Hi, thanks, Louis! I had restarted PF during my config process before. I just did it again to change the log level, and BAM, it started to work!
You can see it in the logs/packetfence.log file now: Aug 06 14:13:06 httpd.aaa(46816) INFO: [mac] Match Vlan rule: 1:resnet (pf::vlan::filter::test) Aug 06 14:13:06 httpd.aaa(46816) INFO: [mac] PID: "xxxx", Status: reg. Returned VLAN: xx (pf::vlan::fetchVlanForNode) Aug 06 14:13:06 httpd.aaa(46816) INFO: [mac] (ip.ip.ip.ip) Returning ACCEPT with VLAN xx and role (pf::Switch::returnRadiusAccessAccept) NICE! I'm unsure why it was not happening before. maybe I had some syntax wrong or something. For the record, here's my config: # If the user connects to ssid "resnet" then set their vlan to role resnet # [resnet] filter = ssid operator = is value = resnet [1:resnet] scope = NormalVlan role = resnet # Note that if an unregistered user connects to this SSID, they will use my defined resnet portal. They get a login, and will get a role assigned as per the norm. But, will still get pushed into the resnet vlan when connecting. Just what I was looking for. Thanks everyone for your help - Pete Hoffswell - Network Manager [email protected] http://www.davenport.edu On Thu, Aug 6, 2015 at 2:03 PM, Louis Munro <[email protected]> wrote: > A few possibilities: > > > - is the SSID called “resnet” (case matters)? > - is the AP/controller actually sending the SSID name in the radius > request? > - is PacketFence able to parse that SSID as sent? > > > I suggest raising the log level to “DEBUG”. > That should show if the SSID is correctly detected. > > VLAN filters are automatically run on every authentication. > You may want to restart to make sure the new ones are applied if you > changed them. > > > On Aug 6, 2015, at 1:45 PM, Pete Hoffswell <[email protected]> > wrote: > > Well, I'm sticking to the original subject, here.... trying to get a vlan > filter to work - > > resnet-ssid] > filter = ssid > operator = is > value = resnet > > [1:resnet-ssid] > scope = NormalVlan > role = resnet > > > I do not see any sort of info in the packetfence.log... I wonder if > there's a pf.conf command that directs PF to look for and run the > vlan_filters.conf stuff... > > > > > > > > > ------------------------------------------------------------------------------ > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > >
------------------------------------------------------------------------------
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
