Yes, but you have to look inside the ldap traffic, like is the filter is
ok, is the answer is ok ...
Regards
Fabrice
Le 2013-11-18 14:43, forbmsyn a écrit :
When I hit test on web UI I did see traffic like below, by using
tcpdump on the PF box, and the test was successful.
14:37:00.635141 ARP, Request who-has adserver.xxx.com
<http://adserver.xxx.com> tell 10.0.10.100, length 28
14:37:00.635638 ARP, Reply adserver.xxx.com <http://adserver.xxx.com>
is-at 00:50:56:b0:38:31 (oui Unknown), length 46
14:37:00.635644 IP 10.0.10.100.43303 > adserver.xxx.com.ldap: Flags
[S], seq 645803100, win 14600, options [mss 1460,sackOK,TS val 3602191
ecr 0,nop,wscale 7], length 0
14:37:00.636043 IP adserver.xxx.com.ldap > 10.0.10.100.43303: Flags
[S.], seq 1271602926, ack 645803101, win 17520, options [mss
1460,nop,wscale 0,nop,nop,TS val 0 ecr 0,nop,nop,sackOK], length 0
14:37:00.636062 IP 10.0.10.100.43303 > adserver.xxx.com.ldap: Flags
[.], ack 1, win 115, options [nop,nop,TS val 3602192 ecr 0], length 0
14:37:00.637204 IP 10.0.10.100.43303 > adserver.xxx.com.ldap: Flags
[P.], seq 1:15, ack 1, win 115, options [nop,nop,TS val 3602194 ecr
0], length 14
14:37:00.637728 IP adserver.xxx.com.ldap > 10.0.10.100.43303: Flags
[P.], seq 1:23, ack 15, win 17506, options [nop,nop,TS val 114324408
ecr 3602194], length 22
14:37:00.637757 IP 10.0.10.100.43303 > adserver.xxx.com.ldap: Flags
[.], ack 23, win 115, options [nop,nop,TS val 3602194 ecr 114324408],
length 0
14:37:00.642313 IP 10.0.10.100.43303 > adserver.xxx.com.ldap: Flags
[P.], seq 15:103, ack 23, win 115, options [nop,nop,TS val 3602199 ecr
114324408], length 88
14:37:00.643487 IP adserver.xxx.com.ldap > 10.0.10.100.43303: Flags
[P.], seq 23:45, ack 103, win 17418, options [nop,nop,TS val 114324408
ecr 3602199], length 22
14:37:00.643691 IP 10.0.10.100.43303 > adserver.xxx.com.ldap: Flags
[F.], seq 103, ack 45, win 115, options [nop,nop,TS val 3602200 ecr
114324408], length 0
14:37:00.644032 IP adserver.xxx.com.ldap > 10.0.10.100.43303: Flags
[.], ack 104, win 17418, options [nop,nop,TS val 114324408 ecr
3602200], length 0
14:37:00.644139 IP adserver.xxx.com.ldap > 10.0.10.100.43303: Flags
[F.], seq 45, ack 104, win 17418, options [nop,nop,TS val 114324408
ecr 3602200], length 0
14:37:00.644146 IP 10.0.10.100.43303 > adserver.xxx.com.ldap: Flags
[.], ack 46, win 115, options [nop,nop,TS val 3602201 ecr 114324408],
length 0
But when I tried to login from captive portal there is not traffic can
be seen from the PF box.
Regards,
Jacky
On Fri, Nov 15, 2013 at 9:09 PM, Fabrice DURAND <[email protected]
<mailto:[email protected]>> wrote:
Yes of course there is traffic, but what inside ?
Do you took a pcap file and check if ldap traffic was normal ?
Regards
Fabrice
Le 2013-11-15 17:46, forbmsyn a écrit :
Hi Fabrice,
Changing the scope didn't help. And there is ldap traffic when I
login from portal.
Regards,
Jacky
On Fri, Nov 15, 2013 at 3:26 PM, Fabrice DURAND
<[email protected] <mailto:[email protected]>> wrote:
Hello Jacky,
try scope=sub and maybe use tcpdump on the port 389 to see
the ldap traffic.
Regards
Fabrice
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] <mailto:[email protected]> ::+1.514.447.4918
<tel:%2B1.514.447.4918> (x135) ::www.inverse.ca <http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native
Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP
server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and
Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
