Hi Evan,
I didn't see what version of packetfence you were using. Have a look at
vlan filters, from the web interface under the main category -> filter
engines, or in /usr/local/pf/conf/vlan_filters.conf.
Here's two samples that are working in my test deployment. Basically in
addition to the vlan filters you will need to create a portal profile that
matches the criteria and maps it to an authentication source.
[etherneteap]
filter = connection_type
operator = is
value = Ethernet-EAP
[1:etherneteap]
scope = AutoRegister
role = default
[fccsecure]
filter = ssid
operator = is
value = fcc
[wifieap]
filter = connection_type
operator = is
value = Wireless-802.11-EAP
[2:fccsecure&wifieap]
scope = AutoRegister
role = default
Hope this helps.
-dustin
On Mon, Jun 20, 2016 at 9:50 AM, Evan Linwood <[email protected]>
wrote:
> Hello,
> I am wanting to register devices automatically upon 802.1x
> authentification, but can't get pf auto registration working.
>
> I've seen a few references to modifying /usr/local/pf/lib/pf/vlan/
> custom.pm and uncommenting the code for shouldAutoRegister, including a
> relatively recent link here:
>
> http://comments.gmane.org/gmane.comp.networking.packetfence.user/7561
>
> My first problem is that there is no 'vlan' folder in my pf installation
> under the /usr/local/pf/lib/pf folder.
>
> I've attempted to try my luck modifying the copies of custom.pm under the
> /usr/local/pf/lib/pf/role and /usr/local/pf/lib/pf/radius folders to
> include the code for shouldAutoRegister, but this hasn't worked.
>
> I have my switch configured in 'Registration' mode.
>
> 802.1x authentification itself is working fine, I'm getting the following
> pf radius audit messages:
>
> MAC Address xx:xx:xx:xx:xxxx
> Auth Status Accept
> Auth Type EAP
> Auto Registration no
> Calling Station ID xx:xx:xx:xx:xxxx
> Computer name iPhone
> EAP Type MS-CHAP-V2
> Event Type Radius-Access-Request
> IP Address
> Is a Phone no
> Node status unreg
> Domain
> Profile
> Realm default
> Reason
> Role
> Source
> Stripped User Name testuser
> User Name testuser
> Unique ID
>
>
> Any help is much appreciated - thanks Evan
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning
> reports. http://sdm.link/zohomanageengine
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
