Hi guys,
I've been struggling for a couple of days with this setup, but I haven't been
able to make work, the PCs will not connect WiFi.
- Packetfence server successfully joined my AD domain.- I have followed the
Microsoft PKI (MSPKI) Quick Installation Guide + Network Devices
Configuration Guide.- Imported the root CA + server certificate on my test PCs
with Windows 10.
Here is my config:
switch.conf
[group
Cisco_vWLC]RoleMap=Nmode=productionAD01Vlan=170useCoA=YVoIPCDPDetect=NdeauthMethod=RADIUSVoIPDHCPDetect=NAccessListMap=Ndescription=Cisco
Wireless
Controllertype=Cisco::WLCVoIPLLDPDetect=NisolationVlan=360radiusSecret=StrongRadiusUrlMap=NregistrationVlan=260
eap.conf
eap {private_key_file =
%%install_dir%%/conf/ssl/tls_certs/server.keycertificate_file =
%%install_dir%%/conf/ssl/tls_certs/server.pemca_file =
%%install_dir%%/conf/ssl/tls_certs/caroot.pem
ocsp {url = "http://packetfence.intranet.local/ocsp";
radius.log
Tue Aug 9 15:28:55 2016 : ERROR: (193) mschap: ERROR: Program returned code
(1) and output 'Reading winbind reply failed! (0xc0000001)'Tue Aug 9 15:28:55
2016 : Auth: (193) Login incorrect (mschap: Program returned code (1) and
output 'Reading winbind reply failed! (0xc0000001)'):
[host/PC0001.INTRANET.local] (from client 192.168.1.28 port 1 cli
f8:16:54:1a:14:13 via TLS tunnel)Tue Aug 9 15:28:55 2016 : Info: rlm_sql
(sql): Closing connection (253): Hit idle_timeout, was idle for 101 secondsTue
Aug 9 15:28:55 2016 : Info: rlm_sql (sql): Closing connection (254): Hit
idle_timeout, was idle for 101 secondsTue Aug 9 15:28:55 2016 : Info: rlm_sql
(sql): Opening additional connection (255), 1 of 64 pending slots usedTue Aug
9 15:28:55 2016 : Info: rlm_sql (sql): Need 2 more connections to reach 10
sparesTue Aug 9 15:28:55 2016 : Info: rlm_sql (sql): Opening additional
connection (256), 1 of 63 pending slots usedTue Aug 9 15:28:55 2016 : Info:
(194) eap_peap: The users session was previously rejected: returning reject
(again.)Tue Aug 9 15:28:55 2016 : Info: (194) eap_peap: This means you need
to read the PREVIOUS messages in the debug outputTue Aug 9 15:28:55 2016 :
Info: (194) eap_peap: to find out the reason why the user was rejectedTue Aug
9 15:28:55 2016 : Info: (194) eap_peap: Look for "reject" or "fail". Those
earlier messages will tell youTue Aug 9 15:28:55 2016 : Info: (194) eap_peap:
what went wrong, and how to fix the problemTue Aug 9 15:28:55 2016 : Auth:
(194) Login incorrect (eap: Failed continuing EAP PEAP (25) session. EAP
sub-module failed): [host/PC0001.INTRANET.local] (from client 192.168.1.28 port
1 cli f8:16:54:1a:14:13)Tue Aug 9 15:28:55 2016 : [mac:f8:16:54:1a:14:13]
Rejected user: host/PC0001.INTRANET.localTue Aug 9 15:29:02 2016 : ERROR:
(203) mschap: ERROR: Program returned code (1) and output 'Reading winbind
reply failed! (0xc0000001)'Tue Aug 9 15:29:02 2016 : Auth: (203) Login
incorrect (mschap: Program returned code (1) and output 'Reading winbind reply
failed! (0xc0000001)'): [INTRANET\user1] (from client 192.168.1.28 port 1 cli
f8:16:54:1a:14:13 via TLS tunnel)Tue Aug 9 15:29:02 2016 : Info: rlm_sql
(sql): Need 1 more connections to reach 10 sparesTue Aug 9 15:29:02 2016 :
Info: rlm_sql (sql): Opening additional connection (257), 1 of 62 pending slots
usedTue Aug 9 15:29:02 2016 : Info: (204) eap_peap: The users session was
previously rejected: returning reject (again.)Tue Aug 9 15:29:02 2016 : Info:
(204) eap_peap: This means you need to read the PREVIOUS messages in the
debug outputTue Aug 9 15:29:02 2016 : Info: (204) eap_peap: to find out the
reason why the user was rejectedTue Aug 9 15:29:02 2016 : Info: (204)
eap_peap: Look for "reject" or "fail". Those earlier messages will tell
youTue Aug 9 15:29:02 2016 : Info: (204) eap_peap: what went wrong, and how
to fix the problemTue Aug 9 15:29:02 2016 : Auth: (204) Login incorrect (eap:
Failed continuing EAP PEAP (25) session. EAP sub-module failed):
[INTRANET\user1] (from client 192.168.1.28 port 1 cli f8:16:54:1a:14:13)Tue Aug
9 15:29:02 2016 : [mac:f8:16:54:1a:14:13] Rejected user: INTRANET\\user1
Thank you for your help,Vianney
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity
planning reports. http://sdm.link/zohodev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
