My fault, it´s just a little syntax error, try this:
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request->{'Cisco-AVPair'})) {
if (ref($radius_request->{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request->{'Cisco-AVPair'}}) {
$logger->trace("Cisco-AVPair: ".$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair
= "ssid=PacketFence-Secure"
return $1;
} else {
$logger->info("Unable to extract SSID of
Cisco-AVPair: ".$ciscoAVPair);
}
}
} else {
if ($radius_request->{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = "ssid=PacketFence-Secure"
return $1;
} else {
$logger->info("Unable to extract SSID of Cisco-AVPair:
".$radius_request->{'Cisco-AVPair'});
}
}
}
$logger->warn(
"Unable to extract SSID for module " . ref($this) . ".
SSID-based VLAN assignments won't work. "
. "Make sure you enable Vendor Specific Attributes (VSA) on the
AP if you want them to work."
);
return;
}
Fabrice
Le 2014-07-02 16:21, Matteo Pidalà a écrit :
Hi Fabrice,
I'm sorry to disturb you once again, but after the function change, I
receive a new error from packetfence.log after trying to connect my
laptop in wifi:
*/Jul 03 00:19:33 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:33 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:33 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
*/Jul 03 00:19:36 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:36 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:36 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
*/Jul 03 00:19:39 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:39 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:39 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
*/Jul 03 00:19:43 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:43 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:43 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
The configuration is still like my first mail.
Any suggestion are welcome!!
Regards
Mattteo
2014-07-01 23:49 GMT+02:00 Durand fabrice <[email protected]
<mailto:[email protected]>>:
Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with
that code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request->{'Cisco-AVPair'})) {
if (ref($radius_request->{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request->{'Cisco-AVPair'}}) {
$logger->trace("Cisco-AVPair: ".$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex:
Cisco-AVPair = "ssid=PacketFence-Secure"
return $1;
} else {
$logger->info("Unable to extract SSID of
Cisco-AVPair: ".$ciscoAVPair);
}
}
} else {
if ($radius_request->{'Cisco-AVPair'} =~
/^ssid=(.*)$/) { # ex: Cisco-AVPair = "ssid=PacketFence-Secure"
return $1;
} else {
$logger->info("Unable to extract SSID of
Cisco-AVPair: ".$ciscoAVPair);
}
}
}
$logger->warn(
"Unable to extract SSID for module " . ref($this) . ".
SSID-based VLAN assignments won't work. "
. "Make sure you enable Vendor Specific Attributes (VSA)
on the AP if you want them to work."
);
return;
}
Of course restart httpd.webservices service.
Regards
Fabrice
Le 2014-07-01 17:36, Matteo Pidalà a écrit :
Hi everybody!
I reached one satisfied environment of Packetfence, with some
switches and users working with 802.1x authentication with
captive portal self registration.
That's great... thanks once again for this fantastic product.
Anyway right now I have one issue for the Wireless part.
I have (for now), one cisco Aironet 1242 that should be perfectly
compatible with pf.
_I receive this strange message from the troubleshooting that I did:_
/*Jul 02 01:19:29 httpd.webservices(4128) INFO: Unable to extract
MAC from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*/
/*Jul 02 01:19:29 httpd.webservices(4128) INFO: handling radius
autz request: from switch_ip => 10.0.1.10, connection_type =>
Wireless-802.11-NoEAP,switch_mac => , mac => 04:f7:e4:f3:d6:99,
port => 270, username => 04f7e4f3d699 (pf::radius::authorize)*/
/*Jul 02 01:19:29 httpd.webservices(4128) ERROR: radius authorize
failed with error: Can't use string ("ssid=Public") as an ARRAY
ref while "strict refs" in use at
/usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*/
/* (pf::api::radius_authorize)*/
/*Jul 02 01:19:32 httpd.webservices(4128) INFO: Unable to extract
MAC from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*/
/*Jul 02 01:19:32 httpd.webservices(4128) INFO: handling radius
autz request: from switch_ip => 10.0.1.10, connection_type =>
Wireless-802.11-NoEAP,switch_mac => , mac => 04:f7:e4:f3:d6:99,
port => 271, username => 04f7e4f3d699 (pf::radius::authorize)*/
/*Jul 02 01:19:32 httpd.webservices(4128) ERROR: radius authorize
failed with error: Can't use string ("ssid=Public") as an ARRAY
ref while "strict refs" in use at
/usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*/
/* (pf::api::radius_authorize)*/
_From the switch:_
*/*Mar 1 06:04:41.138: %DOT11-7-AUTH_FAILED: Station
04f7.e4f3.d699 Authentication failed/*
*/*Mar 1 06:04:49.713: %DOT11-7-AUTH_FAILED: Station
04f7.e4f3.d699 Authentication failed/*
_The extract focused configuration is this:_
#
# Copyright 2006-2008 Inverse inc.
#
# See the enclosed file COPYING for license information (GPL).
# If you did not receive this file, see
# http://www.fsf.org/licensing/licenses/gpl.html
[default]
description=Switches Default Values
vlans=1,2,3,4,5,10,20,30,35,40,50,60,100,110,120
normalVlan=100
registrationVlan=110
isolationVlan=120
macDetectionVlan=4
voiceVlan=5
inlineVlan=6
inlineTrigger=
normalRole=normal
registrationRole=registration
isolationRole=isolation
macDetectionRole=macDetection
voiceRole=voice
inlineRole=inline
VoIPEnabled=no
VlanMap=Y
RoleMap=Y
mode=testing
macSearchesMaxNb=30
macSearchesSleepInterval=2
uplink=dynamic
#
# Command Line Interface
#
# cliTransport could be: Telnet, SSH or Serial
cliTransport=Telnet
cliUser=
cliPwd=
cliEnablePwd=
#
# SNMP section
#
# PacketFence -> Switch
SNMPVersion=3
SNMPUserNameRead=readUser
SNMPAuthProtocolRead=MD5
SNMPAuthPasswordRead=authpwdread
SNMPPrivProtocolRead=AES
SNMPPrivPasswordRead=privpwdread
SNMPUserNameWrite=writeUser
SNMPAuthProtocolWrite=MD5
SNMPAuthPasswordWrite=authpwdwrite
SNMPPrivProtocolWrite=AES
SNMPPrivPasswordWrite=privpwdwrite
# Switch -> PacketFence
SNMPVersionTrap=3
SNMPUserNameTrap=readUser
SNMPAuthProtocolTrap=MD5
SNMPAuthPasswordTrap=authpwdread
SNMPPrivProtocolTrap=AES
SNMPPrivPasswordTrap=privpwdread
#
# Web Services Interface
#
# wsTransport could be: http or https
wsTransport=http
wsUser=
wsPwd=
#
# RADIUS NAS Client config
#
# RADIUS shared secret with switch
radiusSecret=udifiusdbfdbsuisdbfidbs
[10.0.1.4]
mode=production
defaultVlan=100
deauthMethod=SNMP
description=core
type=Cisco::Catalyst_3560
VoIPEnabled=N
uplink=1,2,3,4,5,6,7,8,9,10
defaultRole=default
guestVlan=100
gamingRole=guest
guestRole=guest
gamingVlan=100
wsPwd=cisco
wsUser=cisco
SNMPEngineID=AA5ED139B81D4A328D18ACD1
[10.0.1.10]
SNMPVersion=2c
SNMPCommunityRead=public
SNMPCommunityWrite=private
SNMPVersionTrap=2c
SNMPCommunityTrap=public
mode=production
description=AP
type=Cisco::Aironet_1242
_AP Configuration:_
aaa group server radius rad_eap
server 10.0.1.3 auth-port 1812 acct-port 1813
aaa group server radius rad_mac
server 10.0.1.3 auth-port 1812 acct-port 1813
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods group rad_mac
snmp-server community public RO
snmp-server community private RW
snmp-server enable traps disassociate
snmp-server enable traps deauthenticate
snmp-server enable traps aaa_server
radius-server host 10.0.1.3 auth-port 1812 acct-port 1813 key 7
ljljlkjlkjlkjjklkjljkljkljlj74F08090127
radius-server vsa send accounting
radius-server vsa send authentication
If you need something else...
in the meantime... thanks in advance for your further support!!!
Regards
Matteo
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Open source business process management suite built on Java and
Eclipse
Turn processes into business applications with Bonita BPM
Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
