Also have a look at the “[PacketFence-users] Ubiquiti UniFi AP Captive Portal”
thread for my steps taken.
Tim
Sent from mobile phone
> On Feb 1, 2018, at 10:17, David Harvey <da...@thoughtmachine.net> wrote:
>
> Many thanks for the tips. With your guidance I've been following the
> "Packetfence RADIUS and Unifi Out of Band" and am 90% of the way there.
> For anyone curious, please check in on that thread, as it's got more of the
> case history and steps outlined.
>
> Best,
>
> David
>
>> On Thu, Feb 1, 2018 at 1:39 AM, Timothy Mullican <tjmullic...@yahoo.com>
>> wrote:
>> David,
>> Your understanding is correct. Currently the UniFi only supports
>> deauthenticating a client using the controller API and not using CoA. It is
>> possible to enable RADIUS CoA for a single SSID and frequency, but this may
>> not be useful for you. This is because the UniFi runs a separate hostapd
>> instance for all of the different SSIDs and frequencies. See:
>> https://community.ubnt.com/t5/UniFi-Wireless/RADIUS-Interim-updates/m-p/1860205/highlight/true#M216003
>>
>> Sent from mobile phone
>>
>>> On Jan 31, 2018, at 17:46, Durand fabrice via PacketFence-users
>>> <packetfence-users@lists.sourceforge.net> wrote:
>>>
>>> Hello David,
>>>
>>> the unifi AP is not yet correctly supported, there is some code about that
>>> but you have to do some custom config on the Unifi controller.
>>> Have a look at the mailing list archive about unifi.
>>>
>>> Regards
>>> Fabrice
>>>
>>>> Le 2018-01-31 à 13:02, David Harvey via PacketFence-users a écrit :
>>>> I should also note. I've just changed our APs from switch type hostapd to
>>>> ubiquity::unify, added the controller IP (a docker image in my case), and
>>>> also attempted to add the webservices field as details in the
>>>> documentation:
>>>>
>>>> wsTransport=HTTPS
>>>> wsUser=admin
>>>> wsPwd=admin
>>>>
>>>>> On Wed, Jan 31, 2018 at 6:00 PM, David Harvey <da...@thoughtmachine.net>
>>>>> wrote:
>>>>> Hi packetfence users,
>>>>>
>>>>> I just wanted to confirm a feature (or my undertsnading of).
>>>>>
>>>>> I'm using unifi access points with great success for portal login paired
>>>>> with EAP-TLS.
>>>>>
>>>>> Unregistered clients with certs land on the registration VLAN, and then
>>>>> have their proper vlans assigned by the portal login.
>>>>> After the portal login has been performed the client needs the wifi
>>>>> toggling off and on at present to reauth and get put onto the correct
>>>>> VLAN. subsequent reconnects work fine...
>>>>>
>>>>> If I've read the archives correctly, the wifi down/up is required becuase
>>>>> CoA is not supported by unifi, nor does the controller allow RADIUS
>>>>> disconnect events to force a client to reauth.
>>>>> Have I understood correctly, and is there any other magic I could try in
>>>>> order to smooth the portal sign in experience?
>>>>>
>>>>> Thanks in advnce,
>>>>>
>>>>> David
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>
>>>>
>>>> _______________________________________________
>>>> PacketFence-users mailing list
>>>> PacketFence-users@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users