Hello Antoine, after using 'bin/pfcmd checkup', I see the following line in packetfence.log: Oct 07 02:34:19 pfcmd.pl(2179) INFO: Instantiate profile default (pf::Portal::ProfileFactory::_from_profile)
When the user authenticates, I don't see any messages related to "1:EthernetEAP&EAPTLS" in packetfence.log: Oct 07 02:39:57 httpd.aaa(1754) INFO: [mac:74:2b:62:6d:47:d4] handling radius autz request: from switch_ip => (172.20.10.118), connection_type => Ethernet-EAP,switch_mac => (54:4a:00:88:a8:01), mac => [74:2b:62:6d:47:d4], port => 10101, username => "D1527.dorsten.local" (pf::radius::authorize) Oct 07 02:39:57 httpd.aaa(1754) INFO: [mac:74:2b:62:6d:47:d4] Instantiate profile default (pf::Portal::ProfileFactory::_from_profile) Oct 07 02:39:58 httpd.aaa(1754) INFO: [mac:74:2b:62:6d:47:d4] is of status unreg; belongs into registration VLAN (pf::role::getRegistrationRole) Oct 07 02:39:58 httpd.aaa(1754) INFO: [mac:74:2b:62:6d:47:d4] (172.20.10.118) Added VLAN 11 to the returned RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept) Oct 07 02:40:00 httpd.aaa(1754) INFO: [mac:74:2b:62:6d:47:d4] Updating locationlog from accounting request (pf::api::handle_accounting_metadata) Oct 07 02:40:02 httpd.portal(2202) INFO: [mac:[undef]] Instantiate a new iptables modification method. pf::ipset (pf::inline::get_technique) Oct 07 02:40:02 httpd.portal(2037) INFO: [mac:[undef]] Instantiate a new iptables modification method. pf::ipset (pf::inline::get_technique) Oct 07 02:40:02 httpd.portal(2038) INFO: [mac:[undef]] Instantiate a new iptables modification method. pf::ipset (pf::inline::get_technique) I also tried to add the following rule, but it seems to have no effect: [2:EthernetEAP&EAPTLS] scope = NodeInfoForAutoReg role = default action = modify_node action_param = mac = $mac, status = reg, access_duration = 12H, role = default BTW does the absence of "EAP-Type => EAP-TLS" in packetfence.log means the EAP-Type is not "EAP-TLS"? Regards Stefan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
