Hello,
I am still not able to resolved this issue:
> Mon May 25 15:33:20 2015 : Error: [sql] Couldn't update SQL accounting
> STOP record - PROCEDURE pf.acct_stop does not exist
> Mon May 25 15:33:20 2015 : Error: rlm_sql_mysql: Cannot store result
> Mon May 25 15:33:20 2015 : Error: rlm_sql_mysql: MySQL error 'PROCEDURE
> pf.acct_stop does not exist'
>
> Although, the client can access the portal and authorize successful.
Do i am wrong any file configured?
Any help is appreciated,
On 6 May 2015 at 22:11, Juan Camilo Valencia <[email protected]
> wrote:
> Hi Minh,
>
> I don´t have the excatly procedure write it, however is very simple.
>
> 1. Open up in a text editor, nedit is my preference, the schema of the
> database that match your version of pf.
> 2. At the same time connect to pf database, "mysql -u pf -p pf".
> 3. Search in the schema for the keyword "procedure", the first match is in
> a comment that says "-- Adding RADIUS Updates Stored Procedure".
> 4. Copy and paste in the mysql command the entire code that start with "
> DROP..." until says "DELIMITER ; ..."
> 5. Yo need to do this as many times as procedures you find in the schema,
> I tried to cp and paste all at once and for some reason failed, so do it
> step by step with each procedure.
>
> I hope that this help you,
>
> Best Regards,
>
> On Tue, May 5, 2015 at 10:14 PM, Minh Trung <[email protected]> wrote:
>
>> Hello Juan,
>>
>> I showed and it empty.
>>
>>
>>
>>
>>
>>
>> *mysql> use pf;Database changedmysql> show procedure status;Empty set
>> (0.00 sec)*
>> Now, i using PF v5.0.5 and i saw many procedures just after the radius
>> tables at docs in db's PF directory.
>>
>> Would you please point me the exact command to insert them?
>>
>> Thank a lot.
>>
>> Regards,
>>
>>
>> On 29 April 2015 at 20:40, Juan Camilo Valencia <
>> [email protected]> wrote:
>>
>>> Hi minh,
>>>
>>> Probably you are missing the storage procedures that radius needs for
>>> the accounting, login into your db and execute
>>> show procedures status;
>>>
>>> If does not appear any information you are missing that, probably
>>> because you made a backup of your info without the procedures next time use
>>> the modifiers --procedures in mysqldump command. To fix this open your sql
>>> schema for your pf version in db packetfence directory and look for the
>>> procedures just after the radius tables and start insert those ones
>>> manually.
>>>
>>> I hope that this can help you.
>>>
>>> Best regards
>>>
>>> El mar, abr 28, 2015 08:08, Minh Trung <[email protected]> escribió:
>>>
>>>> Hello Fabrice,
>>>>
>>>> I was successful in configured the vmware machine in tag the vlan as
>>>> above we discussed (it take long time to figure out [?]) and i also
>>>> see the portal on device which is plugged in the port testing.
>>>> But on radius log still show the error:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> *Tue Apr 28 16:53:57 2015 : Auth: Login OK: [c80aa930b31f] (from client
>>>> 10.126.123.10 port 50001 cli C8-0A-A9-30-B3-1F)Tue Apr 28 16:53:58 2015 :
>>>> Auth: rlm_perl: Returning vlan 210 to request from c8:0a:a9:30:b3:1f port
>>>> 50001Tue Apr 28 16:53:58 2015 : Error: [sql] Couldn't insert SQL accounting
>>>> START record - PROCEDURE pf.acct_start does not existTue Apr 28 16:54:00
>>>> 2015 : Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE
>>>> pf.acct_stop does not existTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql:
>>>> Cannot store resultTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql: MySQL
>>>> error 'PROCEDURE pf.acct_stop does not exist'Tue Apr 28 16:54:05 2015 :
>>>> Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE
>>>> pf.acct_stop does not existTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql:
>>>> Cannot store resultTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql: MySQL
>>>> error 'PROCEDURE pf.acct_stop does not exist'*
>>>> Do i miss configured any on database?
>>>>
>>>> I have DHCP(windows OS) existed with DHCP range 10.126.123.x how to
>>>> make clients will retrieved DHCP from Windows OS after clients finished
>>>> register?
>>>> Should i need change all ports on switch L2 to default(Vlan1)?
>>>> Any help is appreciated,
>>>>
>>>> Thanks & regards,
>>>>
>>>>
>>>>
>>>> On 2 April 2015 at 00:46, Durand fabrice <[email protected]> wrote:
>>>>
>>>>> Hello Minh,
>>>>>
>>>>> you have to tag the vlan 210 and 220 on the switch port where
>>>>> packetfence has been plugged on the vswitch.
>>>>> I don't have the exact way to do it but it look like there is
>>>>> documentation on internet to do that.
>>>>>
>>>>> Regards
>>>>> Fabrice
>>>>>
>>>>>
>>>>>
>>>>> Le 2015-03-31 23:11, Minh Trung a écrit :
>>>>>
>>>>> Hello Fabrice,
>>>>>
>>>>> You are right, my VMware connected 4500 via gi7/6, here is the
>>>>> spaning-tree command:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> *VLAN0210 Spanning tree enabled protocol ieee Root ID
>>>>> Priority 32978 Address 5475.d0c3.e100
>>>>> This
>>>>> bridge is the root Hello Time 2 sec Max Age 20 sec
>>>>> Forward
>>>>> Delay 15 sec Bridge ID Priority 32978 (priority 32768 sys-id-ext
>>>>> 210) Address 5475.d0c3.e100 Hello Time 2
>>>>> sec Max Age 20 sec Forward Delay 15 sec Aging Time 300
>>>>> Interface Role Sts Cost Prio.Nbr Type -------------------
>>>>> ---- --- --------- -------- --------------------------------
>>>>> Gi2/4 Desg FWD 4 128.68 P2p Gi7/3
>>>>> Desg FWD 4 128.387 P2p Gi7/6 Desg FWD 4
>>>>> 128.390 P2p Po1 Desg FWD 3 128.641 P2p
>>>>> VLAN0220 Spanning tree enabled protocol ieee Root ID Priority
>>>>> 32988 Address 5475.d0c3.e100 This bridge is
>>>>> the root Hello Time 2 sec Max Age 20 sec Forward Delay 15
>>>>> sec Bridge ID Priority 32988 (priority 32768 sys-id-ext 220)
>>>>> Address 5475.d0c3.e100 Hello Time 2 sec
>>>>> Max Age 20 sec Forward Delay 15 sec Aging Time 300
>>>>> Interface Role Sts Cost Prio.Nbr Type -------------------
>>>>> ---- --- --------- -------- --------------------------------
>>>>> Gi2/4 Desg FWD 4 128.68 P2p Gi7/3
>>>>> Desg FWD 4 128.387 P2p Gi7/6 Desg FWD 4
>>>>> 128.390 P2p Po1 Desg FWD 3 128.641 P2p *
>>>>> Also, Vlan122 is native, new Vlan210,220 is created for PF.
>>>>> The picture will show where is the PF connection(Serverfarm_A is one
>>>>> of Vlan122.). Do i need reconfigure vmware? How it look like?
>>>>>
>>>>> Thanks and Best regards,
>>>>>
>>>>> On 31 March 2015 at 20:48, Durand fabrice <[email protected]> wrote:
>>>>>
>>>>>> Hello Minh,
>>>>>>
>>>>>> based on what i can see and suppose packetfence has been plugged on
>>>>>> Gi7/6 (vmware).
>>>>>> So check :
>>>>>> 'show spanning-tree' if vlan 210 and 220 are forwarded to gi7/6
>>>>>>
>>>>>> Where packetfence is connected on vmware ? is it connected to a trunk
>>>>>> port where the vlan 220 and 230 are allowed and the vlan 122 is the
>>>>>> native
>>>>>> one ?
>>>>>>
>>>>>> Also HSRP is a layer 3 protocol and we talk about a layer 2 network.
>>>>>>
>>>>>> Check all these items and from the laptop connected on the vlan 210,
>>>>>> retry a ping, check the arp table.
>>>>>>
>>>>>>
>>>>>> Regards
>>>>>> Fabrice
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Le 2015-03-31 03:38, Minh Trung a écrit :
>>>>>>
>>>>>> Hello Fabrice,
>>>>>>
>>>>>> I changed reg and iso interface back to 10.126.210.1, 10.126.220.1
>>>>>> but still no luck.
>>>>>>
>>>>>> As you comment could we call PF as a switch L2? Then after plug a
>>>>>> device to 4500 i am not able ping to 10.126.210.1 even from 4500 can not
>>>>>> ping 10.126.210.1 also.
>>>>>> Do i misconfiguration on vmware? But other vlan are still fine
>>>>>> excluded some new vlan for PF.
>>>>>> Here is the interface configured on 4500 to vmware:
>>>>>> *The first 4500:*
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> *interface GigabitEthernet7/4 description ### To KFVNVM02_NIC1 ###
>>>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>>>> full ! interface GigabitEthernet7/5 description ### To KFVNVM02_NIC3 ###
>>>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>>>> full ! interface GigabitEthernet7/6 description ### To KFVNVM02_NIC4 ###
>>>>>> switchport trunk allowed vlan 122,126,127,210,220,230 switchport mode
>>>>>> trunk speed 1000 duplex full *
>>>>>>
>>>>>> *The second 4500:( I has 2 switches 4500 and HSRP configured)*
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> *interface GigabitEthernet7/4 description ### To KFVNVM02_NIC2 ###
>>>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>>>> full ! interface GigabitEthernet7/5 description ### To KFVNVM02_NIC5 ###
>>>>>> switchport access vlan 122 switchport mode access speed 1000 duplex
>>>>>> full ! interface GigabitEthernet7/6 description ### To KFVNVM02_NIC6 ###
>>>>>> switchport trunk allowed vlan 122,126,127,210,220,230 switchport mode
>>>>>> trunk speed 1000 duplex full*
>>>>>>
>>>>>> Any help is appreciated,
>>>>>>
>>>>>> Best regards,
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 30 March 2015 at 23:01, Durand fabrice <[email protected]> wrote:
>>>>>>
>>>>>>> Hi Minh,
>>>>>>>
>>>>>>> Keep in mind that reg and isol vlan are layer 2 networks, so you
>>>>>>> don't have to assign an ip address for these 2 vlan on the cisco config
>>>>>>> (packetfence is the only one who manage what happen on these 2
>>>>>>> networks).
>>>>>>>
>>>>>>> So the the ip address of the reg interface is 10.126.210.1
>>>>>>> (ifconfig) not 10.126.210.5 so change that in pf.conf and networks.conf
>>>>>>> and
>>>>>>> restart packetfence (same thing for isol).
>>>>>>>
>>>>>>> Now plug a device in a port on the 4500 configured like that:
>>>>>>>
>>>>>>> switchport mode access
>>>>>>> switch port access vlan 210
>>>>>>>
>>>>>>> with a device with a static ip :
>>>>>>> 10.126.210.33
>>>>>>>
>>>>>>> and try to ping 10.126.210.1.
>>>>>>>
>>>>>>> If this doesn't work then fix the vmware/cisco config to make it
>>>>>>> work (trunk, allowed vlan...).
>>>>>>>
>>>>>>> Regards
>>>>>>> Fabrice
>>>>>>>
>>>>>>>
>>>>>>> Le 2015-03-30 03:06, Minh Trung a écrit :
>>>>>>>
>>>>>>> Hello Fabrice,
>>>>>>>
>>>>>>> I already check trunk port but still problem as previously posted.
>>>>>>>
>>>>>>> My PF as below:
>>>>>>>
>>>>>>> PC ---+ --> Switch_L2(2960- Cisco) ---trunk--> Switch_L3(4500)
>>>>>>> ---trunk--->
>>>>>>> PF(VMware- ESX)
>>>>>>>
>>>>>>> Here is the config interface that L2 connected on Core switch:
>>>>>>>
>>>>>>> i
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *nterface GigabitEthernet2/4 description ### Testing Network Security
>>>>>>> ### switchport trunk allowed vlan
>>>>>>> 110,123,124,127,128,135,210,220,230 switchport mode trunk*
>>>>>>> I has 2 core switches and configured HSRP so all Vlan will be take 3 ip
>>>>>>> addresses for HSRP eg:
>>>>>>> Vlan123: x.x.x.1, x.x.x.2, x.x.x..3 are assign for core switches, other
>>>>>>> Vlan will be same.
>>>>>>> So i changed 2 interface Vlan on PF as below:
>>>>>>> *networks.conf*
>>>>>>> [10.126.210.0]
>>>>>>> dns=10.126.210.5
>>>>>>> dhcp_start=10.126.210.10
>>>>>>> *gateway=10.126.210.5*
>>>>>>> domain-name=vlan-registration.global
>>>>>>> nat_enabled=disabled
>>>>>>> named=enabled
>>>>>>> dhcp_max_lease_time=30
>>>>>>> fake_mac_enabled=disabled
>>>>>>> dhcpd=enabled
>>>>>>> dhcp_end=10.126.210.246
>>>>>>> type=vlan-registration
>>>>>>> netmask=255.255.255.0
>>>>>>> dhcp_default_lease_time=30
>>>>>>>
>>>>>>> [10.126.220.0]
>>>>>>> dns=10.126.220.5
>>>>>>> dhcp_start=10.126.220.10
>>>>>>> *gateway=10.126.220.5*
>>>>>>> domain-name=vlan-isolation.global
>>>>>>> nat_enabled=disabled
>>>>>>> named=enabled
>>>>>>> dhcp_max_lease_time=30
>>>>>>> fake_mac_enabled=disabled
>>>>>>> dhcpd=enabled
>>>>>>> dhcp_end=10.126.220.246
>>>>>>> type=vlan-isolation
>>>>>>> netmask=255.255.255.0
>>>>>>> dhcp_default_lease_time=30
>>>>>>>
>>>>>>> But still no luck
>>>>>>>
>>>>>>> Do i misconfiguration of any parts?
>>>>>>>
>>>>>>> Any help is appreciated,
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> On 28 March 2015 at 23:17, Durand fabrice <[email protected]>
>>>>>>> <[email protected]> wrote:
>>>>>>>
>>>>>>>
>>>>>>> Hello Minh,
>>>>>>>
>>>>>>> has you probably notice there is no RX traffic on eth0.210 and eth0.220
>>>>>>> and eth0.230 so it's probably a switch configuration issue.
>>>>>>>
>>>>>>> Check on the switch port where packetfence's eth0 has been plugged that
>>>>>>> 'switch port mode trunk' (cisco syntax) has been configured and check in
>>>>>>> all uplink port that the vlan 210 and 220 are allowed.
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>>>> sponsored
>>>>>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>>>>>> for all
>>>>>>> things parallel software development, from weekly thought leadership
>>>>>>> blogs to
>>>>>>> news, videos, case studies, tutorials and more. Take a look and join the
>>>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> PacketFence-users mailing
>>>>>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ------------------------------------------------------------------------------
>>>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>>>> sponsored
>>>>>>> by Intel and developed in partnership with Slashdot Media, is your
>>>>>>> hub for all
>>>>>>> things parallel software development, from weekly thought leadership
>>>>>>> blogs to
>>>>>>> news, videos, case studies, tutorials and more. Take a look and join
>>>>>>> the
>>>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>>>> _______________________________________________
>>>>>>> PacketFence-users mailing list
>>>>>>> [email protected]
>>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>>> sponsored
>>>>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>>>>> for all
>>>>>> things parallel software development, from weekly thought leadership
>>>>>> blogs to
>>>>>> news, videos, case studies, tutorials and more. Take a look and join the
>>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> PacketFence-users mailing
>>>>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>>> sponsored
>>>>>> by Intel and developed in partnership with Slashdot Media, is your
>>>>>> hub for all
>>>>>> things parallel software development, from weekly thought leadership
>>>>>> blogs to
>>>>>> news, videos, case studies, tutorials and more. Take a look and join
>>>>>> the
>>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>>> _______________________________________________
>>>>>> PacketFence-users mailing list
>>>>>> [email protected]
>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>> sponsored
>>>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>>>> for all
>>>>> things parallel software development, from weekly thought leadership
>>>>> blogs to
>>>>> news, videos, case studies, tutorials and more. Take a look and join the
>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> PacketFence-users mailing
>>>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Dive into the World of Parallel Programming The Go Parallel Website,
>>>>> sponsored
>>>>> by Intel and developed in partnership with Slashdot Media, is your hub
>>>>> for all
>>>>> things parallel software development, from weekly thought leadership
>>>>> blogs to
>>>>> news, videos, case studies, tutorials and more. Take a look and join
>>>>> the
>>>>> conversation now. http://goparallel.sourceforge.net/
>>>>> _______________________________________________
>>>>> PacketFence-users mailing list
>>>>> [email protected]
>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>>
>>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> One dashboard for servers and applications across Physical-Virtual-Cloud
>>>> Widest out-of-the-box monitoring support with 50+ applications
>>>> Performance metrics, stats and reports that give you Actionable Insights
>>>> Deep dive visibility with transaction tracing using APM Insight.
>>>> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
>>>> _______________________________________________
>>>> PacketFence-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> One dashboard for servers and applications across Physical-Virtual-Cloud
>>> Widest out-of-the-box monitoring support with 50+ applications
>>> Performance metrics, stats and reports that give you Actionable Insights
>>> Deep dive visibility with transaction tracing using APM Insight.
>>> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>
>
>
> --
>
> *“Choose a job you love, and you will never have to work a day in your
> life”*
>
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
