It look like you are trying 802.1x and portsec Just configure 802.1x on the switch port.
Regards Fabrice Le 2015-04-21 09:29, Nicolas Gailly a écrit : > Change : > In fact 802.1x DOES NOT work. Client with 802.1x try to authenticate, > radius respond with ACCEPT, PF set it in the registration VLAN (that's > OK), and that's all. The DHCP does not work it, there is no knowledge > of the connectivity accepted from the client. > The log is here. But NOTE that these errors does not appear every > time, I'm testing now and the error doesn't show up anymore (but the > bug is still there :D). > > Apr 21 15:01:16 httpd.aaa(18224) INFO: [00:24:e8:df:b5:84] handling > radius autz request: from switch_ip => (10.0.10.1), connection_type => > Ethernet-EAP,switch_mac => (14:58:d0:a7:9a:40), mac => > [00:24:e8:df:b5:84], port => 17, username => "adminradius" > (pf::radius::authorize) > Apr 21 15:01:16 httpd.aaa(18224) INFO: [00:24:e8:df:b5:84] is of > status unreg; belongs into registration VLAN > (pf::vlan::getRegistrationVlan) > Apr 21 15:01:16 httpd.aaa(18224) INFO: [00:24:e8:df:b5:84] (10.0.10.1) > Returning ACCEPT with VLAN 20 and role > (pf::Switch::returnRadiusAccessAccept) > Apr 21 15:03:47 pfsetvlan(7) ERROR: Thread 7 terminated abnormally: > has '+max_key_length' given but no max_key_length attribute already > exists at /usr/share/perl5/Method/Generate/Constructor.pm line 15. > Compilation failed in require at /usr/share/perl5/Module/Runtime.pm > line 317. > (main::) > > > 2015-04-21 9:28 GMT+02:00 Nicolas Gailly <[email protected] > <mailto:[email protected]>>: > > If you need additional informations, do not hesitate. Or should I > report this as a bug ? If I'm the only one, it may have been a > misconfiguration from my part... > Anyway I switched to 802.1x + MAC auth, and it works flawlessly =) > > Thanks. > > 2015-04-21 0:05 GMT+02:00 Nicolas Gailly <[email protected] > <mailto:[email protected]>>: > > Debían 7.8 wheezy > > Nicolas Gailly > > On 20 Apr 2015 21:45, "James Rouzier" <[email protected] > <mailto:[email protected]>> wrote: > > Nicolas what version of Linux are you running? > > James Rouzier > [email protected] <mailto:[email protected]> :: > +1.514.755.3630 <tel:%2B1.514.755.3630> :: http://www.inverse.ca > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and > PacketFence (http://www.packetfence.org) > > On 2015-04-20 12:19 PM, Nicolas Gailly wrote: >> For more info : >> pfcmd_vlan works fine, it can get / set vlan on switch >> port without any problems. >> So the problems comes from packetfence, when he must >> handle SNMP traps and when he must set a new vlan. I've >> tried to manually set the vlan to the registration, then >> I register with a good username/password. >> Then my vlan should be set to the normal one, but it >> isn't, it just throws the same error again... :/ >> >> 2015-04-20 18:11 GMT+02:00 Nicolas Gailly >> <[email protected] <mailto:[email protected]>>: >> >> Hello, >> >> I'm trying to set up PacketFence 5.0 with HP 2920 switch. >> Right now, I want to see if basic setup (snmp traps) >> works. >> After a few head-hit-the-wall, I finally get the >> switch sending traps to PacketFence but the traps are >> not being handled. Here is the error : >> Apr 20 18:05:02 pfsetvlan(6) ERROR: Thread 6 >> terminated abnormally: has '+max_key_length' given >> but no max_key_length attribute already exists at >> /usr/share/perl5/Method/Generate/Constructor.pm line 15. >> Compilation failed in require at >> /usr/share/perl5/Module/Runtime.pm line 317. >> (main::) >> Apr 20 18:05:06 pfsetvlan(7) ERROR: Thread 7 >> terminated abnormally: has '+max_key_length' given >> but no max_key_length attribute already exists at >> /usr/share/perl5/Method/Generate/Constructor.pm line 15. >> Compilation failed in require at >> /usr/share/perl5/Module/Runtime.pm line 317. >> (main::) >> >> This error happens WHEN i plug a device into the >> switch, so that's why I know traps are working. >> Any ideas ? The error does not even relate to a >> packetfence tool ... :/ >> >> Thanks >> >> >> >> >> >> ------------------------------------------------------------------------------ >> BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT >> Develop your own process in accordance with the BPMN 2 standard >> Learn Process modeling best practices with Bonita BPM through >> live exercises >> http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- >> event?utm_ >> >> source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> <mailto:[email protected]> >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 > standard > Learn Process modeling best practices with Bonita BPM > through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- > event?utm_ > > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > _______________________________________________ > PacketFence-users mailing list > [email protected] > <mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > > > ------------------------------------------------------------------------------ > BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT > Develop your own process in accordance with the BPMN 2 standard > Learn Process modeling best practices with Bonita BPM through live exercises > http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ > source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
0xF78F957E.asc
Description: application/pgp-keys
------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
