Re: [PacketFence-users] Migrating radius ldap (non AD) auth from 4.6 to 6.4

Tue, 17 Jan 2017 12:51:06 -0800 

Hello Denis,

where did you defined your ldap in Freeradius (packetfence /
packetfence-tunnel) and in which section ?

Also do you have the whole radius debug ?

Regards

Fabrice



Le 2017-01-17 à 11:57, denis a écrit :
> Hello,
>
> Sorry, but I have another question :
>
> My 4.6 setup is using ldap db for radius EAP auth ( mschapv2, nthash 
> passwords...).
>
>
> In 6.4, there were many changes in radius conf. I tried hard to figure 
> out how it works, not really easy as the documentation doesn't reflect 
> actual conf files layout, but now it looks good.
>
>
>
> Now my primary testing  is to verify if ldap connexion is working  :
>
> radtest denis.bonnenfant xxxxxx localhost:18120 12 testing123, but it 
> doesn't work :
>
> Received Access-Reject Id 255 from 127.0.0.1:18120 to 0.0.0.0:0 length 20
> (0) -: Expected Access-Accept got Access-Reject
>
> and in radius.log:
>
> Tue Jan 17 17:46:55 2017 : ERROR: (1) rest: ERROR: Server returned:
> Tue Jan 17 17:46:55 2017 : ERROR: (1) rest: ERROR: 
> {"reply:PacketFence-Authorization-Status":"allow","Reply-Message":"Switch 
> is not managed by PacketFence"}
>
> and in packetfence.log
>
> Jan 17 17:46:55 httpd.aaa(11301) ERROR: [mac:[undef]] WARNING ! Unknown 
> switch(es) 127.0.1.1 (pf::SwitchFactory::instantiate)
> Jan 17 17:46:55 httpd.aaa(11301) WARN: [mac:[undef]] Unknown switch 
> (127.0.1.1). This request will be failed. (pf::radius::switch_access)
>
> and in httpd.aaa.log :
>
> 127.0.0.1 - - [17/Jan/2017:17:46:55 +0100]  "127.0.0.1:7070" "POST 
> //radius/rest/authorize HTTP/1.1" 401 105 "-" "FreeRADIUS 3.0.13" 59237
> 127.0.0.1 - - [17/Jan/2017:17:48:16 +0100]  "-" "-" 408 - "-" "-" 114
>
> Did I missed something ?
>
>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

-- 
Fabrice Durand
[email protected] ::  +1.514.447.4918 (x135) ::  www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org) 


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to