Hello, Can you plug a cable in/out to trigger something? Everything is quiet until you make it work..
Do you have connectivity back and forth? There also is a radius logfile in there, maybe that can provide you with some direction.. Bebbet On 24-2-2016 20:15, BARÓCSI Gábor wrote: > Hello, > > There are no debug messages just info, and the last ones are from the last > restart. > > > Feb 24 16:11:40 pfcmd.pl(2452) INFO: Daemon carbon-relay took 1.119 seconds > to start. (pf::services::manager::launchService) > Feb 24 16:11:40 pfcmd.pl(2452) INFO: Daemon collectd took 0.446 seconds to > start. (pf::services::manager::launchService) > Feb 24 16:11:40 pfcmd.pl(2452) INFO: Daemon statsd took 0.114 seconds to > start. (pf::services::manager::launchService) > Feb 24 16:11:43 pfcmd.pl(2452) INFO: Daemon radsniff3 took 0.641 seconds to > start. (pf::services::manager::launchService) > Feb 24 16:11:46 pfcmd.pl(2452) INFO: Daemon httpd.graphite took 2.522 seconds > to start. (pf::services::manager::launchService) > > Nothing more... > The switch is in production mode. Radius passphrase is set up and snmp v3 > also. It is like packetfence is not responding to the radius messages at all. > Shall I post my config files or something? > Thanks! > > Gábor Barócsi > Network and System Engineer > > > > > -----Original Message----- > From: Bebbet van Dinges [mailto:beb...@bebbet.nl] > Sent: 2016. február 24. 17:12 > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] freeradius issue with 802.1x > > Hello, > > A start would be the packetfence logs > (/usr/local/pf/logs/packetfence.log) info/debug messages are written there. > Is the switch in production? Else it only gives out access-accept packages, > but no control logic is applied yet. > > Bebbet > > On 24-2-2016 16:55, BARÓCSI Gábor wrote: >> Hello, >> >> Please help me with an issue. I've just installed packetfence and integrated >> to a windows AD domain. I can do AD queries. I use a cisco sg300 switch >> which sends the EAP requests to packetfence. >> I see with tcpdump that requests are coming to packetfence, but there is no >> response to the switch. >> >> RADIUS, Access Request (1), id: 0x8b length: 137 >> >> When I run the command: sudo netstat -nap | grep radius >> >> I get this: >> udp 0 0 127.0.0.1:56159 127.0.0.1:8125 >> ESTABLISHED 2866/freeradius >> udp 0 0 127.0.0.1:43991 127.0.0.1:8125 >> ESTABLISHED 2866/freeradius >> udp 0 0 0.0.0.0:1103 0.0.0.0:* >> 2866/freeradius >> udp 0 0 0.0.0.0:38039 0.0.0.0:* >> 2866/freeradius >> udp 0 0 127.0.0.1:18120 0.0.0.0:* >> 2880/freeradius >> udp 0 0 10.1.12.52:1812 0.0.0.0:* >> 2880/freeradius >> udp 0 0 10.1.12.52:1813 0.0.0.0:* >> 2866/freeradius >> udp 0 0 10.1.12.52:1814 0.0.0.0:* >> 2880/freeradius >> udp 0 0 0.0.0.0:49196 0.0.0.0:* >> 2880/freeradius >> udp 0 0 127.0.0.1:47188 127.0.0.1:8125 >> ESTABLISHED 2880/freeradius >> udp 0 0 127.0.0.1:55612 127.0.0.1:8125 >> ESTABLISHED 2880/freeradius >> >> >> I tried to do a query with this actual command (I don't have a user like >> that): radtest dd9999 Abcd1234 localhost:18120 12 testing123 Sending >> Access-Request of id 189 to 127.0.0.1 port 18120 >> User-Name = "dd9999" >> User-Password = "Abcd1234" >> NAS-IP-Address = 127.0.1.1 >> NAS-Port = 12 >> Message-Authenticator = 0x00000000000000000000000000000000 >> rad_recv: Access-Accept packet from host 127.0.0.1 port 18120, id=189, >> length=20 >> >> Anything that I can check? The problem is that the switch is not getting an >> EAP Radius-Access-Chellange response message and the VLAN can not be set. >> >> Also please confirm if I understand it correct: switch uses 802.1x auth wih >> freeradius, packetfence is checking the AD, and if user or machine is in the >> AD it is setting the correct VLAN. Maybe some other checks are also made >> like firewall is on, etc. >> >> Thanks for any help, I'd really appreciate it as I'm new to this system but >> I have to make it work. >> >> Gábor Barócsi >> Network and System Engineer >> >> >> >> >> >> >> >> ---------------------------------------------------------------------- >> -------- >> Site24x7 APM Insight: Get Deep Visibility into Application Performance >> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month >> Monitor end-to-end web transactions and take corrective actions now >> Troubleshoot faster and improve end-user experience. Signup Now! >> http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + > Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor > end-to-end web transactions and take corrective actions now Troubleshoot > faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
