Will,
If you use the SSID&WirelessEAP example, users that successfully log
into the SSID via dot1x will have their machine Register. (Same as what
the custom code part did in 5.5.2)
The advantage of using the engine filters is to avoid any custom code in
the upgrade.
Since it will be handled via a configuration file, your upgrade will not
require to move around the custom code from one version to another.
Thanks,
On 01/18/2016 10:13 AM, Will Halsall wrote:
Hi Antoine,
Thanks for that I have had to revert the Packetfence server to 5.5.2
for the moment but will try this next weekend.
With this when the user logs in and is authenticated against our AD
domain the user will be added to the packetfence user database and
granted access in the same way as in version 5.5.2?
WillH
*From:*Antoine Amacher [mailto:[email protected]]
*Sent:* Monday, January 18, 2016 3:01 PM
*To:* [email protected]
*Subject:* Re: [PacketFence-users] PacketFence upgrade
Will,
here is an example of a vlan_filter for autoreg:
[EthernetEAP]
filter = connection_type
operator = is
value = Ethernet-EAP
[WirelessEAP]
filter = connection_type
operator = is
value = Wireless-802.11-EAP
[SSID]
filter = ssid
operator = is
value = MySSID
[ComputerName]
filter = node_info.computername
operator = match
value = MyCompanyName
[1:WirelessEAP&SSID]
scope = AutoRegister
role = default
[2:WirelessEAP&SSID]
scope = NodeInforForAutoReg
role = default
[3:EthernetEAP&ComputerName]
scope = AutoRegister
role = default
[4:EthernetEAP&ComputerName]
scope = NodeInforForAutoReg
role = default
This would AutoRegister any computer who connect in
PEAP/EAPTLS(wireless) to the SSID: MySSID or any computer who connect
in PEAP/EAPTLS(wired) who have a ComputerName that contain: MyCompanyName.
Thanks
On 01/18/2016 08:09 AM, Antoine Amacher wrote:
Will,
Since we few versions of PacketFence, our engine filters is taking
over most of the custom code.
If you need to setup an autoregister, you should have a look at
conf/vlan_filters.conf.example or conf/radius_filters.conf.
Thanks,
On Monday, January 18, 2016 05:06 EST, Will Halsall
<[email protected]> <mailto:[email protected]> wrote:
Hi Folks,
After upgrading to 5.6 the operation of clients on our 802.1x SSID
seems to have changed.
In the past when users authenticated to the SSID and we had
uncommented shouldAutoRegister in lib/pf/role/custom.pm users
where allowed access.
Now they seem to be redirected to the captive portal. Is there a
way to stop this and revert back to the old way as users prefer
this option?
Thanks
WillH
PS this is on Aruba Instant access points
This message is intended only for the use of the person(s) to
whom it is addressed, and may contain privileged and confidential
information.
If it has come to you in error, please contact the sender as soon
as possible,
and note that you must take no action based on the content, nor
must you copy,
distribute, or show the content to any other person.
In accordance with its legal obligations, Farnborough College of
Technology reserves the right to monitor the content of e-mails
sent and
received, but will not do so routinely.
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>,
and is
believed to be clean.
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Antoine Amacher
[email protected] <mailto:[email protected]> :: +1.514.447.4918 *130
::www.inverse.ca <http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu>) and
PacketFence (www.packetfence.org <http://www.packetfence.org>)
This message is intended only for the use of the person(s) to
whom it is addressed, and may contain privileged and confidential
information.
If it has come to you in error, please contact the sender as soon as
possible,
and note that you must take no action based on the content, nor must
you copy,
distribute, or show the content to any other person.
In accordance with its legal obligations, Farnborough College of
Technology reserves the right to monitor the content of e-mails sent and
received, but will not do so routinely.
This message has been scanned for viruses and
dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
believed to be clean.
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Antoine Amacher
[email protected] :: +1.514.447.4918 *130 :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
