Hi Fabrice,
I'm sorry to disturb you once again, but after the function change, I
receive a new error from packetfence.log after trying to connect my laptop
in wifi:
*Jul 03 00:19:33 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:33 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:33 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:36 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:36 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:36 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:39 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:39 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:39 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:43 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:43 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:43 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
The configuration is still like my first mail.
Any suggestion are welcome!!
Regards
Mattteo
2014-07-01 23:49 GMT+02:00 Durand fabrice <fdur...@inverse.ca>:
> Hello Matteo,
>
> can you edit Aironet.pm and replace the function extractSsid with that
> code and retry :
>
>
> sub extractSsid {
> my ($this, $radius_request) = @_;
> my $logger = Log::Log4perl::get_logger(ref($this));
>
> if (defined($radius_request->{'Cisco-AVPair'})) {
> if (ref($radius_request->{'Cisco-AVPair'}) eq 'ARRAY') {
> foreach my $ciscoAVPair (@{$radius_request->{'Cisco-AVPair'}})
> {
> $logger->trace("Cisco-AVPair: ".$ciscoAVPair);
>
> if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair =
> "ssid=PacketFence-Secure"
> return $1;
> } else {
> $logger->info("Unable to extract SSID of Cisco-AVPair:
> ".$ciscoAVPair);
> }
> }
> } else {
> if ($radius_request->{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
> ex: Cisco-AVPair = "ssid=PacketFence-Secure"
> return $1;
> } else {
> $logger->info("Unable to extract SSID of Cisco-AVPair:
> ".$ciscoAVPair);
> }
> }
> }
>
> $logger->warn(
> "Unable to extract SSID for module " . ref($this) . ". SSID-based
> VLAN assignments won't work. "
> . "Make sure you enable Vendor Specific Attributes (VSA) on the AP
> if you want them to work."
> );
> return;
> }
>
>
> Of course restart httpd.webservices service.
>
> Regards
> Fabrice
>
> Le 2014-07-01 17:36, Matteo Pidalà a écrit :
>
> Hi everybody!
> I reached one satisfied environment of Packetfence, with some switches and
> users working with 802.1x authentication with captive portal self
> registration.
> That's great... thanks once again for this fantastic product.
>
> Anyway right now I have one issue for the Wireless part.
>
> I have (for now), one cisco Aironet 1242 that should be perfectly
> compatible with pf.
>
> *I receive this strange message from the troubleshooting that I did:*
> *Jul 02 01:19:29 httpd.webservices(4128) INFO: Unable to extract MAC from
> Called-Station-Id: 0021.1be9.8770
> (pf::radius::extractApMacFromRadiusRequest)*
> *Jul 02 01:19:29 httpd.webservices(4128) INFO: handling radius autz
> request: from switch_ip => 10.0.1.10, connection_type =>
> Wireless-802.11-NoEAP,switch_mac => , mac => 04:f7:e4:f3:d6:99, port =>
> 270, username => 04f7e4f3d699 (pf::radius::authorize)*
> *Jul 02 01:19:29 httpd.webservices(4128) ERROR: radius authorize failed
> with error: Can't use string ("ssid=Public") as an ARRAY ref while "strict
> refs" in use at /usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*
> * (pf::api::radius_authorize)*
> *Jul 02 01:19:32 httpd.webservices(4128) INFO: Unable to extract MAC from
> Called-Station-Id: 0021.1be9.8770
> (pf::radius::extractApMacFromRadiusRequest)*
> *Jul 02 01:19:32 httpd.webservices(4128) INFO: handling radius autz
> request: from switch_ip => 10.0.1.10, connection_type =>
> Wireless-802.11-NoEAP,switch_mac => , mac => 04:f7:e4:f3:d6:99, port =>
> 271, username => 04f7e4f3d699 (pf::radius::authorize)*
> *Jul 02 01:19:32 httpd.webservices(4128) ERROR: radius authorize failed
> with error: Can't use string ("ssid=Public") as an ARRAY ref while "strict
> refs" in use at /usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*
> * (pf::api::radius_authorize)*
>
>
> *From the switch:*
> **Mar 1 06:04:41.138: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
> Authentication failed*
> **Mar 1 06:04:49.713: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
> Authentication failed*
>
>
> *The extract focused configuration is this:*
> #
> # Copyright 2006-2008 Inverse inc.
> #
> # See the enclosed file COPYING for license information (GPL).
> # If you did not receive this file, see
> # http://www.fsf.org/licensing/licenses/gpl.html
>
> [default]
> description=Switches Default Values
> vlans=1,2,3,4,5,10,20,30,35,40,50,60,100,110,120
> normalVlan=100
> registrationVlan=110
> isolationVlan=120
> macDetectionVlan=4
> voiceVlan=5
> inlineVlan=6
> inlineTrigger=
> normalRole=normal
> registrationRole=registration
> isolationRole=isolation
> macDetectionRole=macDetection
> voiceRole=voice
> inlineRole=inline
> VoIPEnabled=no
> VlanMap=Y
> RoleMap=Y
> mode=testing
> macSearchesMaxNb=30
> macSearchesSleepInterval=2
> uplink=dynamic
> #
> # Command Line Interface
> #
> # cliTransport could be: Telnet, SSH or Serial
> cliTransport=Telnet
> cliUser=
> cliPwd=
> cliEnablePwd=
> #
> # SNMP section
> #
> # PacketFence -> Switch
> SNMPVersion=3
> SNMPUserNameRead=readUser
> SNMPAuthProtocolRead=MD5
> SNMPAuthPasswordRead=authpwdread
> SNMPPrivProtocolRead=AES
> SNMPPrivPasswordRead=privpwdread
> SNMPUserNameWrite=writeUser
> SNMPAuthProtocolWrite=MD5
> SNMPAuthPasswordWrite=authpwdwrite
> SNMPPrivProtocolWrite=AES
> SNMPPrivPasswordWrite=privpwdwrite
> # Switch -> PacketFence
> SNMPVersionTrap=3
> SNMPUserNameTrap=readUser
> SNMPAuthProtocolTrap=MD5
> SNMPAuthPasswordTrap=authpwdread
> SNMPPrivProtocolTrap=AES
> SNMPPrivPasswordTrap=privpwdread
> #
> # Web Services Interface
> #
> # wsTransport could be: http or https
> wsTransport=http
> wsUser=
> wsPwd=
> #
> # RADIUS NAS Client config
> #
> # RADIUS shared secret with switch
> radiusSecret=udifiusdbfdbsuisdbfidbs
>
> [10.0.1.4]
> mode=production
> defaultVlan=100
> deauthMethod=SNMP
> description=core
> type=Cisco::Catalyst_3560
> VoIPEnabled=N
> uplink=1,2,3,4,5,6,7,8,9,10
> defaultRole=default
> guestVlan=100
> gamingRole=guest
> guestRole=guest
> gamingVlan=100
> wsPwd=cisco
> wsUser=cisco
> SNMPEngineID=AA5ED139B81D4A328D18ACD1
> [10.0.1.10]
> SNMPVersion=2c
> SNMPCommunityRead=public
> SNMPCommunityWrite=private
> SNMPVersionTrap=2c
> SNMPCommunityTrap=public
> mode=production
> description=AP
> type=Cisco::Aironet_1242
>
>
> *AP Configuration:*
>
> aaa group server radius rad_eap
> server 10.0.1.3 auth-port 1812 acct-port 1813
> aaa group server radius rad_mac
> server 10.0.1.3 auth-port 1812 acct-port 1813
>
> aaa authentication login eap_methods group rad_eap
> aaa authentication login mac_methods group rad_mac
>
> snmp-server community public RO
> snmp-server community private RW
> snmp-server enable traps disassociate
> snmp-server enable traps deauthenticate
> snmp-server enable traps aaa_server
> radius-server host 10.0.1.3 auth-port 1812 acct-port 1813 key 7
> ljljlkjlkjlkjjklkjljkljkljlj74F08090127
> radius-server vsa send accounting
> radius-server vsa send authentication
>
>
>
> If you need something else...
> in the meantime... thanks in advance for your further support!!!
>
> Regards
>
> Matteo
>
>
>
>
> ------------------------------------------------------------------------------
> Open source business process management suite built on Java and Eclipse
> Turn processes into business applications with Bonita BPM Community Edition
> Quickly connect people, data, and systems into organized workflows
> Winner of BOSSIE, CODIE, OW2 and Gartner awardshttp://p.sf.net/sfu/Bonitasoft
>
>
>
> _______________________________________________
> PacketFence-users mailing
> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
>
> ------------------------------------------------------------------------------
> Open source business process management suite built on Java and Eclipse
> Turn processes into business applications with Bonita BPM Community Edition
> Quickly connect people, data, and systems into organized workflows
> Winner of BOSSIE, CODIE, OW2 and Gartner awards
> http://p.sf.net/sfu/Bonitasoft
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
