Hello All,
I am new to packetfence and find myself in need of some help. I have the server
setup and configured. It will authorize clients and seems to work very well,
however when I attempt to add another portal and authorize the client I am
taken to the default portal not the one for the vlan I connected to. That Vlan
should use AD. I have traced the issue down to the possibility that SSID's are
not being reported from the WLC to pf.
I am using the SSID that was connected to as the identifier for the portal so
that would seem to indicate that pf was not understanding or that I do not have
something set properly in the WLC.
Relevant Log section:
Mar 04 14:33:18 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] handling radius autz
request: from switch_ip => (172.16.1.xx), connection_type =>
Wireless-802.11-NoEAP,switch_mac => (), mac => [64:a3:cb:63:xx:xx], port => 2,
username => "64:a3:cb:63:xx:xx" (pf::radius::authorize)
Mar 04 14:33:18 httpd.aaa(7096) INFO: Unable to extract SSID of
Called-Station-Id: 44:d3:ca:b7:b2:e0 (pf::Switch::extractSsid)
Mar 04 14:33:18 httpd.aaa(7096) WARN: Unable to extract SSID for module
pf::Switch::Cisco::WLC_5500. SSID-based VLAN assignments won't work. Please let
us know so we can add support for it. (pf::Switch::extractSsid)
Mar 04 14:33:18 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] is of status unreg;
belongs into registration VLAN (pf::vlan::getRegistrationVlan)
Mar 04 14:33:18 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] (172.16.1.xx) Added
role Pre-Auth-For-WebRedirect to the returned RADIUS Access-Accept under
attribute Airespace-ACL-Name (pf::Switch::returnRadiusAccessAccept)
Mar 04 14:33:18 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] (172.16.1.xx)
Returning ACCEPT with VLAN 5 and role Pre-Auth-For-WebRedirect
(pf::Switch::returnRadiusAccessAccept)
Mar 04 15:03:43 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] handling radius autz
request: from switch_ip => (172.16.1.xx), connection_type =>
Wireless-802.11-NoEAP,switch_mac => (), mac => [64:a3:cb:63:xx:xx], port => 2,
username => "64:a3:cb:63:xx:xx" (pf::radius::authorize)
Mar 04 15:03:43 httpd.aaa(7096) INFO: Unable to extract SSID of
Called-Station-Id: 44:d3:ca:b7:b2:e0 (pf::Switch::extractSsid)
Mar 04 15:03:43 httpd.aaa(7096) WARN: Unable to extract SSID for module
pf::Switch::Cisco::WLC_5500. SSID-based VLAN assignments won't work. Please let
us know so we can add support for it. (pf::Switch::extractSsid)
Mar 04 15:03:43 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] is of status unreg;
belongs into registration VLAN (pf::vlan::getRegistrationVlan)
Mar 04 15:03:43 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] (172.16.1.xx) Added
role Pre-Auth-For-WebRedirect to the returned RADIUS Access-Accept under
attribute Airespace-ACL-Name (pf::Switch::returnRadiusAccessAccept)
Mar 04 15:03:43 httpd.aaa(7096) INFO: [64:a3:cb:63:xx:xx] (172.16.1.xx)
Returning ACCEPT with VLAN 5 and role Pre-Auth-For-WebRedirect
(pf::Switch::returnRadiusAccessAccept)
I have reviewed the guides for implementing on Cisco WLC and found no
information on this issue.
Thank You in advance for any help that anyone can provide.
-Robert Charles
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
