Ok so I ended up fixing my radius issue by copying over radius.conf.example
into my radius.conf file. Radius now starts and clients seem to be
authenticating. My problem now is that my clients get a self assign IP.
What is the best way to troubleshoot this? When I connect to my AP, the
packetfence log shows this:
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:68:a8:6d:40:51:de] Instantiate
profile default (pf::Portal::ProfileFactory::_from_profile)
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:68:a8:6d:40:51:de] Match rule
1:staffwireless (pf::access_filter::test)
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:68:a8:6d:40:51:de] autoregister
a node that is already registered, do nothing. (pf::node::node_register)
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:68:a8:6d:40:51:de] Connection
type is WIRELESS_MAC_AUTH. Getting role from node_info
(pf::role::getRegisteredRole)
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:68:a8:6d:40:51:de] Username was
defined "68a86d4051de" - returning role 'Staff'
(pf::role::getRegisteredRole)
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:68:a8:6d:40:51:de] PID:
"default", Status: reg Returned VLAN: (undefined), Role: Staff
(pf::role::fetchRoleForNode)
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:68:a8:6d:40:51:de] (10.128.4.16)
Added VLAN 210 to the returned RADIUS Access-Accept
(pf::Switch::returnRadiusAccessAccept)
Jan 30 10:33:49 httpd.aaa(3246) INFO: [mac:00:26:08:fa:35:f7] Updating
locationlog from accounting request (pf::api::handle_accounting_metadata)
I am concerned with this: "Returned VLAN: (undefined)," Is that the right
behavior? I see that it sends the correct vlan on the next line though.
On Mon, Jan 30, 2017 at 9:18 AM, Chris Abel <[email protected]>
wrote:
> I've copied the raddb folder from the source of packetfence. This is what
> I get now:
>
> root@packetfence:/usr/local/pf# freeradius -X -d raddb/ -n auth
> FreeRADIUS Version 3.0.13
> Starting - reading configuration files ...
> including dictionary file /usr/share/freeradius/dictionary
> including dictionary file /usr/share/freeradius/dictionary.dhcp
> including dictionary file /usr/share/freeradius/dictionary.vqp
> including dictionary file raddb//dictionary
> including configuration file raddb//auth.conf
> including configuration file raddb//radiusd.conf
> including configuration file raddb//proxy.conf
> including configuration file raddb//proxy.conf.inc
> including configuration file raddb//clients.conf
> including configuration file raddb//clients.conf.inc
> including files in directory raddb//modules/
> raddb//radiusd.conf[90]: Failed reading directory raddb//modules/: No such
> file or directory
> Errors reading or parsing raddb//auth.conf
>
> There is no modules directory in raddb on my server or in the source of
> packetfence.
>
> On Mon, Jan 30, 2017 at 8:59 AM, Chris Abel <[email protected]>
> wrote:
>
>> Hi Antoine,
>>
>> The command is also not found in /usr/local/pf. I'm using debian so I'm
>> not sure if that makes a difference.
>>
>> I can use the freeradius command though. This is what I get:
>>
>> root@packetfence:/usr/local/pf# freeradius -X -d raddb/ -n auth
>>
>> FreeRADIUS Version 3.0.13
>>
>> Starting - reading configuration files ...
>>
>> including dictionary file /usr/share/freeradius/dictionary
>>
>> including dictionary file /usr/share/freeradius/dictionary.dhcp
>>
>> including dictionary file /usr/share/freeradius/dictionary.vqp
>>
>> including dictionary file raddb//dictionary
>>
>> including configuration file raddb//auth.conf
>>
>> including configuration file raddb//radiusd.conf
>>
>> including configuration file raddb//proxy.conf
>>
>> Unable to open file "raddb//proxy.conf": No such file or directory
>>
>> Errors reading or parsing raddb//auth.conf
>>
>> On Mon, Jan 30, 2017 at 8:53 AM, Antoine Amacher <[email protected]>
>> wrote:
>>
>>> Hello Chris,
>>>
>>> Try the following from /usr/local/pf
>>>
>>> radiusd -X -d raddb/ -n auth
>>>
>>> thanks
>>>
>>> On 01/29/2017 08:44 PM, Chris Abel wrote:
>>>
>>> Also, nothing appears in radius.log
>>>
>>> On Sun, Jan 29, 2017 at 8:42 PM, Chris Abel <[email protected]>
>>> wrote:
>>>
>>>> I'm having a really hard time after my packetfence upgrade. I can't
>>>> seem to get radius to start. When I try "service packetfence start" I get
>>>> this:
>>>>
>>>> radiusd-acct|not started
>>>>
>>>> radiusd|not started
>>>>
>>>>
>>>> packetfence.log reports this:
>>>>
>>>> Jan 29 20:38:06 pfcmd.pl(5346) INFO: Daemon radiusd-acct took 0.039
>>>> seconds to start. (pf::services::manager::launchService)
>>>>
>>>> Jan 29 20:38:06 pfcmd.pl(5346) INFO: Daemon radiusd took 0.039 seconds
>>>> to start. (pf::services::manager::launchService)
>>>>
>>>>
>>>> I tried running "radius -X" but I get command not found.
>>>>
>>>>
>>>> I'm not sure where to go from here, but I need to try to get this
>>>> working ASAP.
>>>>
>>>> Thanks for any help you can provide.
>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> Chris Abel
>>> Systems and Network Administrator
>>> Wildwood Programs
>>> 2995 Curry Road Extension
>>> Schenectady, NY 12303
>>> 518-836-2341 <(518)%20836-2341>
>>>
>>>
>>> IMPORTANT NOTICE: This message and any attachments are solely for the
>>> intended recipient and may contain confidential information, which is, or
>>> may be, legally privileged or otherwise protected by law from further
>>> disclosure. If you are not the intended recipient, any disclosure, copying,
>>> use, or distribution of the information included in this email and any
>>> attachments is prohibited. If you have received this communication in
>>> error, please notify the sender by reply email and immediately and
>>> permanently delete this email and any attachments.
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>>>
>>>
>>>
>>> _______________________________________________
>>> PacketFence-users mailing
>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>> --
>>> Antoine [email protected] :: www.inverse.ca +1.514.447.4918 x130
>>> <(514)%20447-4918> :: +1 (866) 353-6153 x130 <(866)%20353-6153>
>>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
>>> (www.packetfence.org)
>>>
>>>
>>> ------------------------------------------------------------
>>> ------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>>
>>
>>
>> --
>> Chris Abel
>> Systems and Network Administrator
>> Wildwood Programs
>> 2995 Curry Road Extension
>> Schenectady, NY 12303
>> 518-836-2341 <(518)%20836-2341>
>>
>
>
>
> --
> Chris Abel
> Systems and Network Administrator
> Wildwood Programs
> 2995 Curry Road Extension
> Schenectady, NY 12303
> 518-836-2341 <(518)%20836-2341>
>
--
Chris Abel
Systems and Network Administrator
Wildwood Programs
2995 Curry Road Extension
Schenectady, NY 12303
518-836-2341
--
IMPORTANT NOTICE: This message and any attachments are solely for the
intended recipient and may contain confidential information, which is, or
may be, legally privileged or otherwise protected by law from further
disclosure. If you are not the intended recipient, any disclosure, copying,
use, or distribution of the information included in this email and any
attachments is prohibited. If you have received this communication in
error, please notify the sender by reply email and immediately and
permanently delete this email and any attachments.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
