Hello Juan,
I showed and it empty.
*mysql> use pf;Database changedmysql> show procedure status;Empty set (0.00
sec)*
Now, i using PF v5.0.5 and i saw many procedures just after the radius
tables at docs in db's PF directory.
Would you please point me the exact command to insert them?
Thank a lot.
Regards,
On 29 April 2015 at 20:40, Juan Camilo Valencia <
[email protected]> wrote:
> Hi minh,
>
> Probably you are missing the storage procedures that radius needs for the
> accounting, login into your db and execute
> show procedures status;
>
> If does not appear any information you are missing that, probably because
> you made a backup of your info without the procedures next time use the
> modifiers --procedures in mysqldump command. To fix this open your sql
> schema for your pf version in db packetfence directory and look for the
> procedures just after the radius tables and start insert those ones
> manually.
>
> I hope that this can help you.
>
> Best regards
>
> El mar, abr 28, 2015 08:08, Minh Trung <[email protected]> escribió:
>
>> Hello Fabrice,
>>
>> I was successful in configured the vmware machine in tag the vlan as
>> above we discussed (it take long time to figure out [?]) and i also see
>> the portal on device which is plugged in the port testing.
>> But on radius log still show the error:
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> *Tue Apr 28 16:53:57 2015 : Auth: Login OK: [c80aa930b31f] (from client
>> 10.126.123.10 port 50001 cli C8-0A-A9-30-B3-1F)Tue Apr 28 16:53:58 2015 :
>> Auth: rlm_perl: Returning vlan 210 to request from c8:0a:a9:30:b3:1f port
>> 50001Tue Apr 28 16:53:58 2015 : Error: [sql] Couldn't insert SQL accounting
>> START record - PROCEDURE pf.acct_start does not existTue Apr 28 16:54:00
>> 2015 : Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE
>> pf.acct_stop does not existTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql:
>> Cannot store resultTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql: MySQL
>> error 'PROCEDURE pf.acct_stop does not exist'Tue Apr 28 16:54:05 2015 :
>> Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE
>> pf.acct_stop does not existTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql:
>> Cannot store resultTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql: MySQL
>> error 'PROCEDURE pf.acct_stop does not exist'*
>> Do i miss configured any on database?
>>
>> I have DHCP(windows OS) existed with DHCP range 10.126.123.x how to make
>> clients will retrieved DHCP from Windows OS after clients finished
>> register?
>> Should i need change all ports on switch L2 to default(Vlan1)?
>> Any help is appreciated,
>>
>> Thanks & regards,
>>
>>
>>
>> On 2 April 2015 at 00:46, Durand fabrice <[email protected]> wrote:
>>
>>> Hello Minh,
>>>
>>> you have to tag the vlan 210 and 220 on the switch port where
>>> packetfence has been plugged on the vswitch.
>>> I don't have the exact way to do it but it look like there is
>>> documentation on internet to do that.
>>>
>>> Regards
>>> Fabrice
>>>
>>>
>>>
>>> Le 2015-03-31 23:11, Minh Trung a écrit :
>>>
>>> Hello Fabrice,
>>>
>>> You are right, my VMware connected 4500 via gi7/6, here is the
>>> spaning-tree command:
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> *VLAN0210 Spanning tree enabled protocol ieee Root ID Priority
>>> 32978 Address 5475.d0c3.e100 This bridge is
>>> the root Hello Time 2 sec Max Age 20 sec Forward Delay 15
>>> sec Bridge ID Priority 32978 (priority 32768 sys-id-ext 210)
>>> Address 5475.d0c3.e100 Hello Time 2 sec
>>> Max Age 20 sec Forward Delay 15 sec Aging Time 300
>>> Interface Role Sts Cost Prio.Nbr Type -------------------
>>> ---- --- --------- -------- --------------------------------
>>> Gi2/4 Desg FWD 4 128.68 P2p Gi7/3
>>> Desg FWD 4 128.387 P2p Gi7/6 Desg FWD 4
>>> 128.390 P2p Po1 Desg FWD 3 128.641 P2p
>>> VLAN0220 Spanning tree enabled protocol ieee Root ID Priority
>>> 32988 Address 5475.d0c3.e100 This bridge is
>>> the root Hello Time 2 sec Max Age 20 sec Forward Delay 15
>>> sec Bridge ID Priority 32988 (priority 32768 sys-id-ext 220)
>>> Address 5475.d0c3.e100 Hello Time 2 sec
>>> Max Age 20 sec Forward Delay 15 sec Aging Time 300
>>> Interface Role Sts Cost Prio.Nbr Type -------------------
>>> ---- --- --------- -------- --------------------------------
>>> Gi2/4 Desg FWD 4 128.68 P2p Gi7/3
>>> Desg FWD 4 128.387 P2p Gi7/6 Desg FWD 4
>>> 128.390 P2p Po1 Desg FWD 3 128.641 P2p *
>>> Also, Vlan122 is native, new Vlan210,220 is created for PF.
>>> The picture will show where is the PF connection(Serverfarm_A is one of
>>> Vlan122.). Do i need reconfigure vmware? How it look like?
>>>
>>> Thanks and Best regards,
>>>
>>> On 31 March 2015 at 20:48, Durand fabrice <[email protected]> wrote:
>>>
>>>> Hello Minh,
>>>>
>>>> based on what i can see and suppose packetfence has been plugged on
>>>> Gi7/6 (vmware).
>>>> So check :
>>>> 'show spanning-tree' if vlan 210 and 220 are forwarded to gi7/6
>>>>
>>>> Where packetfence is connected on vmware ? is it connected to a trunk
>>>> port where the vlan 220 and 230 are allowed and the vlan 122 is the native
>>>> one ?
>>>>
>>>> Also HSRP is a layer 3 protocol and we talk about a layer 2 network.
>>>>
>>>> Check all these items and from the laptop connected on the vlan 210,
>>>> retry a ping, check the arp table.
>>>>
>>>>
>>>> Regards
>>>> Fabrice
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Le 2015-03-31 03:38, Minh Trung a écrit :
>>>>
>>>> Hello Fabrice,
>>>>
>>>> I changed reg and iso interface back to 10.126.210.1, 10.126.220.1 but
>>>> still no luck.
>>>>
>>>> As you comment could we call PF as a switch L2? Then after plug a
>>>> device to 4500 i am not able ping to 10.126.210.1 even from 4500 can not
>>>> ping 10.126.210.1 also.
>>>> Do i misconfiguration on vmware? But other vlan are still fine
>>>> excluded some new vlan for PF.
>>>> Here is the interface configured on 4500 to vmware:
>>>> *The first 4500:*
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> *interface GigabitEthernet7/4 description ### To KFVNVM02_NIC1 ###
>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>> full ! interface GigabitEthernet7/5 description ### To KFVNVM02_NIC3 ###
>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>> full ! interface GigabitEthernet7/6 description ### To KFVNVM02_NIC4 ###
>>>> switchport trunk allowed vlan 122,126,127,210,220,230 switchport mode
>>>> trunk speed 1000 duplex full *
>>>>
>>>> *The second 4500:( I has 2 switches 4500 and HSRP configured)*
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> *interface GigabitEthernet7/4 description ### To KFVNVM02_NIC2 ###
>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>> full ! interface GigabitEthernet7/5 description ### To KFVNVM02_NIC5 ###
>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>> full ! interface GigabitEthernet7/6 description ### To KFVNVM02_NIC6 ###
>>>> switchport trunk allowed vlan 122,126,127,210,220,230 switchport mode
>>>> trunk speed 1000 duplex full*
>>>>
>>>> Any help is appreciated,
>>>>
>>>> Best regards,
>>>>
>>>>
>>>>
>>>> On 30 March 2015 at 23:01, Durand fabrice <[email protected]> wrote:
>>>>
>>>>> Hi Minh,
>>>>>
>>>>> Keep in mind that reg and isol vlan are layer 2 networks, so you don't
>>>>> have to assign an ip address for these 2 vlan on the cisco config
>>>>> (packetfence is the only one who manage what happen on these 2 networks).
>>>>>
>>>>> So the the ip address of the reg interface is 10.126.210.1 (ifconfig)
>>>>> not 10.126.210.5 so change that in pf.conf and networks.conf and restart
>>>>> packetfence (same thing for isol).
>>>>>
>>>>> Now plug a device in a port on the 4500 configured like that:
>>>>>
>>>>> switchport mode access
>>>>> switch port access vlan 210
>>>>>
>>>>> with a device with a static ip :
>>>>> 10.126.210.33
>>>>>
>>>>> and try to ping 10.126.210.1.
>>>>>
>>>>> If this doesn't work then fix the vmware/cisco config to make it work
>>>>> (trunk, allowed vlan...).
>>>>>
>>>>> Regards
>>>>> Fabrice
>>>>>
>>>>>
>>>>> Le 2015-03-30 03:06, Minh Trung a écrit :
>>>>>
>>>>> Hello Fabrice,
>>>>>
>>>>> I already check trunk port but still problem as previously posted.
>>>>>
>>>>> My PF as below:
>>>>>
>>>>> PC ---+ --> Switch_L2(2960- Cisco) ---trunk--> Switch_L3(4500)
>>>>> ---trunk--->
>>>>> PF(VMware- ESX)
>>>>>
>>>>> Here is the config interface that L2 connected on Core switch:
>>>>>
>>>>> i
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> *nterface GigabitEthernet2/4 description ### Testing Network Security
>>>>> ### switchport trunk allowed vlan
>>>>> 110,123,124,127,128,135,210,220,230 switchport mode trunk*
>>>>> I has 2 core switches and configured HSRP so all Vlan will be take 3 ip
>>>>> addresses for HSRP eg:
>>>>> Vlan123: x.x.x.1, x.x.x.2, x.x.x..3 are assign for core switches, other
>>>>> Vlan will be same.
>>>>> So i changed 2 interface Vlan on PF as below:
>>>>> *networks.conf*
>>>>> [10.126.210.0]
>>>>> dns=10.126.210.5
>>>>> dhcp_start=10.126.210.10
>>>>> *gateway=10.126.210.5*
>>>>> domain-name=vlan-registration.global
>>>>> nat_enabled=disabled
>>>>> named=enabled
>>>>> dhcp_max_lease_time=30
>>>>> fake_mac_enabled=disabled
>>>>> dhcpd=enabled
>>>>> dhcp_end=10.126.210.246
>>>>> type=vlan-registration
>>>>> netmask=255.255.255.0
>>>>> dhcp_default_lease_time=30
>>>>>
>>>>> [10.126.220.0]
>>>>> dns=10.126.220.5
>>>>> dhcp_start=10.126.220.10
>>>>> *gateway=10.126.220.5*
>>>>> domain-name=vlan-isolation.global
>>>>> nat_enabled=disabled
>>>>> named=enabled
>>>>> dhcp_max_lease_time=30
>>>>> fake_mac_enabled=disabled
>>>>> dhcpd=enabled
>>>>> dhcp_end=10.126.220.246
>>>>> type=vlan-isolation
>>>>> netmask=255.255.255.0
>>>>> dhcp_default_lease_time=30
>>>>>
>>>>> But still no luck
>>>>>
>>>>> Do i misconfiguration of any parts?
>>>>>
>>>>> Any help is appreciated,
>>>>>
>>>>> Regards,
>>>>>
>>>>> On 28 March 2015 at 23:17, Durand fabrice <[email protected]>
>>>>> <[email protected]> wrote:
>>>>>
>>>>>
>>>>> Hello Minh,
>>>>>
>>>>> has you probably notice there is no RX traffic on eth0.210 and eth0.220
>>>>> and eth0.230 so it's probably a switch configuration issue.
>>>>>
>>>>> Check on the switch port where packetfence's eth0 has been plugged that
>>>>> 'switch port mode trunk' (cisco syntax) has been configured and check in
>>>>> all uplink port that the vlan 210 and 220 are allowed.
>>>>>
>>>>> Regards
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>> sponsored
>>>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>>>> for all
>>>>> things parallel software development, from weekly thought leadership
>>>>> blogs to
>>>>> news, videos, case studies, tutorials and more. Take a look and join the
>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> PacketFence-users mailing
>>>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>> sponsored
>>>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>>>> for all
>>>>> things parallel software development, from weekly thought leadership
>>>>> blogs to
>>>>> news, videos, case studies, tutorials and more. Take a look and join
>>>>> the
>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>> _______________________________________________
>>>>> PacketFence-users mailing list
>>>>> [email protected]
>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>
>>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>> sponsored
>>>> by Intel and developed in partnership with Slashdot Media, is your hub for
>>>> all
>>>> things parallel software development, from weekly thought leadership blogs
>>>> to
>>>> news, videos, case studies, tutorials and more. Take a look and join the
>>>> conversation now. http://goparallel.sourceforge.net/
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> PacketFence-users mailing
>>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>> sponsored
>>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>>> for all
>>>> things parallel software development, from weekly thought leadership
>>>> blogs to
>>>> news, videos, case studies, tutorials and more. Take a look and join the
>>>> conversation now. http://goparallel.sourceforge.net/
>>>> _______________________________________________
>>>> PacketFence-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>
>>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>> sponsored
>>> by Intel and developed in partnership with Slashdot Media, is your hub for
>>> all
>>> things parallel software development, from weekly thought leadership blogs
>>> to
>>> news, videos, case studies, tutorials and more. Take a look and join the
>>> conversation now. http://goparallel.sourceforge.net/
>>>
>>>
>>>
>>> _______________________________________________
>>> PacketFence-users mailing
>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>> sponsored
>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>> for all
>>> things parallel software development, from weekly thought leadership
>>> blogs to
>>> news, videos, case studies, tutorials and more. Take a look and join the
>>> conversation now. http://goparallel.sourceforge.net/
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>
>> ------------------------------------------------------------------------------
>> One dashboard for servers and applications across Physical-Virtual-Cloud
>> Widest out-of-the-box monitoring support with 50+ applications
>> Performance metrics, stats and reports that give you Actionable Insights
>> Deep dive visibility with transaction tracing using APM Insight.
>> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
>> _______________________________________________
>> PacketFence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
>
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
