[PacketFence-users] Issues with Cisco phones.

Wed, 02 Sep 2015 13:44:13 -0700 

I just setup a new copy of pf 5.3.1 using the OVA.

I am trying to get the multi-domain authentication working, but it I am at
a loss.

Here are the relevant log messages.

packetfence.log:
Sep 01 14:09:59 httpd.aaa(3395) INFO: [c8:9c:1d:a3:5b:b0] handling radius
autz request: from switch_ip => (10.103.254.11), connection_type =>
WIRED_MAC_AUTH,switch_mac => (34:a8:4e:eb:e0:9a), mac =>
[c8:9c:1d:a3:5b:b0], port => 10026, username => "c89c1da35bb0"
(pf::radius::authorize)
Sep 01 14:09:59 httpd.aaa(3395) INFO: [c8:9c:1d:a3:5b:b0] does not yet
exist in database. Adding it now (pf::radius::authorize)
Sep 01 14:09:59 httpd.aaa(3395) WARN: SNMP get_request for
1.3.6.1.4.1.9.9.23.1.2.1.1.6 (pf::Switch::Cisco::getPhonesCDPAtIfIndex)
Sep 01 14:09:59 httpd.aaa(3395) INFO: We found an IP phone through
discovery protocols for ifIndex 10026 (pf::Switch::getPhonesDPAtIfIndex)
Sep 01 14:18:51 httpd.aaa(3395) INFO: [c8:9c:1d:a3:5b:b0] handling radius
autz request: from switch_ip => (10.103.254.11), connection_type =>
WIRED_MAC_AUTH,switch_mac => (34:a8:4e:eb:e0:9a), mac =>
[c8:9c:1d:a3:5b:b0], port => 10026, username => "c89c1da35bb0"
(pf::radius::authorize)
Sep 01 14:18:52 httpd.aaa(3395) INFO: [c8:9c:1d:a3:5b:b0] autoregister a
node that is already registered, do nothing. (pf::node::node_register)


radius.log:

Wed Sep  2 16:28:23 2015 : Auth: Login OK: [c89c1da35bb0] (from client
10.103.254.11 port 50026 cli C8-9C-1D-A3-5B-B0)
Wed Sep  2 16:28:25 2015 : Auth: rlm_perl: request from c8:9c:1d:a3:5b:b0
port 50026 was accepted but no VLAN returned. This could be normal. See
server logs for details.


It looks like it is letting it on, but in the data domain.

show authentication sessions

Interface  MAC Address     Method   Domain   Status         Session ID
Fa0/26     c89c.1da3.5bb0  mab      DATA     Authz Success
 0A67FE0B0000002AB21B688B


show dot1x all summary

Interface       PAE     Client          Status
--------------------------------------------------------
Fa0/26          AUTH    none            UNAUTHORIZED



When I look at the node that was autoregistered the voip option is enabled.
I am at a loss.

------------------------------------------------------------------------------
Monitor Your Dynamic Infrastructure at Any Scale With Datadog!
Get real-time metrics from all of your servers, apps and tools
in one place.
SourceForge users - Click here to start your Free Trial of Datadog now!
http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to