Not really, but we changed the way to detect if we have to re-evaluate
the access.
Now we test if the vlan has changed and also if the role has changed.
For that you need the latest version of pf and run the maintenance
script (pf-maint.pl).
Regards
Fabrice
Le 2016-01-29 08:50, Tim DeNike a écrit :
Ahh, nice. That worked perfectly. Can I set the option "force" in a
particular context. IE: Only for the Aruba wireless, and not wired
switches?
On Fri, Jan 29, 2016 at 7:38 AM, Durand fabrice <[email protected]
<mailto:[email protected]>> wrote:
Hi Tim,
a quick fix should be to modify enforcement.pm
<http://enforcement.pm>:
sub _should_we_reassign_vlan {
my ( $mac, $locationlog_entry, %opts ) = @_;
my $logger = get_logger();
return $TRUE;
if ( $opts{'force'} ) {
$logger->info("VLAN reassignment is forced.");
return $TRUE;
}
...
Regards
Fabrice
Le 2016-01-28 15:51, Tim DeNike a écrit :
OK, the problem I'm running into is... For an unregistered
device, I'm returning a role to aruba that forwards to the
captive portal on packet fence. This works. After the user
authenticates, PF isn't doing a COA to change the role. It seems
to only care about re-evaluating the VLAN (VLAN isn't changing),
and not the role.
Basically, I want to have an unregistered device join, be
assigned to vlan 502 with role "pf_portal", after authentication,
send COA, keeping them on vlan 502, but changing the role to
"authenticated". This way it doesn't bounce the user and change
vlans, just a graceful switch from no access to access.
On Fri, Nov 20, 2015 at 8:56 AM, Fabrice DURAND
<[email protected] <mailto:[email protected]>> wrote:
Hello Tim,
here an example:
http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-integrate-Aruba-Controller-with-CPPM-to-perform-Captive/ta-p/192291
Regards
Fabrice
Le 2015-11-20 08:29, Tim DeNike a écrit :
I had this working 6 months ago when we demo'd the Aruba
equipment.. Now that we physically have it, I can't remember
for the life of me how I got it to work.
I know I setup roles in the Aruba controller but I can't
seem to get PF to do a COA to change the role after the
registration. PF is returning the role I defined for portal
redirection. The user is redirected. Logs in and PF
registers the device, but no COA is sent. I think PF isn't
doing anything because the VLAN isn't changing, only the
role. Would that make sense?
I think I was on 5.0 or 5.1 when I tested the Aruba, now I'm
on 5.3.
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] <mailto:[email protected]> ::+1.514.447.4918
<tel:%2B1.514.447.4918> (x135) ::www.inverse.ca <http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and
PacketFence (http://packetfence.org)
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
