Hi all,
I installed PF V7.2.0 in centos in my environment. PF is in trunk mode,
registration vlan 2 with ip 192.168.2.0/24, violation vlan 3 with ip
192.168.3.0, both controlled by PF. The switch ip is 172.30.1.254 and Aruba AC
ip is 172.30.1.250. I create two ssid "pf-public" and "pf-secure".
For ssid "pf-public":I want to connect to "pf-public" with mab mode and then
redirect to web portal to finish radius auth.
For ssid "pf-secure"I want to connect to "pf-secure" with 802.1x auth directly
and use PF local credentials as I don't have external radius server or AD.
I configured the Aruba AC as network devices' guide told but can't finish
802.1x auth and mab+802.1x web auth.
I don't have AD in current environment and I want to auth with PF local user
but it seems it didn't work.
Is anyone tried this and met the same error ?
#tail -f packetfence.log
Sep 8 14:45:06 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:78:4f:43:8a:6d:fc] handling radius autz request: from switch_ip =>
(172.30.1.250), connection_type => Wireless-802.11-NoEAP,switch_mac =>
(00:0b:86:b7:78:6f), mac => [78:4f:43:8a:6d:fc], port => 0, username =>
"78-4f-43-8a-6d-fc", ssid => pf-public (pf::radius::authorize)
Sep 8 14:45:06 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:78:4f:43:8a:6d:fc] Instantiate profile mac-auth
(pf::Connection::ProfileFactory::_from_profile)
Sep 8 14:45:06 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:78:4f:43:8a:6d:fc] is of status unreg; belongs into registration VLAN
(pf::role::getRegistrationRole)
Sep 8 14:45:06 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:78:4f:43:8a:6d:fc] (172.30.1.250) Added role registration to the returned
RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept)
Sep 8 14:45:09 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:64:b0:a6:d3:24:bd] Updating locationlog from accounting request
(pf::api::handle_accounting_metadata)
Sep 8 14:51:05 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:64:b0:a6:d3:24:bd] handling radius autz request: from switch_ip =>
(172.30.1.250), connection_type => Wireless-802.11-NoEAP,switch_mac =>
(00:0b:86:b7:78:6f), mac => [64:b0:a6:d3:24:bd], port => 0, username =>
"64-b0-a6-d3-24-bd", ssid => pf-secure (pf::radius::authorize)
Sep 8 14:51:05 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:64:b0:a6:d3:24:bd] Instantiate profile 802.1x
(pf::Connection::ProfileFactory::_from_profile)
Sep 8 14:51:05 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:64:b0:a6:d3:24:bd] is of status unreg; belongs into registration VLAN
(pf::role::getRegistrationRole)
Sep 8 14:51:05 bogon packetfence_httpd.aaa: httpd.aaa(10216) INFO:
[mac:64:b0:a6:d3:24:bd] (172.30.1.250) Added role registration to the returned
RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
