Hello people,
I have ZEN 6.0.1 installed and I am currently testing.
I don’t want people on the network to get to the portal for registration. So, I
have setup a config to auto register anyone that can authenticate on AD.
Besides that, I will setup printers and other devices to auto register via MAC.
My setup is working properly for wired workstation (although they
re-authenticate every minute and I can’t get rid of it).
But for wireless, I have WPA2 Enterprise on unifi and PF doesn’t seem to apply
the rule.
Thank you.
[etherneteap]
filter = connection_type
operator = is
value = Ethernet-EAP
[reg:etherneteap]
scope = AutoRegister
role = default
[wetherneteap]
filter = connection_type
operator = is
value = Wireless-802.11-EAP
[reg:wetherneteap]
scope = AutoRegister
role = default
You can see it’s the same rule but LOG says:
For wireless
May 24 12:21:36 httpd.aaa(14492) DEBUG: [mac:c0:f2:fb:b4:d7:04] instantiating
new pf::access_filter::vlan (pf::access_filter::new)
May 24 12:21:36 httpd.aaa(14492) DEBUG: [mac:c0:f2:fb:b4:d7:04] No rule matched
for scope AutoRegister (pf::access_filter::test)
For wired
May 24 12:24:54 httpd.aaa(14492) DEBUG: [mac:e8:40:f2:3a:b1:77] instantiating
new pf::access_filter::vlan (pf::access_filter::new)
May 24 12:24:54 httpd.aaa(14492) INFO: [mac:e8:40:f2:3a:b1:77] Match rule
reg:etherneteap (pf::access_filter::test)
May 24 12:24:54 httpd.aaa(14492) INFO: [mac:e8:40:f2:3a:b1:77] Instantiate
profile default (pf::Portal::ProfileFactory::_from_profile)
May 24 12:24:54 httpd.aaa(14492) DEBUG: [mac:e8:40:f2:3a:b1:77] instantiating
new pf::Portal::Profile object (pf::Portal::Profile::new)
May 24 12:24:54 httpd.aaa(14492) DEBUG: [mac:e8:40:f2:3a:b1:77] instantiating
new pf::access_filter::vlan (pf::access_filter::new)
May 24 12:24:54 httpd.aaa(14492) DEBUG: [mac:e8:40:f2:3a:b1:77] No engine found
for NodeInfoForAutoReg (pf::access_filter::test)
JAN-PATRICK PÉRISSÉ
Diretor técnico
www.aeon.com.br <http://www.aeon.com.br/> +55 21 2705-3139
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
