Hello Derek,
it looks that the per library has been updated and is not still
compatible with the packetfence code.
You can try to use the Transport and personality parameter when it use
Net::Appliance::Session there
https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/Meru.pm#L158
.
http://search.cpan.org/~oliver/Net-Appliance-Session-4.300001/lib/Net/Appliance/Session.pm
Regards
Fabrice
Le 2018-02-13 à 14:34, Derek Brabrook via PacketFence-users a écrit :
We run a Meru 3200 controller (software Version 5.1-75), I have
Packetfence (7.4) running from
an ESXi VM on a trunked connection on a Debian Jessie flavour of linux
and everything seems to be working.
except for de-association via telnet or ssh on the Meru, every time it
attempts to de-associate via telnet or ssh
it throws this in
/usr/local/pf/logs/packetfence.log
Feb 10 17:15:58 packet pfqueue: pfqueue(14065) INFO:
[mac:d0:df:9a:66:af:d4] [d0:df:9a:66:af:d4] DesAssociating mac on
switch (10.11.60.2) (pf::api::desAssociate)
Feb 10 17:15:58 packet pfqueue: pfqueue(14065) ERROR:
[mac:d0:df:9a:66:af:d4] Unable to connect to 10.11.60.2 using SSH.
Failed with Missing required arguments: personality, transport at
(eval 1979) line 75.
(pf::Switch::Meru::deauthenticateMacDefault)
or
Feb 8 16:11:12 packet pfqueue: pfqueue(7868) ERROR:
[mac:d0:df:9a:66:af:d4] Unable to connect to 10.11.60.2 using Telnet.
Failed with Missing required arguments: personality, transport at
(eval 2035) line 75.
I've tried all combinations in the Switches settings from SNMP to
Telnet and SSH ....I've even logged into the packetfence server
su'd to the packetfence user and initiated an SSH connection to the
Meru to accept the keys, but always the same error in packetfence.log
functionally it works if you connect to the wifi then register on the
portal, then turn off your wifi, turn back on and connect to the same SSID
it puts you in the right VLAN and everything works as it should, it
just won't de-associate on the Meru with ssh or telnet.....
I'm aware of the PMK caching issues, our version allows you to turn
off PMK caching, and I'm aware that Meru doesn't pass the SSID with
the radius
request on an open wifi and only supports CLI de-association via
telnet or SSH, but I've run out of steam on this one I cannot see how
I can get it to de-associate
if it won't connect to the Meru CLI.
the user I've created on the Meru has level 15 access so it doesn't
need elevated privs on the meru but it never gets that far
switches.conf
[10.11.60.2]
registrationVlan=10
defaultVlan=40
isolationVlan=20
description=Meru
radiusSecret=redacted
deauthMethod=Telnet
cliUser=pf
cliPwd=redacted
cliEnablePwd=redacted
guestVlan=248
VoIPLLDPDetect=N
controllerIp=10.11.60.2
cliAccess=Y
VoIPCDPDetect=N
ExternalPortalEnforcement=Y
VoIPDHCPDetect=N
macDetectionVlan=232
type=Meru::MC
Am I missing something glaringly obvious here ? Any help appreciated
Regards
Derek
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
