Re: [PacketFence-users] Cisco 2960X Accounting Problems

[Truax, Peter via PacketFence-users]

Fabrice,

Thanks for writing back. I got it working using:

aaa accounting network default start-stop group packetfence
aaa accounting identity default start-stop group packetfence
aaa accounting dot1x default start-stop group packetfence

Regards,

Peter

From: Fabrice Durand via PacketFence-users 
[mailto:packetfence-users@lists.sourceforge.net]
Sent: Wednesday, April 18, 2018 5:21 AM
To: packetfence-users@lists.sourceforge.net
Cc: Fabrice Durand <fdur...@inverse.ca>
Subject: Re: [PacketFence-users] Cisco 2960X Accounting Problems


Hello Peter,

can you try to add :

aaa accounting dot1x default start-stop group packetfence
Regards
Fabrice
Le 2018-04-12 à 16:54, Truax, Peter via PacketFence-users a écrit :
Hello,

I am running PacketFence 7.4 and have a Cisco WS-C2960X-48-FPD-L configured 
according to the Admin Guide. Authenication, Dot1x, and MAB are all working 
normally. I am having trouble with is the online/offline column in Nodes just 
showing "unknown" for clients attached to this switch. Is there a way to get 
the switch to provide PacketFence with the accounting info to make this change 
to the proper setting?

The switch is set with the following global commands:

aaa new-model
aaa group server radius packetfence
server name netreg
aaa authentication login default local
aaa authentication dot1x default group packetfence
aaa authorization network default group packetfence
aaa accounting network default start-stop group packetfence
aaa server radius dynamic-author
client 10.0.1.44 server-key 7 08324D5C041000190604 port 3799
aaa session-id common
dot1x system-auth-control
radius server netreg
address ipv4 10.0.1.44 auth-port 1812 acct-port 1813
key 7 071C205E43001C0B031D


The following commands are set on each access interface

interface GigabitEthernet1/0/1
switchport access vlan 90
switchport mode access
authentication host-mode multi-domain
authentication order mab
authentication priority mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate 10800
authentication timer restart 10800
authentication violation replace
mab
dot1x pae authenticator
dot1x timeout quiet-period 2
dot1x timeout tx-period 1
spanning-tree portfast
!

Any help would be appreciated.

Thanks,

Peter Truax
Network Administrator
St. Martin's University
[cid:image001.png@01D3D6EB.60B96DE0]





------------------------------------------------------------------------------

Check out the vibrant tech community on one of the world's most

engaging tech sites, Slashdot.org! http://sdm.link/slashdot




_______________________________________________

PacketFence-users mailing list

PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>

https://lists.sourceforge.net/lists/listinfo/packetfence-users



--

Fabrice Durand

fdur...@inverse.ca<mailto:fdur...@inverse.ca> ::  +1.514.447.4918 (x135) ::  
www.inverse.ca<http://www.inverse.ca>

Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users