Hi Tim,
a quick fix should be to modify enforcement.pm:
sub _should_we_reassign_vlan {
my ( $mac, $locationlog_entry, %opts ) = @_;
my $logger = get_logger();
return $TRUE;
if ( $opts{'force'} ) {
$logger->info("VLAN reassignment is forced.");
return $TRUE;
}
...
Regards
Fabrice
Le 2016-01-28 15:51, Tim DeNike a écrit :
OK, the problem I'm running into is... For an unregistered device, I'm
returning a role to aruba that forwards to the captive portal on
packet fence. This works. After the user authenticates, PF isn't
doing a COA to change the role. It seems to only care about
re-evaluating the VLAN (VLAN isn't changing), and not the role.
Basically, I want to have an unregistered device join, be assigned to
vlan 502 with role "pf_portal", after authentication, send COA,
keeping them on vlan 502, but changing the role to "authenticated".
This way it doesn't bounce the user and change vlans, just a graceful
switch from no access to access.
On Fri, Nov 20, 2015 at 8:56 AM, Fabrice DURAND <[email protected]
<mailto:[email protected]>> wrote:
Hello Tim,
here an example:
http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-integrate-Aruba-Controller-with-CPPM-to-perform-Captive/ta-p/192291
Regards
Fabrice
Le 2015-11-20 08:29, Tim DeNike a écrit :
I had this working 6 months ago when we demo'd the Aruba
equipment.. Now that we physically have it, I can't remember for
the life of me how I got it to work.
I know I setup roles in the Aruba controller but I can't seem to
get PF to do a COA to change the role after the registration. PF
is returning the role I defined for portal redirection. The user
is redirected. Logs in and PF registers the device, but no COA
is sent. I think PF isn't doing anything because the VLAN isn't
changing, only the role. Would that make sense?
I think I was on 5.0 or 5.1 when I tested the Aruba, now I'm on 5.3.
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] <mailto:[email protected]> ::+1.514.447.4918
<tel:%2B1.514.447.4918> (x135) ::www.inverse.ca <http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
