see it hitting the Radius server as well.
Nov 15 12:14:24 pfdhcplistener(5100) INFO: DHCPREQUEST from MAC
ADDRESS(192.168.68.10) (main::parse_dhcp_request)
Nov 15 12:14:24 pfdhcplistener(5100) INFO: MAC ADDRESS requested an IP. DHCP
Fingerprint: OS::100 (Microsoft Windows XP). Modified node with last_dhcp =
2013-11-15 12:14:24,computername = PCNAME,dhcp_fingerprint =
1,15,3,6,44,46,47,31,33,249,43 (main::listen_dhcp)
Nov 15 12:14:24 pfdhcplistener(5100) INFO: MAC ADDRESS requested an IP. DHCP
Fingerprint: OS::1113 (Palm OS). Modified node with last_dhcp = 2013-11-15
12:14:24,computername = ,dhcp_fingerprint = 1,3,6,15,44,46,47,66,67
(main::listen_dhcp)
Nov 15 12:14:24 pfdhcplistener(5100) INFO: MAC ADDRESS requested an IP. DHCP
Fingerprint: OS::1113 (Palm OS). Modified node with last_dhcp = 2013-11-15
12:14:24,computername = ,dhcp_fingerprint = 1,3,6,15,44,46,47,66,67
(main::listen_dhcp)
Nov 15 12:14:26 pfdhcplistener(5100) INFO: 00:15:70:37:a1:ca requested an IP.
DHCP Fingerprint: OS::1113 (Palm OS). Modified node with last_dhcp = 2013-11-15
12:14:26,computername = ,dhcp_fingerprint = 1,3,6,15,44,46,47,66,67
(main::listen_dhcp)
Nov 15 12:14:32 pfdhcplistener(5100) INFO: 00:15:70:af:c7:cc requested an IP.
DHCP Fingerprint: OS::1113 (Palm OS). Modified node with last_dhcp = 2013-11-15
12:14:32,computername = ,dhcp_fingerprint = 1,3,6,15,44,46,47,66,67
(main::listen_dhcp)
Nov 15 12:14:33 pf::WebAPI(5367) INFO: handling radius autz request: from
switch_ip => 192.168.68.2, connection_type => Ethernet-NoEAP mac =>
00:23:18:dc:3f:56, port => 50024, username => MAC ADDRESS
(pf::radius::authorize)
Nov 15 12:14:33 pf::WebAPI(5367) INFO: MAC: MAC ADDRESS is of status unreg;
belongs into registration VLAN (pf::vlan::getRegistrationVlan)
Nov 15 12:14:33 pf::WebAPI(5367) WARN: Role-based Network Access Control is not
supported on network device type pf::SNMP::Cisco::Catalyst_3560G.
(pf::SNMP::supportsRoleBasedEnforcement)
If I manually put the port into the Reg vlan I get the captive portal.
On the cisco 3560G switch I am getting
Nov 15 19:12:38.072: %AUTHMGR-5-START: Starting 'mab' for client (MAC) on
Interface Gi0/24 AuditSessionID C0A84402000000190102BD76
Nov 15 19:12:38.265: %MAB-5-SUCCESS: Authentication successful for client (MAC)
on Interface Gi0/24 AuditSessionID C0A84402000000190102BD76
Nov 15 19:12:38.265: %AUTHMGR-7-RESULT: Authentication result 'success' from
'mab' for client (MAC) on Interface Gi0/24 AuditSessionID
C0A84402000000190102BD76
Nov 15 19:12:39.297: %AUTHMGR-5-SUCCESS: Authorization succeeded for client
(MAC) on Interface Gi0/24 AuditSessionID C0A84402000000190102BD76
Nov 15 19:12:39.624: %LINK-3-UPDOWN: Interface GigabitEthernet0/24, changed
state to up
Nov 15 19:12:40.631: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet0/24, changed state to up
Something else interesting is that if I switch the device on the NODES to
registered it does make the connection and switches the port via SNMP.
Any help would be greatly appreciated.
Thanks
Dan Nelson
Network Administrator
Nutraceutical Corporation
Office 801-334-3702
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
