> On Jan 27, 2016, at 3:34 AM, Will Halsall <[email protected]> wrote: > > Hi Fabrice, > > Yes that fixies it for me (see logs below) . > > Thank you > > Will Halsall > > > pfmon.log:Jan 27 08:18:51 pfmon(9137) INFO: modified 00:24:2b:60:ff:79 from > status 'reg' to 'unreg' based on unregdate colum (pf::node::nodes_maintenance) > pfqueue.log:Jan 27 08:08:51 pfqueue(9083) INFO: [mac:00:24:2b:60:ff:79] > oldmac (b0:9f:ba:c5:53:5c) and newmac (00:24:2b:60:ff:79) are different for > 192.168.16.34 - closing iplog entry (pf::api::update_iplog) > radius.log:Wed Jan 27 08:07:40 2016 : Auth: Login OK: [00:24:2b:60:ff:79] > (from client 172.16.36.30 port 0 cli 00:24:2b:60:ff:79) > radius.log:Wed Jan 27 08:07:40 2016 : Auth: rlm_perl: Returning vlan 72 to > request from 00:24:2b:60:ff:79 port 0 > radius.log:Wed Jan 27 08:08:44 2016 : Auth: Login OK: [00:24:2b:60:ff:79] > (from client 172.16.36.30 port 0 cli 00:24:2b:60:ff:79) > radius.log:Wed Jan 27 08:08:44 2016 : Auth: rlm_perl: Returning vlan 80 to > request from 00:24:2b:60:ff:79 port 0 > radius.log:Wed Jan 27 08:08:45 2016 : Auth: Login OK: [00:24:2b:60:ff:79] > (from client 172.16.36.30 port 0 cli 00:24:2b:60:ff:79) > radius.log:Wed Jan 27 08:08:45 2016 : Auth: rlm_perl: Returning vlan 80 to > request from 00:24:2b:60:ff:79 port 0 > radius.log:Wed Jan 27 08:18:52 2016 : Auth: Login OK: [00:24:2b:60:ff:79] > (from client 172.16.36.30 port 0 cli 00:24:2b:60:ff:79) > radius.log:Wed Jan 27 08:18:52 2016 : Auth: rlm_perl: Returning vlan 72 to > request from 00:24:2b:60:ff:79 port 0 > radius.log:Wed Jan 27 08:18:53 2016 : Auth: Login OK: [00:24:2b:60:ff:79] > (from client 172.16.36.30 port 0 cli 00:24:2b:60:ff:79) > radius.log:Wed Jan 27 08:18:53 2016 : Auth: rlm_perl: Returning vlan 72 to > request from 00:24:2b:60:ff:79 port 0 >
Fabrice - I ran the command below, applied the patches, restarted PF, and still not getting the result I feel I should be. PF seems to be performing the maintenance as evidenced by this log message: pfmon.log:Feb 03 15:28:35 pfmon(994) INFO: modified 00:0b:6b:b7:e9:d0 from status 'reg' to 'unreg' based on unregdate colum (pf::node::nodes_maintenance) but the user is still in the “reg” role on the wireless controller and was never moved to the “unreg” role on the controller. I did a packet capture between the PF box and the controller, and I see the role change request being sent on registration: 15:26:19.577784 IP siepata.net.isc.upenn.edu.38866 > 10.50.80.52.radius-dynauth: UDP, length 94 15:26:19.579269 IP 10.50.80.52.radius-dynauth > siepata.net.isc.upenn.edu.38866: UDP, length 32 but I don’t see it again when the dereg happens. Thoughts? > -----Original Message----- > From: Fabrice DURAND [mailto:[email protected]] > Sent: Tuesday, January 26, 2016 8:21 PM > To: [email protected] > Subject: Re: [PacketFence-users] unregistration issue > > Hello Charles, > > can you do that: > > ./usr/local/pf/addons/pf-maint.pl > > and restart packetfence and retry ? > > Regards > Fabrice > > Le 2016-01-26 11:08, Rumford, Charles C a écrit : >>> On Jan 26, 2016, at 6:47 AM, Will Halsall <[email protected]> wrote: >>> >>> Hi Folks, >>> >>> After upgrading to 5.6 I noticed I was having a de-authentication issue. >>> >>> After doing an email authentication on the captive portal the e-mail is >>> sent out as usual and internet access is granted, normally if you do not >>> click on the link in the email after 10 mins you are de-authenticated. >>> >>> At the moment the user goes back into an unreg stat but I cannot see a >>> de-authentication sent back to the wifi controller and internet access is >>> not terminated. >>> >>> If I manually set the role back to default the user is >>> de-authenticated >> I noticed this also with my test installation for email auth. I also noticed >> that it doesn't de-auth users when a users during clean-up when a session >> expires. >> >> I went digging around in code looking for where and found in >> PF::Enforcement::reevaluate_access it only does the VLAN re-evaluation. >> Looking in PF::Enforcement::_vlan_reevaluation, there doesn't seem to be >> anything regard role re-evaluation. I haven't done any more work beyond that >> to see where to add a role re-evaulation in, but plan on it if we decide to >> go with PacketFence. >> >> ---- >> Charles Rumford >> Network Engineer/Senior Wireless Engineer ISC Network Operations >> University of Pennsylvania OpenPGP Key ID: 0xF3D8215A >> (p) 215-746-2808 >> >> >> >> ---------------------------------------------------------------------- >> -------- >> Site24x7 APM Insight: Get Deep Visibility into Application Performance >> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month >> Monitor end-to-end web transactions and take corrective actions now >> Troubleshoot faster and improve end-user experience. Signup Now! >> http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 >> >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > -- > Fabrice Durand > [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. > :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence > (http://packetfence.org) > > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > > > ********************************************************************** > This message is intended only for the use of the person(s) to > whom it is addressed, and may contain privileged and confidential information. > If it has come to you in error, please contact the sender as soon as possible, > and note that you must take no action based on the content, nor must you copy, > distribute, or show the content to any other person. > > > In accordance with its legal obligations, Farnborough College of > Technology reserves the right to monitor the content of e-mails sent and > received, but will not do so routinely. > ********************************************************************** > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > MailScanner thanks transtec Computers for their support. > > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ---- Charles Rumford Network Engineer/Senior Wireless Engineer ISC Network Operations University of Pennsylvania OpenPGP Key ID: 0xF3D8215A (p) 215-746-2808
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
