Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with that
code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request->{'Cisco-AVPair'})) {
if (ref($radius_request->{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request->{'Cisco-AVPair'}}) {
$logger->trace("Cisco-AVPair: ".$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair
= "ssid=PacketFence-Secure"
return $1;
} else {
$logger->info("Unable to extract SSID of
Cisco-AVPair: ".$ciscoAVPair);
}
}
} else {
if ($radius_request->{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = "ssid=PacketFence-Secure"
return $1;
} else {
$logger->info("Unable to extract SSID of Cisco-AVPair:
".$ciscoAVPair);
}
}
}
$logger->warn(
"Unable to extract SSID for module " . ref($this) . ".
SSID-based VLAN assignments won't work. "
. "Make sure you enable Vendor Specific Attributes (VSA) on the
AP if you want them to work."
);
return;
}
Of course restart httpd.webservices service.
Regards
Fabrice
Le 2014-07-01 17:36, Matteo Pidalà a écrit :
Hi everybody!
I reached one satisfied environment of Packetfence, with some switches
and users working with 802.1x authentication with captive portal self
registration.
That's great... thanks once again for this fantastic product.
Anyway right now I have one issue for the Wireless part.
I have (for now), one cisco Aironet 1242 that should be perfectly
compatible with pf.
_I receive this strange message from the troubleshooting that I did:_
/*Jul 02 01:19:29 httpd.webservices(4128) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*/
/*Jul 02 01:19:29 httpd.webservices(4128) INFO: handling radius autz
request: from switch_ip => 10.0.1.10, connection_type =>
Wireless-802.11-NoEAP,switch_mac => , mac => 04:f7:e4:f3:d6:99, port
=> 270, username => 04f7e4f3d699 (pf::radius::authorize)*/
/*Jul 02 01:19:29 httpd.webservices(4128) ERROR: radius authorize
failed with error: Can't use string ("ssid=Public") as an ARRAY ref
while "strict refs" in use at
/usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*/
/* (pf::api::radius_authorize)*/
/*Jul 02 01:19:32 httpd.webservices(4128) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*/
/*Jul 02 01:19:32 httpd.webservices(4128) INFO: handling radius autz
request: from switch_ip => 10.0.1.10, connection_type =>
Wireless-802.11-NoEAP,switch_mac => , mac => 04:f7:e4:f3:d6:99, port
=> 271, username => 04f7e4f3d699 (pf::radius::authorize)*/
/*Jul 02 01:19:32 httpd.webservices(4128) ERROR: radius authorize
failed with error: Can't use string ("ssid=Public") as an ARRAY ref
while "strict refs" in use at
/usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*/
/* (pf::api::radius_authorize)*/
_From the switch:_
*/*Mar 1 06:04:41.138: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
Authentication failed/*
*/*Mar 1 06:04:49.713: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
Authentication failed/*
_The extract focused configuration is this:_
#
# Copyright 2006-2008 Inverse inc.
#
# See the enclosed file COPYING for license information (GPL).
# If you did not receive this file, see
# http://www.fsf.org/licensing/licenses/gpl.html
[default]
description=Switches Default Values
vlans=1,2,3,4,5,10,20,30,35,40,50,60,100,110,120
normalVlan=100
registrationVlan=110
isolationVlan=120
macDetectionVlan=4
voiceVlan=5
inlineVlan=6
inlineTrigger=
normalRole=normal
registrationRole=registration
isolationRole=isolation
macDetectionRole=macDetection
voiceRole=voice
inlineRole=inline
VoIPEnabled=no
VlanMap=Y
RoleMap=Y
mode=testing
macSearchesMaxNb=30
macSearchesSleepInterval=2
uplink=dynamic
#
# Command Line Interface
#
# cliTransport could be: Telnet, SSH or Serial
cliTransport=Telnet
cliUser=
cliPwd=
cliEnablePwd=
#
# SNMP section
#
# PacketFence -> Switch
SNMPVersion=3
SNMPUserNameRead=readUser
SNMPAuthProtocolRead=MD5
SNMPAuthPasswordRead=authpwdread
SNMPPrivProtocolRead=AES
SNMPPrivPasswordRead=privpwdread
SNMPUserNameWrite=writeUser
SNMPAuthProtocolWrite=MD5
SNMPAuthPasswordWrite=authpwdwrite
SNMPPrivProtocolWrite=AES
SNMPPrivPasswordWrite=privpwdwrite
# Switch -> PacketFence
SNMPVersionTrap=3
SNMPUserNameTrap=readUser
SNMPAuthProtocolTrap=MD5
SNMPAuthPasswordTrap=authpwdread
SNMPPrivProtocolTrap=AES
SNMPPrivPasswordTrap=privpwdread
#
# Web Services Interface
#
# wsTransport could be: http or https
wsTransport=http
wsUser=
wsPwd=
#
# RADIUS NAS Client config
#
# RADIUS shared secret with switch
radiusSecret=udifiusdbfdbsuisdbfidbs
[10.0.1.4]
mode=production
defaultVlan=100
deauthMethod=SNMP
description=core
type=Cisco::Catalyst_3560
VoIPEnabled=N
uplink=1,2,3,4,5,6,7,8,9,10
defaultRole=default
guestVlan=100
gamingRole=guest
guestRole=guest
gamingVlan=100
wsPwd=cisco
wsUser=cisco
SNMPEngineID=AA5ED139B81D4A328D18ACD1
[10.0.1.10]
SNMPVersion=2c
SNMPCommunityRead=public
SNMPCommunityWrite=private
SNMPVersionTrap=2c
SNMPCommunityTrap=public
mode=production
description=AP
type=Cisco::Aironet_1242
_AP Configuration:_
aaa group server radius rad_eap
server 10.0.1.3 auth-port 1812 acct-port 1813
aaa group server radius rad_mac
server 10.0.1.3 auth-port 1812 acct-port 1813
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods group rad_mac
snmp-server community public RO
snmp-server community private RW
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps aaa_server
radius-server host 10.0.1.3 auth-port 1812 acct-port 1813 key 7
ljljlkjlkjlkjjklkjljkljkljlj74F08090127
radius-server vsa send accounting
radius-server vsa send authentication
If you need something else...
in the meantime... thanks in advance for your further support!!!
Regards
Matteo
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
