Hello, There are no debug messages just info, and the last ones are from the last restart.
Feb 24 16:11:40 pfcmd.pl(2452) INFO: Daemon carbon-relay took 1.119 seconds to start. (pf::services::manager::launchService) Feb 24 16:11:40 pfcmd.pl(2452) INFO: Daemon collectd took 0.446 seconds to start. (pf::services::manager::launchService) Feb 24 16:11:40 pfcmd.pl(2452) INFO: Daemon statsd took 0.114 seconds to start. (pf::services::manager::launchService) Feb 24 16:11:43 pfcmd.pl(2452) INFO: Daemon radsniff3 took 0.641 seconds to start. (pf::services::manager::launchService) Feb 24 16:11:46 pfcmd.pl(2452) INFO: Daemon httpd.graphite took 2.522 seconds to start. (pf::services::manager::launchService) Nothing more... The switch is in production mode. Radius passphrase is set up and snmp v3 also. It is like packetfence is not responding to the radius messages at all. Shall I post my config files or something? Thanks! Gábor Barócsi Network and System Engineer -----Original Message----- From: Bebbet van Dinges [mailto:beb...@bebbet.nl] Sent: 2016. február 24. 17:12 To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] freeradius issue with 802.1x Hello, A start would be the packetfence logs (/usr/local/pf/logs/packetfence.log) info/debug messages are written there. Is the switch in production? Else it only gives out access-accept packages, but no control logic is applied yet. Bebbet On 24-2-2016 16:55, BARÓCSI Gábor wrote: > Hello, > > Please help me with an issue. I've just installed packetfence and integrated > to a windows AD domain. I can do AD queries. I use a cisco sg300 switch which > sends the EAP requests to packetfence. > I see with tcpdump that requests are coming to packetfence, but there is no > response to the switch. > > RADIUS, Access Request (1), id: 0x8b length: 137 > > When I run the command: sudo netstat -nap | grep radius > > I get this: > udp 0 0 127.0.0.1:56159 127.0.0.1:8125 > ESTABLISHED 2866/freeradius > udp 0 0 127.0.0.1:43991 127.0.0.1:8125 > ESTABLISHED 2866/freeradius > udp 0 0 0.0.0.0:1103 0.0.0.0:* > 2866/freeradius > udp 0 0 0.0.0.0:38039 0.0.0.0:* > 2866/freeradius > udp 0 0 127.0.0.1:18120 0.0.0.0:* > 2880/freeradius > udp 0 0 10.1.12.52:1812 0.0.0.0:* > 2880/freeradius > udp 0 0 10.1.12.52:1813 0.0.0.0:* > 2866/freeradius > udp 0 0 10.1.12.52:1814 0.0.0.0:* > 2880/freeradius > udp 0 0 0.0.0.0:49196 0.0.0.0:* > 2880/freeradius > udp 0 0 127.0.0.1:47188 127.0.0.1:8125 > ESTABLISHED 2880/freeradius > udp 0 0 127.0.0.1:55612 127.0.0.1:8125 > ESTABLISHED 2880/freeradius > > > I tried to do a query with this actual command (I don't have a user like > that): radtest dd9999 Abcd1234 localhost:18120 12 testing123 Sending > Access-Request of id 189 to 127.0.0.1 port 18120 > User-Name = "dd9999" > User-Password = "Abcd1234" > NAS-IP-Address = 127.0.1.1 > NAS-Port = 12 > Message-Authenticator = 0x00000000000000000000000000000000 > rad_recv: Access-Accept packet from host 127.0.0.1 port 18120, id=189, > length=20 > > Anything that I can check? The problem is that the switch is not getting an > EAP Radius-Access-Chellange response message and the VLAN can not be set. > > Also please confirm if I understand it correct: switch uses 802.1x auth wih > freeradius, packetfence is checking the AD, and if user or machine is in the > AD it is setting the correct VLAN. Maybe some other checks are also made like > firewall is on, etc. > > Thanks for any help, I'd really appreciate it as I'm new to this system but I > have to make it work. > > Gábor Barócsi > Network and System Engineer > > > > > > > > ---------------------------------------------------------------------- > -------- > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
