Re: [PacketFence-users] URGENT All the sudden, Wireless is no longer working. OpenWRT

Mon, 05 Oct 2015 08:57:35 -0700 


On Oct 5, 2015, at 11:11 , Chris Abel <[email protected]> wrote:

> # trapping.passthrough
> #
> # When enabled, pfdns will resolve the real IP addresses of passthroughs and 
> add them in the ipset session to give access
> # to trapped devices. Don´t forget to enable ip_forward on your server.
> passthrough=enabled
> #
> # trapping.passthroughs
> #
> # Comma-delimited list of domains to be used as HTTP and HTTPS passthroughs 
> to web sites.
> #
> passthroughs=ocsp=http://ocsp.comodoca.com/,crl=http://crl.comodoca.com/,cps=http://secure.comodo.net/
> #
> # trapping.proxy_passthroughs
> #
> # Comma-delimited list of domains to be use for apache passthrough
> proxy_passthroughs=ocsp=http://ocsp.comodoca.com/,crl=http://crl.comodoca.com/,cps=http://secure.comodo.net/

This is not going to use.
I am not sure what you are trying to do but this feature does not support that 
syntax.

I would recommend removing those.
The proper syntax would be to list the domains, comma separated without any 
scheme or slashes.

I can’t comment on your memory use without knowing how many users you are 
trying to support.
I would say that 4Gb of RAM is at the very minimum of the PF requirements.

If you think there is any chance that your problems may be related to 
Fingerbank, I recommend turning off upstream interrogation and not recording 
unmatched records, at least temporarily.
If that helps it may narrow down the issue. If it does not then you could just 
reenable it.


Look at your packetfence.log file. Are there any warnings or errors?
All your RADIUS logs tell me is that radiusd can not keeps up with the requests.
Usually that’s because some other service on which it’s depending is too slow 
to reply, e.g. the database, your AD server if any, the PacketFence httpd.aaa 
etc.

What do the httpd.aaa logs tell you? 

Regards,
--
Louis Munro
[email protected]  ::  www.inverse.ca 
+1.514.447.4918 x125  :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)
------------------------------------------------------------------------------

_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to