Hello,
I installed and configured PacketFence 5.3.1 on Ubuntu 12.04 but some
errors appeared in packetfence.log when I tried to connect a device to
the network. And it is not proprely redirected on the normal VLAN after
authenthication.
packetfence.log :
Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] Username
was defined "b84fd5e351d8" - returning user based role 'full'
(pf::vlan::getNormalVlan)
Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] PID:
"ellyn", Status: reg Returned VLAN: 10, Role: full
(pf::vlan::fetchVlanForNode)
Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] VLAN
reassignment required (current VLAN = 4 but should be in VLAN 10)
(pf::enforcement::_should_we_reassign_vlan)
Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] switch port
is (192.168.10.2) ifIndex unknown connection type: WiFi MAC Auth
(pf::enforcement::_vlan_reevaluation)
Jul 28 16:57:42 httpd.portal(4752) WARN: Can't find provisioner for
b8:4f:d5:e3:51:d8 since we don't have it's OS
(pf::Portal::Profile::findProvisioner)
Jul 28 16:57:43 httpd.webservices(4765) INFO: [b8:4f:d5:e3:51:d8]
DesAssociating mac on switch (192.168.10.2) (pf::api::desAssociate)
Jul 28 16:57:43 httpd.webservices(4765) INFO: deauthenticating
b8:4f:d5:e3:51:d8 (pf::Switch::Hostapd::radiusDisconnect)
Jul 28 16:57:43 httpd.webservices(4765) INFO: controllerIp is set, we
will use controller 192.168.10.1 to perform deauth
(pf::Switch::Hostapd::radiusDisconnect)
Jul 28 16:57:43 httpd.webservices(4765) WARN: Unable to perform RADIUS
Disconnect-Request: No answer from 192.168.10.1 on port 3799 at
/usr/local/pf/lib/pf/util/radius.pm line 145.
(pf::Switch::Hostapd::catch {...} )
Jul 28 16:57:57 httpd.webservices(4765) WARN: Unable to perform a
Fingerbank lookup for device with MAC address 'b8:4f:d5:e3:51:d8'
(pf::fingerbank::process)
My access point is defined as an hostapd (openwrt) switch type. Here is
its wireless configuration:
option device 'radio1'
option mode 'ap'
option ssid 'OpenWrt-OPEN'
option network 'lan'
option encryption 'none'
option auth_server '192.168.10.1'
option auth_port '1812'
option auth_secret 'secret'
option dynamic_vlan '2'
option vlan_tagged_interface 'eth0'
option radius_das_port '3799'
option radius_das_client '192.168.10.1 secret'
option macfilter '2'
option acct_server '192.168.10.1'
option acct_port '1813'
option acct_secret 'secret'
option vlan_bridge 'br-vlan'
option vlan_naming '1'
Radius tries to perform a Disconnect-Request as wanted but I do not
understand why its request has no effect, did I miss something ?
By the way 192.168.10.1 is the management interface, in my
comprehension, after the authentication process the device should be
redirected to the management vlan, is that right ?
Thanks for answering,
Ellyn.
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
