From: Fabrice Durand via PacketFence-users [mailto:[email protected]] Sent: 30 October 2017 13:07 To: [email protected] Cc: Fabrice Durand <[email protected]> Subject: Re: [PacketFence-users] Stuck on a packetfence implementation Hello John, i need a little bit of log. First radius log when the device connect: raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000 Then the packetfence.log. Regards Fabrice Le 2017-10-30 à 07:33, john--- via PacketFence-users a écrit : Good day everyone, I have an issue with an installation of Packetfence that I just cant seem to work out. Everything seems to run fine, the user gets a login prompt, uses active directory to successfully login (MAB as dot1x fails), on the switch gets added to the registration VLAN and on the laptop is assigned an ip address in the correct VLAN. However, the switch port remains in registration and never changes to the user VLAN, so cannot communicate. If anyone has some time to help me out with this, that would be fantastic John ---------------------------------------------------------------------------- -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ PacketFence-users mailing list [email protected] <mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x135) :: www.inverse.ca <http://www.inverse.ca> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
root@PacketFence-6_5_0 logs]# vi packetfence.log Oct 30 03:19:37 pfcmd.pl(20067) INFO: Daemon httpd.graphite took 0.246 seconds to start. (pf::services::manager::launchService) Oct 30 03:28:27 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] handling radius autz request: from switch_ip => (10.0.0.250), connection_type => WIRED_MAC_AUTH,switch_mac => (00:26:51:fd:af:02), mac => [28:18:78:fb:e2:1e], port => 10102, username => "281878fbe21e" (pf::radius::authorize) Oct 30 03:28:27 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] does not yet exist in database. Adding it now (pf::radius::authorize) Oct 30 03:28:28 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] Instantiate profile default (pf::Portal::ProfileFactory::_from_profile) Oct 30 03:28:29 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] is of status unreg; belongs into registration VLAN (pf::role::getRegistrationRole) Oct 30 03:28:29 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] (10.0.0.250) Added VLAN 302 to the returned RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept) Oct 30 03:34:54 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] handling radius autz request: from switch_ip => (10.0.0.250), connection_type => WIRED_MAC_AUTH,switch_mac => (00:26:51:fd:af:02), mac => [28:18:78:fb:e2:1e], port => 10102, username => "281878fbe21e" (pf::radius::authorize) Oct 30 03:34:54 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] Instantiate profile default (pf::Portal::ProfileFactory::_from_profile) Oct 30 03:34:54 httpd.aaa(25325) INFO: [mac:28:18:78:fb:e2:1e] is of status unreg; belongs into registration VLAN (pf::role::getRegistrationRole)
radius.log
Description: Binary data
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
