Excuse repeat post I've added log data from packetfence.log on SSH failure as
well
First email to this list, so excuse if my netiquette isn't up to muster.
We run a Meru 3200 controller (software Version 5.1-75), I have Packetfence
(7.4) running from
an ESXi VM on a trunked connection on a Debian Jessie flavour of linux and
everything seems to be working.
except for de-association via telnet or ssh on the Meru, every time it attempts
to de-associate via telnet or ssh
it throws this in
/usr/local/pf/logs/packetfence.log
Feb 10 17:15:58 packet pfqueue: pfqueue(14065) INFO: [mac:d0:df:9a:66:af:d4]
[d0:df:9a:66:af:d4] DesAssociating mac on switch (10.11.60.2)
(pf::api::desAssociate)
Feb 10 17:15:58 packet pfqueue: pfqueue(14065) ERROR: [mac:d0:df:9a:66:af:d4]
Unable to connect to 10.11.60.2 using SSH. Failed with Missing required
arguments: personality, transport at (eval 1979) line 75.
(pf::Switch::Meru::deauthenticateMacDefault)
Feb 8 16:11:12 packet pfqueue: pfqueue(7868) ERROR: [mac:d0:df:9a:66:af:d4]
Unable to connect to 10.11.60.2 using Telnet.
Failed with Missing required arguments: personality, transport at (eval 2035)
line 75.
I've tried all combinations in the Switches settings from SNMP to Telnet and
SSH ....I've even logged into the packetfence server
su'd to the packetfence user and initiated an SSH connection to the Meru to
accept the keys, but always the same error in packetfence.log
functionally it works if you connect to the wifi then register on the portal,
then turn off your wifi, turn back on and connect to the same SSID
it puts you in the right VLAN and everything works as it should, it just won't
de-associate on the Meru
I'm aware of the PMK caching issues, our version allows you to turn off PMK
caching, and I'm aware that Meru doesn't pass the SSID with the radius
request and only supports CLI de-association via telnet or SSH, but I've run
out of steam on this one I cannot see how I can get it to de-associate
if it won't connect to the Meru CLI.
the user I've created on the Meru has level 15 access so it doesn't need
elevated privs on the meru once logged in it's God on the Meru
switches.conf
[10.11.60.2]
registrationVlan=10
defaultVlan=40
isolationVlan=20
description=Meru
radiusSecret=redacted
deauthMethod=Telnet
cliUser=pf
cliPwd=redacted
cliEnablePwd=redacted
guestVlan=248
VoIPLLDPDetect=N
controllerIp=10.11.60.2
cliAccess=Y
VoIPCDPDetect=N
ExternalPortalEnforcement=Y
VoIPDHCPDetect=N
macDetectionVlan=232
type=Meru::MC
Am I missing something glaringly obvious here ? Any help appreciated
Regards
Derek
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
