Ok so all the needed services are running.
Now what happen when you try to authenticate, do you still have the same
issue ?
Also can you paste your networks.conf, and pf.conf (remove sensible info).
Fabrice
Le 2016-03-24 20:06, Blackman Anthony a écrit :
[root@pfptnyc ~]# ps -edfl|grep http.admin
0 S root 6891 6877 0 80 0 - 25826 pipe_w 20:01 pts/1
00:00:00 grep http.admin
[root@pfptnyc ~]# ps -edfl|grep dhcp
5 S root 6715 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6716 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6717 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6718 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6719 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6720 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6721 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6722 6707 0 80 0 - 140766 poll_s 19:54 ?
00:00:00 pfqueue - Queue:pfdhcplistener
5 S root 6733 1 0 80 0 - 142320 poll_s 19:54 ?
00:00:00 pfdhcplistener_eth1.480
5 S root 6739 1 0 80 0 - 142320 poll_s 19:54 ?
00:00:00 pfdhcplistener_eth1.490
5 S root 6743 1 0 80 0 - 142321 poll_s 19:54 ?
00:00:00 pfdhcplistener_eth1
5 S root 6759 1 0 80 0 - 22269 poll_s 19:55 ?
00:00:00 /usr/sbin/dhcpd -q -lf /usr/local/pf/var/dhcpd/dhcpd.leases
-cf /usr/local/pf/var/conf/dhcpd.conf -pf
/usr/local/pf/var/run/dhcpd.pid eth1.480 eth1.490
0 S root 6893 6877 0 80 0 - 25827 pipe_w 20:01 pts/1
00:00:00 grep dhcp
[root@pfptnyc ~]# service packetfence status
service|shouldBeStarted|pid
carbon-cache|1|6792
carbon-relay|1|6799
collectd|1|6802
dhcpd|1|6759
haproxy|0|0
httpd.aaa|1|6626
httpd.admin|1|6576
httpd.graphite|1|6829
httpd.portal|1|6746
httpd.proxy|0|0
httpd.webservices|1|6761
iptables|1|-1
keepalived|0|0
p0f|1|6785
pfbandwidthd|0|0
pfdetect||0
pfdhcplistener_eth1.480|1|6733
pfdhcplistener_eth1.490|1|6739
pfdhcplistener_eth1|1|6743
pfdns|1|6723
pfmon|1|6771
pfqueue|1|6707
pfsetvlan|0|0
radiusd-acct|1|6666
radiusd|1|6700
radsniff3|1|6826
redis_queue|1|6622
snmptrapd|0|0
snort|0|0
statsd|1|6817
suricata|0|0
[root@pfptnyc ~]#
[root@pfptnyc ~]# /usr/local/pf/bin/pfcmd service httpd.aaa restart
service|command
httpd.aaa|stop
httpd.admin|already started
Checking configuration sanity...
httpd.aaa|start
[root@pfptnyc ~]# /usr/local/pf/bin/pfcmd service dhcpd restart
service|command
dhcpd|stop
httpd.admin|already started
Checking configuration sanity...
dhcpd|start
[root@pfptnyc ~]#
[root@pfptnyc ~]#
[root@pfptnyc ~]#
Here it is.
Anthony
On Thursday, March 24, 2016 4:49 PM, Durand fabrice
<[email protected]> wrote:
Hi Antony,
This:
[Thu Mar 24 19:33:40 2016] [notice] caught SIGTERM, shutting down
mean that the httpd.aaa is not running.
so do and paste the result:
ps -edf|grep httpd.admin
ps -edf|grep dhcpd
service packetfence status
/usr/local/pf/bin/pfcmd service httpd.aaa restart
/usr/local/pf/bin/pfcmd service dhcpd restart
and also paste the content of packetfence.log (not the full one) when
you launch these command.
Fabrice
Le 2016-03-24 19:38, Blackman Anthony a écrit :
This is the only problem i find. dhcp registration an isolation
networks are defined.
httpd.aaa.error
[root@pfptnyc logs]# tail httpd.aaa.error
[Wed Mar 23 20:29:34 2016] [warn] RSA server certificate CommonName
(CN) `127.0.0.1' does NOT match server name!?
[Wed Mar 23 20:29:34 2016] [notice] Apache/2.2.15 (Unix)
mod_ssl/2.2.15 OpenSSL/1.0.1e-fips mod_perl/2.0.4 Perl/v5.10.1
configured -- resuming normal operations
[Thu Mar 24 12:20:28 2016] [warn] RSA server certificate CommonName
(CN) `127.0.0.1' does NOT match server name!?
[Thu Mar 24 12:20:31 2016] [warn] RSA server certificate CommonName
(CN) `127.0.0.1' does NOT match server name!?
[Thu Mar 24 12:20:31 2016] [notice] Apache/2.2.15 (Unix)
mod_ssl/2.2.15 OpenSSL/1.0.1e-fips mod_perl/2.0.4 Perl/v5.10.1
configured -- resuming normal operations
[Thu Mar 24 14:43:03 2016] [notice] caught SIGTERM, shutting down
[Thu Mar 24 14:43:54 2016] [warn] RSA server certificate CommonName
(CN) `127.0.0.1' does NOT match server name!?
[Thu Mar 24 14:43:57 2016] [warn] RSA server certificate CommonName
(CN) `127.0.0.1' does NOT match server name!?
[Thu Mar 24 14:43:57 2016] [notice] Apache/2.2.15 (Unix)
mod_ssl/2.2.15 OpenSSL/1.0.1e-fips mod_perl/2.0.4 Perl/v5.10.1
configured -- resuming normal operations
[Thu Mar 24 19:33:40 2016] [notice] caught SIGTERM, shutting down
[root@pfptnyc logs]#
rsa certificate name does not match.
Anthony
On Thursday, March 24, 2016 4:00 PM, Durand fabrice
<[email protected]> <mailto:[email protected]> wrote:
Hello Anthony,
first check that the httpd.aaa is running (rpc issue) and check the
dhcpd is running and the configuration
(/usr/local/pf/var/conf/dhcpd.conf) if your registration network is
there.
Regards
Fabrice
Le 2016-03-23 20:28, Blackman Anthony a écrit :
radius.log
Wed Mar 23 20:08:32 2016 : Info: rlm_sql_mysql: Starting connect to
MySQL server for #4
Wed Mar 23 20:08:32 2016 : Info: rlm_sql (pfsms): Connected new DB
handle, #4
Wed Mar 23 20:08:32 2016 : Info: Loaded virtual server
packetfence-tunnel
Wed Mar 23 20:08:32 2016 : Info: Loaded virtual server soh-server
Wed Mar 23 20:08:32 2016 : Info: Loaded virtual server
dynamic_client_server
Wed Mar 23 20:08:32 2016 : Info: Loaded virtual server packetfence
Wed Mar 23 20:08:32 2016 : Info: Ready to process requests.
Wed Mar 23 20:15:54 2016 : Auth: Login OK: [18a905cf0442] (from
client 10.10.10.10 port 50003 cli 18:a9:05:cf:04:42)
Wed Mar 23 20:15:54 2016 : Error: rlm_perl: An error occurred while
processing the authorize RPC request: An error occured while
processing the MessagePack request return code (0) at
/usr/local/pf/lib//pf/radius/rpc.pm line 47.
Wed Mar 23 20:16:18 2016 : Auth: Login OK: [18a905cf0442] (from
client 10.10.10.10 port 50003 cli 18:a9:05:cf:04:42)
Wed Mar 23 20:16:18 2016 : Error: rlm_perl: An error occurred while
processing the authorize RPC request: An error occured while
processing the MessagePack request return code (0) at
/usr/local/pf/lib//pf/radius/rpc.pm line 47.
W
pfdhcplistener.log
Mar 23 20:08:43 pfdhcplistener(2919) INFO: DHCP detector on eth1.490
enabled (main::)
Mar 23 20:08:43 pfdhcplistener(2919) INFO: Reload configuration on
eth1.490 with status 0 (main::reload_config)
Mar 23 20:08:46 pfdhcplistener(2923) INFO: pfdhcplistener_eth1
starting and writing 2923 to
/usr/local/pf/var/run/pfdhcplistener_eth1.pid
(pf::services::util::createpid)
Mar 23 20:08:46 pfdhcplistener(2923) WARN: Unable to open VLAN proc
description for eth1: No such file or directory
(pf::util::get_vlan_from_int)
M
When i rum Wireshark only see the pc requesting dhcp address. I see
no answer from dhcp. I see the accept radius packet to the radius
server no answer from radius.
Please help me resolve this problem.
Anthony.
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
