Hello Sadik,
so 3 mistakes in your setup.
Pre-Auth-For-WebRedirect is an trigger to force the device to reach to
captive portal so change it to be close than we define in the doc
(https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_wireless_lan_controller_wlc_web_auth).
Next NAC state to enabled (Advanced section).
Enable web authentication in the switch config (pf switch config where
you define the switch type).
Regards
Fabrice
Le 2017-01-25 à 04:16, Sadiq Hussein a écrit :
Dear Antoine,
Thank your for your response.
Q1 on interface, in my case where i just want captive portal for
authentication of guest users,- how many interfaces should have or
configure.?
At the moment I have only management interface with Listening Daemon
as portal
Also i have followed your instruction on the email but I could not
not connect to SSID|(Traning) nor redirected to captive portal
This how i have configure the packet-fence
>The interface are
I have management IP 10.68.24.15
with listening Daemon - portal
Captive portal IP is 10.68.24.15
On portal Profile Menu am using default with sources Null and Sponsor
On Switches i have Added the Cisco WLC Controller IP
> on roles I have added configuration as instructed on Network
documentation
Role by web Auth URL added captive portal IP (10.68.24.15)
Role by Switch Role (attached screen shot)
> The i configured the Radius secret passphrase(the same was used in
Cisco WLC)
> On roles and Source I did not change anything
is there anything to do in case of my setup?
Also I am cannot on web admin GUI guest Self -registration menu
I have attached some screen shot to show the setting i entered on both
packetfence and WLC Cisco.
Also below is text if radius audit entry on laptop that did not connected
ser-Name = "d8:fc:93:d7:98:12"
User-Password = "X\2565j+\221\r\343X\020\2374\005j\363\353"
NAS-IP-Address = 10.11.69.253
NAS-Port = 1
Service-Type = Call-Check
Framed-MTU = 1300
Called-Station-Id = "bc:f1:f2:cf:a5:40:TRAINING"
Calling-Station-Id = "d8:fc:93:d7:98:12"
NAS-Identifier = "WFPWLAN_CTLR"
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "9"
Event-Timestamp = "Jan 25 2017 10:13:21 EAT"
Airespace-Wlan-Id = 1
Stripped-User-Name = "d8:fc:93:d7:98:12"
Realm = "null"
FreeRADIUS-Client-IP-Address = 10.11.69.253
Called-Station-SSID = "TRAINING"
SQL-User-Name = "d8:fc:93:d7:98:12"
RADIUS Reply Airespace-ACL-Name = "Pre-Auth-For-WebRedirect"
PacketFence-Authorization-Status = "allow"
Thanks
Regards
Sadiq
On Tue, Jan 24, 2017 at 7:01 PM, Antoine Amacher <[email protected]
<mailto:[email protected]>> wrote:
Hello,
/Question 1 - for captive configuration do i need to enable
enforcement and vlan, and if so which option do i choose/
The captive portal will be available no matter which enforcement
you chose, VLAN, Inline or WebAuth.
/Q1 who many interface are suppose to created and they be on same
network/
Please clarify.
/Q Can captive portal be on the same network as management IP and
if so i do i configure that./
Using WebAuth for instance, you need to enable portal on the
management interface. Configuration -> Network -> Interfaces and
Network -> click on your interface, Additionnal listening
daemon(s) -> Portal
/Q4 What configuration should have on WLC /
https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_cisco_2
<https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_cisco_2>
if using WebAuth:
https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_wireless_lan_controller_wlc_web_auth
<https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_wireless_lan_controller_wlc_web_auth>
/Q 4 What configuration should have to guest authenticated
through sponsor email or local user/
https://packetfence.org/doc/PacketFence_Administration_Guide.html#_guests_management
<https://packetfence.org/doc/PacketFence_Administration_Guide.html#_guests_management>
Thanks
On 01/24/2017 10:36 AM, Sadiq Hussein wrote:
Dear Colleague
I am new in PacketFence 6.4 i want use with Cisco WLC 5500 to
manage guest user through captive portal.
I hve go through the Admin and Network documentation to try and
configure PacketFence but nothing seem to work.
Question 1 - for captive configuration do i need to enable
enforcement and vlan, and if so which option do i choose
Q1 who many interface are suppose to created and they be on same
network
Q Can captive portal be on the same network as management IP and
if so i do i configure that.
Q4 What configuration should have on WLC
Q 4 What configuration should have to guest authenticated
through sponsor email or local user
Please assist
Regards
Sadiq Hussein
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org!http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
--
Antoine Amacher
[email protected] <mailto:[email protected]> ::www.inverse.ca <http://www.inverse.ca>
+1.514.447.4918 x130 <tel:%28514%29%20447-4918> ::+1 (866) 353-6153 x130 <tel:%28866%29%20353-6153>
Inverse inc. :: Leaders behind SOGo (www.sogo.nu <http://www.sogo.nu>) and
PacketFence (www.packetfence.org <http://www.packetfence.org>)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ PacketFence-users
mailing list [email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
