Then there should be a Radius disconnect sent from PF to the switch. Check the logs for warning or errors such as "Unable to perform RADIUS CoA-Request" or "Wrong RADIUS secret or unreachable network device".
What is most likely happening is that your device is not disconnected/reconnected and thus there is no new VLAN sent to the switch for that port. Check the logs (logs/radius.log) when you change registration status. Do you see a new Radius request come in for your device? If not, then there definitely is something wrong with your disconnection. Radius CoA is sent to port 3799. Make sure nothing is blocking traffic on that port from the PF server to the switch. That should get you started. Regards, -- Louis Munro [email protected] :: www.inverse.ca +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On 2014-03-31, at 11:39 , "Decoursey, Jason B CADET MIL USA USMA" <[email protected]> wrote: > Louis, > > I have a Cisco 2960 and I am using MAB with radius deauth. I am running pf > 4.1 on Centos 6.4. > > -Jason > > -----Original Message----- > From: Louis Munro [mailto:[email protected]] > Sent: Monday, March 31, 2014 10:03 AM > To: [email protected] > Subject: Re: [PacketFence-users] After Registration Network Enable Fails > > Hi Jason, > > Please tell us more about your setup. > To answer that question requires us to know which switch you have and which > deauthentication method you are using. > > > Regards, > > -- > Louis Munro > [email protected] :: www.inverse.ca > +1.514.447.4918 *125 :: +1 (866) 353-6153 > Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence > (www.packetfence.org) > > On 2014-03-28, at 14:34 , "Decoursey, Jason B CADET MIL USA USMA" > <[email protected]> wrote: > > > Hello, > > Process: > New machine connects and is assigned to the registration vlan via MAB > > user registers > captive portal displays the enabling network loading bar > > Connectivity Fails. > > What is going on in the background during that process? > > What I have seen in my tests is after the captive portal displays the > enabling screen and the connectivity test fails, the user remains on > registration vlan 12. On the Web Gui I can see the new unregistered user with > the role of guest. I assumed that during the enabling screen on the captive > portal PF is telling the switch to place the port on the guest vlan but it > never changes from the registration vlan. > > Any help would be very appreciated. > > -Jason > > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
