On Jun 22, 2015, at 16:08 , Rhoads, Robert W. <[email protected]> wrote:
> Hello All,
>
> I thought I had PF running as I wanted it but discovered I actually did
> not. I am using 802.1X on cisco 3560G switches in a test environment. I
> want to make it so that the “users” using Windows systems (in the test lab,
> it is Windows XP, though real life it would be Win7) use mschap to get
> through dot1x via PF WITH the option to pass the windows credentials on to
> MSCHAP (just a single signon) , and be assigned to a VLAN at that point,
> autoregister, and skip the captive portal.
>
> So far I can confirm that I have RADIUS working with AD. I can and see that
> the switch talks to PF and successfully authenticates and tests on the PF
> server itself work as well. I DO have autoregistration active. The RADIUS
> authentication succeeds for the machine, I see nothing about the user, and
> gets put in the registration VLAN…which isn’t want I really want but if I
> keep playing…in the captive portal, if I put in the Windows credentials, and
> the Portal is set to use RADIUS, I always get “wrong password” even when I
> KNOW it is correct and typed in correctly.
>
> What am I missing? I’m aware I haven’t listed any configs or anything…if
> anyone needs them I’ll followup with those that are needed, rather than
> spamming all of them now.
Hi Robert,
You are not mentioning your authentication rules.
Make sure you have an authentication source configured (probably AD) with a
rule that sends authenticated users to the proper VLAN.
Also, how did you enable autoregistration?
There’s more than one way to do it, but some of them are better than others.
Regards,
--
Louis Munro
[email protected] :: www.inverse.ca
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors
network devices and physical & virtual servers, alerts via email & sms
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
