Hi Ellyn, > Jul 28 16:57:43 httpd.webservices(4765) INFO: controllerIp is set, we > will use controller 192.168.10.1 to perform deauth > (pf::Switch::Hostapd::radiusDisconnect) > By the way 192.168.10.1 is the management interface, in my > comprehension, after the authentication process the device should be > redirected to the management vlan, is that right ?
I think you are mixing things up. From what I can understand in the log, you configured 192.168.10.1 as the controllerIp that actually controls the access point you are using (ie. a WLC controls Cisco APs). Then, you’re saying that 192.168.10.1 is the management interface. Is that the management interface of PacketFence ? If your access point is “standalone” please remove the controllerIp from the configuration. Cheers! dw. — Derek Wuelfrath [email protected] :: www.inverse.ca +1.514.447.4918 (x110) :: +1.866.353.6153 (x110) Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) > On Jul 29, 2015, at 03:35, [email protected] wrote: > > Hello, > > > I installed and configured PacketFence 5.3.1 on Ubuntu 12.04 but some > errors appeared in packetfence.log when I tried to connect a device to > the network. And it is not proprely redirected on the normal VLAN after > authenthication. > > packetfence.log : > > Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] Username > was defined "b84fd5e351d8" - returning user based role 'full' > (pf::vlan::getNormalVlan) > Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] PID: > "ellyn", Status: reg Returned VLAN: 10, Role: full > (pf::vlan::fetchVlanForNode) > Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] VLAN > reassignment required (current VLAN = 4 but should be in VLAN 10) > (pf::enforcement::_should_we_reassign_vlan) > Jul 28 16:57:42 httpd.portal(4752) INFO: [b8:4f:d5:e3:51:d8] switch port > is (192.168.10.2) ifIndex unknown connection type: WiFi MAC Auth > (pf::enforcement::_vlan_reevaluation) > Jul 28 16:57:42 httpd.portal(4752) WARN: Can't find provisioner for > b8:4f:d5:e3:51:d8 since we don't have it's OS > (pf::Portal::Profile::findProvisioner) > Jul 28 16:57:43 httpd.webservices(4765) INFO: [b8:4f:d5:e3:51:d8] > DesAssociating mac on switch (192.168.10.2) (pf::api::desAssociate) > Jul 28 16:57:43 httpd.webservices(4765) INFO: deauthenticating > b8:4f:d5:e3:51:d8 (pf::Switch::Hostapd::radiusDisconnect) > Jul 28 16:57:43 httpd.webservices(4765) INFO: controllerIp is set, we > will use controller 192.168.10.1 to perform deauth > (pf::Switch::Hostapd::radiusDisconnect) > Jul 28 16:57:43 httpd.webservices(4765) WARN: Unable to perform RADIUS > Disconnect-Request: No answer from 192.168.10.1 on port 3799 at > /usr/local/pf/lib/pf/util/radius.pm line 145. > (pf::Switch::Hostapd::catch {...} ) > Jul 28 16:57:57 httpd.webservices(4765) WARN: Unable to perform a > Fingerbank lookup for device with MAC address 'b8:4f:d5:e3:51:d8' > (pf::fingerbank::process) > > My access point is defined as an hostapd (openwrt) switch type. Here is > its wireless configuration: > > option device 'radio1' > option mode 'ap' > option ssid 'OpenWrt-OPEN' > option network 'lan' > option encryption 'none' > option auth_server '192.168.10.1' > option auth_port '1812' > option auth_secret 'secret' > option dynamic_vlan '2' > option vlan_tagged_interface 'eth0' > option radius_das_port '3799' > option radius_das_client '192.168.10.1 secret' > option macfilter '2' > option acct_server '192.168.10.1' > option acct_port '1813' > option acct_secret 'secret' > option vlan_bridge 'br-vlan' > option vlan_naming '1' > > Radius tries to perform a Disconnect-Request as wanted but I do not > understand why its request has no effect, did I miss something ? > By the way 192.168.10.1 is the management interface, in my > comprehension, after the authentication process the device should be > redirected to the management vlan, is that right ? > > > Thanks for answering, > Ellyn. > > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
