Hello,
I am still not able to resolved this issue:
Mon May 25 15:33:20 2015 : Error: [sql] Couldn't update SQL
accounting STOP record - PROCEDURE pf.acct_stop does not exist
Mon May 25 15:33:20 2015 : Error: rlm_sql_mysql: Cannot store result
Mon May 25 15:33:20 2015 : Error: rlm_sql_mysql: MySQL error
'PROCEDURE pf.acct_stop does not exist'
Although, the client can access the portal and authorize successful.
Do i am wrong any file configured?
Any help is appreciated,
On 6 May 2015 at 22:11, Juan Camilo Valencia
<[email protected]
<mailto:[email protected]>> wrote:
Hi Minh,
I don´t have the excatly procedure write it, however is very simple.
1. Open up in a text editor, nedit is my preference, the schema of
the database that match your version of pf.
2. At the same time connect to pf database, "mysql -u pf -p pf".
3. Search in the schema for the keyword "procedure", the first
match is in a comment that says "-- Adding RADIUS Updates Stored
Procedure".
4. Copy and paste in the mysql command the entire code that start
with " DROP..." until says "DELIMITER ; ..."
5. Yo need to do this as many times as procedures you find in the
schema, I tried to cp and paste all at once and for some reason
failed, so do it step by step with each procedure.
I hope that this help you,
Best Regards,
On Tue, May 5, 2015 at 10:14 PM, Minh Trung <[email protected]
<mailto:[email protected]>> wrote:
Hello Juan,
I showed and it empty.
/mysql> use pf;
Database changed
mysql> show procedure status;
Empty set (0.00 sec)
/
Now, i using PF v5.0.5 and i saw many procedures just after
the radius tables at docs in db's PF directory.
Would you please point me the exact command to insert them?
Thank a lot.
Regards,
On 29 April 2015 at 20:40, Juan Camilo Valencia
<[email protected]
<mailto:[email protected]>> wrote:
Hi minh,
Probably you are missing the storage procedures that
radius needs for the accounting, login into your db and
execute
show procedures status;
If does not appear any information you are missing that,
probably because you made a backup of your info without
the procedures next time use the modifiers --procedures in
mysqldump command. To fix this open your sql schema for
your pf version in db packetfence directory and look for
the procedures just after the radius tables and start
insert those ones manually.
I hope that this can help you.
Best regards
El mar, abr 28, 2015 08:08, Minh Trung
<[email protected] <mailto:[email protected]>> escribió:
Hello Fabrice,
I was successful in configured the vmware machine in
tag the vlan as above we discussed (it take long time
to figure out ) and i also see the portal on device
which is plugged in the port testing.
But on radius log still show the error:
/Tue Apr 28 16:53:57 2015 : Auth: Login OK:
[c80aa930b31f] (from client 10.126.123.10 port 50001
cli C8-0A-A9-30-B3-1F)
Tue Apr 28 16:53:58 2015 : Auth: rlm_perl: Returning
vlan 210 to request from c8:0a:a9:30:b3:1f port 50001
Tue Apr 28 16:53:58 2015 : Error: [sql] Couldn't
insert SQL accounting START record - PROCEDURE
pf.acct_start does not exist
Tue Apr 28 16:54:00 2015 : Error: [sql] Couldn't
update SQL accounting STOP record - PROCEDURE
pf.acct_stop does not exist
Tue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql:
Cannot store result
Tue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql: MySQL
error 'PROCEDURE pf.acct_stop does not exist'
Tue Apr 28 16:54:05 2015 : Error: [sql] Couldn't
update SQL accounting STOP record - PROCEDURE
pf.acct_stop does not exist
Tue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql:
Cannot store result
Tue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql: MySQL
error 'PROCEDURE pf.acct_stop does not exist'
/
Do i miss configured any on database?
I have DHCP(windows OS) existed with DHCP range
10.126.123.x how to make clients will retrieved DHCP
from Windows OS after clients finished register?
Should i need change all ports on switch L2 to
default(Vlan1)?
Any help is appreciated,
Thanks & regards,
On 2 April 2015 at 00:46, Durand fabrice
<[email protected] <mailto:[email protected]>> wrote:
Hello Minh,
you have to tag the vlan 210 and 220 on the switch
port where packetfence has been plugged on the
vswitch.
I don't have the exact way to do it but it look
like there is documentation on internet to do that.
Regards
Fabrice
Le 2015-03-31 23:11, Minh Trung a écrit :
Hello Fabrice,
You are right, my VMware connected 4500 via
gi7/6, here is the spaning-tree command:
/VLAN0210
Spanning tree enabled protocol ieee
Root ID Priority 32978
Address 5475.d0c3.e100
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay
15 sec
Bridge ID Priority 32978 (priority 32768
sys-id-ext 210)
Address 5475.d0c3.e100
Hello Time 2 sec Max Age 20 sec Forward Delay
15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- --------
--------------------------------
Gi2/4 Desg FWD 4 128.68 P2p
Gi7/3 Desg FWD 4 128.387 P2p
Gi7/6 Desg FWD 4 128.390 P2p
Po1 Desg FWD 3 128.641 P2p
VLAN0220
Spanning tree enabled protocol ieee
Root ID Priority 32988
Address 5475.d0c3.e100
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay
15 sec
Bridge ID Priority 32988 (priority 32768
sys-id-ext 220)
Address 5475.d0c3.e100
Hello Time 2 sec Max Age 20 sec Forward Delay
15 sec
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- --------
--------------------------------
Gi2/4 Desg FWD 4 128.68 P2p
Gi7/3 Desg FWD 4 128.387 P2p
Gi7/6 Desg FWD 4 128.390 P2p
Po1 Desg FWD 3 128.641 P2p
/
Also, Vlan122 is native, new Vlan210,220 is
created for PF.
The picture will show where is the PF
connection(Serverfarm_A is one of Vlan122.). Do i
need reconfigure vmware? How it look like?
Thanks and Best regards,
On 31 March 2015 at 20:48, Durand fabrice
<[email protected] <mailto:[email protected]>>
wrote:
Hello Minh,
based on what i can see and suppose
packetfence has been plugged on Gi7/6 (vmware).
So check :
'show spanning-tree' if vlan 210 and 220 are
forwarded to gi7/6
Where packetfence is connected on vmware ? is
it connected to a trunk port where the vlan
220 and 230 are allowed and the vlan 122 is
the native one ?
Also HSRP is a layer 3 protocol and we talk
about a layer 2 network.
Check all these items and from the laptop
connected on the vlan 210, retry a ping,
check the arp table.
Regards
Fabrice
Le 2015-03-31 03:38, Minh Trung a écrit :
Hello Fabrice,
I changed reg and iso interface back to
10.126.210.1, 10.126.220.1 but still no luck.
As you comment could we call PF as a switch
L2? Then after plug a device to 4500 i am
not able ping to 10.126.210.1 even from 4500
can not ping 10.126.210.1 also.
Do i misconfiguration on vmware? But other
vlan are still fine excluded some new vlan
for PF.
Here is the interface configured on 4500 to
vmware:
*The first 4500:*
/interface GigabitEthernet7/4
description ### To KFVNVM02_NIC1 ###
switchport access vlan 122
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet7/5
description ### To KFVNVM02_NIC3 ###
switchport access vlan 122
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet7/6
description ### To KFVNVM02_NIC4 ###
switchport trunk allowed vlan
122,126,127,210,220,230
switchport mode trunk
speed 1000
duplex full /
*The second 4500:( I has 2 switches 4500 and
HSRP configured)*
/interface GigabitEthernet7/4
description ### To KFVNVM02_NIC2 ###
switchport access vlan 122
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet7/5
description ### To KFVNVM02_NIC5 ###
switchport access vlan 122
switchport mode access
speed 1000
duplex full
!
interface GigabitEthernet7/6
description ### To KFVNVM02_NIC6 ###
switchport trunk allowed vlan
122,126,127,210,220,230
switchport mode trunk
speed 1000
duplex full/
Any help is appreciated,
Best regards,
On 30 March 2015 at 23:01, Durand fabrice
<[email protected]
<mailto:[email protected]>> wrote:
Hi Minh,
Keep in mind that reg and isol vlan are
layer 2 networks, so you don't have to
assign an ip address for these 2 vlan on
the cisco config (packetfence is the
only one who manage what happen on these
2 networks).
So the the ip address of the reg
interface is 10.126.210.1 (ifconfig) not
10.126.210.5 so change that in pf.conf
and networks.conf and restart
packetfence (same thing for isol).
Now plug a device in a port on the 4500
configured like that:
switchport mode access
switch port access vlan 210
with a device with a static ip :
10.126.210.33
and try to ping 10.126.210.1.
If this doesn't work then fix the
vmware/cisco config to make it work
(trunk, allowed vlan...).
Regards
Fabrice
Le 2015-03-30 03:06, Minh Trung a écrit :
Hello Fabrice,
I already check trunk port but still problem as
previously posted.
My PF as below:
PC ---+ --> Switch_L2(2960- Cisco) ---trunk-->
Switch_L3(4500) ---trunk--->
PF(VMware- ESX)
Here is the config interface that L2 connected on
Core switch:
i
*nterface GigabitEthernet2/4 description ###
Testing Network Security
### switchport trunk allowed vlan
110,123,124,127,128,135,210,220,230 switchport mode
trunk*
I has 2 core switches and configured HSRP so all
Vlan will be take 3 ip
addresses for HSRP eg:
Vlan123: x.x.x.1, x.x.x.2, x.x.x..3 are assign for
core switches, other
Vlan will be same.
So i changed 2 interface Vlan on PF as below:
*networks.conf*
[10.126.210.0]
dns=10.126.210.5
dhcp_start=10.126.210.10
*gateway=10.126.210.5*
domain-name=vlan-registration.global
nat_enabled=disabled
named=enabled
dhcp_max_lease_time=30
fake_mac_enabled=disabled
dhcpd=enabled
dhcp_end=10.126.210.246
type=vlan-registration
netmask=255.255.255.0
dhcp_default_lease_time=30
[10.126.220.0]
dns=10.126.220.5
dhcp_start=10.126.220.10
*gateway=10.126.220.5*
domain-name=vlan-isolation.global
nat_enabled=disabled
named=enabled
dhcp_max_lease_time=30
fake_mac_enabled=disabled
dhcpd=enabled
dhcp_end=10.126.220.246
type=vlan-isolation
netmask=255.255.255.0
dhcp_default_lease_time=30
But still no luck
Do i misconfiguration of any parts?
Any help is appreciated,
Regards,
On 28 March 2015 at 23:17, Durand
fabrice<[email protected]> <mailto:[email protected]> wrote:
Hello Minh,
has you probably notice there is no RX traffic on
eth0.210 and eth0.220
and eth0.230 so it's probably a switch
configuration issue.
Check on the switch port where packetfence's eth0
has been plugged that
'switch port mode trunk' (cisco syntax) has been
configured and check in
all uplink port that the vlan 210 and 220 are
allowed.
Regards
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go
Parallel Website, sponsored
by Intel and developed in partnership with Slashdot
Media, is your hub for all
things parallel software development, from weekly
thought leadership blogs to
news, videos, case studies, tutorials and more.
Take a look and join the
conversation now.http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel
Programming The Go Parallel Website,
sponsored
by Intel and developed in partnership
with Slashdot Media, is your hub for all
things parallel software development,
from weekly thought leadership blogs to
news, videos, case studies, tutorials
and more. Take a look and join the
conversation now.
http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go
Parallel Website, sponsored
by Intel and developed in partnership with Slashdot
Media, is your hub for all
things parallel software development, from weekly
thought leadership blogs to
news, videos, case studies, tutorials and more. Take a
look and join the
conversation now.http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming
The Go Parallel Website, sponsored
by Intel and developed in partnership with
Slashdot Media, is your hub for all
things parallel software development, from
weekly thought leadership blogs to
news, videos, case studies, tutorials and
more. Take a look and join the
conversation now.
http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel
Website, sponsored
by Intel and developed in partnership with Slashdot Media,
is your hub for all
things parallel software development, from weekly thought
leadership blogs to
news, videos, case studies, tutorials and more. Take a look
and join the
conversation now.http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go
Parallel Website, sponsored
by Intel and developed in partnership with
Slashdot Media, is your hub for all
things parallel software development, from weekly
thought leadership blogs to
news, videos, case studies, tutorials and more.
Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
One dashboard for servers and applications across
Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+
applications
Performance metrics, stats and reports that give you
Actionable Insights
Deep dive visibility with transaction tracing using
APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
One dashboard for servers and applications across
Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you
Actionable Insights
Deep dive visibility with transaction tracing using APM
Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
*“Choose a job you love, and you will never have to work a day in
your life”*
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
