Change :
In fact 802.1x DOES NOT work. Client with 802.1x try to authenticate,
radius respond with ACCEPT, PF set it in the registration VLAN (that's OK),
and that's all. The DHCP does not work it, there is no knowledge of the
connectivity accepted from the client.
The log is here. But NOTE that these errors does not appear every time, I'm
testing now and the error doesn't show up anymore (but the bug is still
there :D).
Apr 21 15:01:16 httpd.aaa(18224) INFO: [00:24:e8:df:b5:84] handling radius
autz request: from switch_ip => (10.0.10.1), connection_type =>
Ethernet-EAP,switch_mac => (14:58:d0:a7:9a:40), mac => [00:24:e8:df:b5:84],
port => 17, username => "adminradius" (pf::radius::authorize)
Apr 21 15:01:16 httpd.aaa(18224) INFO: [00:24:e8:df:b5:84] is of status
unreg; belongs into registration VLAN (pf::vlan::getRegistrationVlan)
Apr 21 15:01:16 httpd.aaa(18224) INFO: [00:24:e8:df:b5:84] (10.0.10.1)
Returning ACCEPT with VLAN 20 and role
(pf::Switch::returnRadiusAccessAccept)
Apr 21 15:03:47 pfsetvlan(7) ERROR: Thread 7 terminated abnormally: has
'+max_key_length' given but no max_key_length attribute already exists at
/usr/share/perl5/Method/Generate/Constructor.pm line 15.
Compilation failed in require at /usr/share/perl5/Module/Runtime.pm line
317.
(main::)
2015-04-21 9:28 GMT+02:00 Nicolas Gailly <[email protected]>:
> If you need additional informations, do not hesitate. Or should I report
> this as a bug ? If I'm the only one, it may have been a misconfiguration
> from my part...
> Anyway I switched to 802.1x + MAC auth, and it works flawlessly =)
>
> Thanks.
>
> 2015-04-21 0:05 GMT+02:00 Nicolas Gailly <[email protected]>:
>
>> DebĂan 7.8 wheezy
>>
>> Nicolas Gailly
>> On 20 Apr 2015 21:45, "James Rouzier" <[email protected]> wrote:
>>
>>> Nicolas what version of Linux are you running?
>>>
>>> James [email protected] :: +1.514.755.3630 ::
>>> http://www.inverse.ca
>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
>>> (http://www.packetfence.org)
>>>
>>> On 2015-04-20 12:19 PM, Nicolas Gailly wrote:
>>>
>>> For more info :
>>> pfcmd_vlan works fine, it can get / set vlan on switch port without any
>>> problems.
>>> So the problems comes from packetfence, when he must handle SNMP traps
>>> and when he must set a new vlan. I've tried to manually set the vlan to the
>>> registration, then I register with a good username/password.
>>> Then my vlan should be set to the normal one, but it isn't, it just
>>> throws the same error again... :/
>>>
>>> 2015-04-20 18:11 GMT+02:00 Nicolas Gailly <[email protected]>:
>>>
>>>> Hello,
>>>>
>>>> I'm trying to set up PacketFence 5.0 with HP 2920 switch.
>>>> Right now, I want to see if basic setup (snmp traps) works.
>>>> After a few head-hit-the-wall, I finally get the switch sending traps
>>>> to PacketFence but the traps are not being handled. Here is the error :
>>>> Apr 20 18:05:02 pfsetvlan(6) ERROR: Thread 6 terminated abnormally: has
>>>> '+max_key_length' given but no max_key_length attribute already exists at
>>>> /usr/share/perl5/Method/Generate/Constructor.pm line 15.
>>>> Compilation failed in require at /usr/share/perl5/Module/Runtime.pm
>>>> line 317.
>>>> (main::)
>>>> Apr 20 18:05:06 pfsetvlan(7) ERROR: Thread 7 terminated abnormally: has
>>>> '+max_key_length' given but no max_key_length attribute already exists at
>>>> /usr/share/perl5/Method/Generate/Constructor.pm line 15.
>>>> Compilation failed in require at /usr/share/perl5/Module/Runtime.pm
>>>> line 317.
>>>> (main::)
>>>>
>>>> This error happens WHEN i plug a device into the switch, so that's why
>>>> I know traps are working.
>>>> Any ideas ? The error does not even relate to a packetfence tool ...
>>>> :/
>>>>
>>>> Thanks
>>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>>> Develop your own process in accordance with the BPMN 2 standard
>>> Learn Process modeling best practices with Bonita BPM through live
>>> exerciseshttp://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>>> event?utm_
>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>>>
>>>
>>>
>>> _______________________________________________
>>> PacketFence-users mailing
>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
>>> Develop your own process in accordance with the BPMN 2 standard
>>> Learn Process modeling best practices with Bonita BPM through live
>>> exercises
>>> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual-
>>> event?utm_
>>> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>
------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
