Thank you, Fabrice!
Yes, packetfence is able to resolv ip address to mac.
I need to think about dhcp server.
*Hello Dmitriy,
When you hit the portal, does PacketFence is able to resolv your ip to
mac (in the bottom of the page).
Also if it's a Inline setup, packetfence use dhcp traffic to update
locationlog , so if there is no dhcp traffic then the location log will
never be updated and your access will never be reevaluate.
Regards
Fabrice
Le 2015-04-13 07:58, Dima Ermakov a écrit :
> Good day!
> I try to use packetfence zen with inline enforcement
> I have two network adapters: WAN (10.100.0.10/24 <http://10.100.0.10/24>
> <http://10.100.0.10/24> <http://10.100.0.10/24%3E>;) and LAN (10.127.0.10/24
> <http://10.127.0.10/24> <http://10.127.0.10/24> <http://10.127.0.10/24%3E>;).
>
> I use external RADIUS server for captive portal auth, it works good.
>
> Other configuration parameters are default.
>
> I try to use packetfence as a gateway from maschine client1
> (10.127.0.100). It has static IP address.
>
> When i try to open any wesite I see captive portal site. I nter
> user/password, then packetfence write: "Your network should be enabled
> within minute or two. If it is not reboot your computer".
>
> I wait about 2-5 minutes, but i can not connect to internet.
> Then i reboot my computer, but internet connection doesn't work.
>
> If i open configuration interface i see my compuer as registered device.
>
> In packetfence.log i see this:
>
> Apr 13 07:48:06 httpd.portal(2138) INFO: [00:15:5d:0b:50:15] Updating
> node user_agent with useragent: 'Mozilla/4.0 (compatible; MSIE 7.0;
> Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR
> 3.5.30729; .NET4.0C; .NET4.0E)'
> (captiveportal::PacketFence::Controller::CaptivePortal::nodeRecordUserAgent)
> Apr 13 07:48:06 httpd.portal(2138) INFO: Static User-Agent lookup data
> initialized (pf::useragent::_init)
> Apr 13 07:48:06 httpd.portal(2138) INFO: [00:15:5d:0b:50:15]
> redirected to authentication page on default portal
> (captiveportal::PacketFence::Controller::CaptivePortal::checkIfNeedsToRegister)
> Apr 13 07:48:36 httpd.portal(2137) INFO: Authentication successful for
> User in source radius.test.local (RADIUS)
> (pf::authentication::authenticate)
> Apr 13 07:48:36 httpd.portal(2137) INFO: Matched rule
> (set_Role_CP_Users) in source radius.test.local, returning actions.
> (pf::Authentication::Source::match)
> Apr 13 07:48:36 httpd.portal(2137) INFO: Matched rule
> (set_Role_CP_Users) in source radius.test.local, returning actions.
> (pf::Authentication::Source::match)
> Apr 13 07:48:36 httpd.portal(2137) WARN: Can't find provisioner for
> 00:15:5d:0b:50:15 since we don't have it's fingerprint
> (pf::Portal::Profile::findProvisioner)
> Apr 13 07:48:36 httpd.portal(2137) WARN: Can't find provisioner for
> 00:15:5d:0b:50:15 since we don't have it's fingerprint
> (pf::Portal::Profile::findProvisioner)
> Apr 13 07:48:36 httpd.portal(2137) INFO: [00:15:5d:0b:50:15]
> re-evaluating access (manage_register called)
> (pf::enforcement::reevaluate_access)
> Apr 13 07:48:36 httpd.portal(2137) WARN: Location Log
> (pf::enforcement::reevaluate_access)
> Apr 13 07:48:36 httpd.portal(2137) WARN: [00:15:5d:0b:50:15] Can't
> re-evaluate access because no open locationlog entry was found
> (pf::enforcement::reevaluate_access)
> Apr 13 07:48:36 httpd.portal(2137) WARN: Can't find provisioner for
> 00:15:5d:0b:50:15 since we don't have it's fingerprint
> (pf::Portal::Profile::findProvisioner)
> Apr 13 07:48:48 httpd.portal(2260) INFO: [00:15:5d:0b:50:15] shouldn't
> reach here. Calling access re-evaluation. Make sure your network
> device configuration is correct.
> (captiveportal::PacketFence::Controller::CaptivePortal::unknownState)
> Apr 13 07:48:48 httpd.portal(2260) INFO: [00:15:5d:0b:50:15]
> re-evaluating access (redir.cgi called)
> (pf::enforcement::reevaluate_access)
> Apr 13 07:48:48 httpd.portal(2260) WARN: Location Log
> (pf::enforcement::reevaluate_access)
> Apr 13 07:48:48 httpd.portal(2260) WARN: [00:15:5d:0b:50:15] Can't
> re-evaluate access because no open locationlog entry was found
> (pf::enforcement::reevaluate_access)
>
> Can you help me?
>
> --
> Dmitriy Ermakov.
>
>
> ------------------------------------------------------------------------------
> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
> Develop your own process in accordance with the BPMN 2 standard
> Learn Process modeling best practices with Bonita BPM through live exercises
> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual
> <http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual>- event?utm_
> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>
>
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@...
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
> <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
--
Fabrice Durand
fdurand@... :: +1.514.447.4918 (x135) :: http://www.inverse.ca
<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu
<http://www.sogo.nu>) and PacketFence (http://packetfence.org
<http://packetfence.org>) *
--
С уважением, Дмитрий Ермаков.
------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
