Hi Fabrice Awesome - I can confirm that it works with the Fortigate option in the UI. Perhaps add an option called "Generic RSSO"?
Thanks! -----Original Message----- From: Fabrice DURAND [mailto:[email protected]] Sent: Friday, 11 December 2015 3:31 PM To: [email protected] Subject: Re: [PacketFence-users] PacketFence & Sonicwall SSO Hello Anton, Fortigate use the same way for SSO, let's have a look at https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/firewallsso/FortiGate.pm It will be probably easy to adapt. Regard Fabrice Le 2015-12-11 07:40, Anton Dreyer a écrit : > > Good day > > > > Firstly congratulations on how far you have come with the package - > it's so much smoother to get running than when I last used 3.6 > > > > I was hoping someone could assist me. We use a Meru controller and I > have managed to get it running using 802.1x as per the instructions. > > We also use a Sonicwall UTM appliance that supports SSO via radius > accounting: > > > > /"For Dell SonicWALL appliances to be compatible with third party > network appliances for SSO via RADIUS Accounting, the third party > appliance must be able to do the following:/ > > / / > > /. Support RADIUS Accounting./ > > /. Send both Start and Stop messages. Sending Interim-Update messages > is not required./ > > /. Send the user's IP address in either Framed-IP-Address or > Calling-Station-Id attribute in both Start and Stop messages./ > > / / > > /The user's login name should be sent in the User-Name attribute of > Start messages and Interim-Update messages. The user's login name can > also be sent in the User-Name attribute of Stop messages, but is not > required. The User-Name attribute must contain the user's account name > and may include the domain also, or it must contain the user's > distinguished name (DN)."/ > > > > The Meru controller does have a secondary radius accounting server > field you can enter, but it seems that it is there for failover only. > Is there any way one could send a copy of the required radius traffic > to the SonicWall while still consuming the accounting traffic on the > PacketFence box? > > I see you have native support for a couple of other firewall vendors, > it would be nice if SonicWall could be added to that list. > > > > Thanks in advance > > > > Anton > > > > ---------------------------------------------------------------------- > -------- > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
