Thanks Fabrice, let me clear my goals first. i'm still confuse which file i
must to configure packetfence-tunnel or eduroam file in sites-available.
my packetfence will be act as manage eduroam user so i will use port 11812
in my access point.
here's my step how i configure my eduroam in packetfence.
1. setting my local REALM.
2. configure exclusive source eduroam, add my local realm at step 1. then
create authentication rules "catch all" role default access duration 12
hours.
3. add switch configuration
4. configure ldap module in freeradius
5. configure file packetfence-tunnel ? or eduroam ?
6. restart freeradius and iptables
in step 5 im still confuse if i'm using 11812 so i must configure eduroam
file or still packetfence-tunnel ?
On Wed, May 23, 2018 at 10:55 PM, Fabrice Durand via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:
> If it's a server for eduroam (like the eduroam servers use this server for
> your domain) then 1812, if it's to manage eduroam user how connect on a
> eduroam ssid then 11812.
>
>
> Also what you can do in packetfence-tunnel
>
>
> # The ldap module reads passwords from the LDAP database.
> ldap
> if (ok) {
> update control {
> &MS-CHAP-Use-NTLM-Auth := No
> }
> }
>
> Regards
>
> Fabrice
>
>
>
>
> Le 2018-05-23 à 11:38, jabang konate via PacketFence-users a écrit :
>
> thanks for your reply fabrice.
> here i attach my packetfence-tunnel file.
>
> and which port should i use for my access point 1812 or 11812 in radius
> configuration for eduroam?
> thank you
>
> On Wed, May 23, 2018 at 7:33 PM, Fabrice Durand via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello Jabang,
>>
>> can you paste your packetfence-tunnel file ?
>> Regards
>>
>> Fabrice
>>
>>
>>
>> Le 2018-05-23 à 04:08, jabang konate via PacketFence-users a écrit :
>>
>> my packetfence server version is 8.0.1 and i want to configure
>> packetfence as an eduroam server with openldap as user database,
>> then i look into documentation eduroam section from packetfence and EAP
>> Authentication against OpenLDAP.
>>
>> when im try to login with my laptop, i always get access reject.
>>
>> from log i see i can connect with my ldap server, then i see error like
>> this
>> (7) Wed May 23 14:32:55 2018: ERROR: mschap: Program returned code (1)
>> and output 'Reading winbind reply failed! (0xc0000001)'
>> (7) Wed May 23 14:32:55 2018: Debug: mschap: External script failed
>> (7) Wed May 23 14:32:55 2018: ERROR: mschap: External script says:
>> Reading winbind reply failed! (0xc0000001)
>>
>> is it the root cause why i alwayas get access reject?
>> then i check winbindd service is not running, but i cant start winbindd
>> service
>> (Service 'winbindd' is not managed by PacketFence. Therefore, no action
>> will be performed)
>>
>> attach my radius log.
>> please give me some advice.
>> thank you
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>
>>
>>
>> _______________________________________________
>> PacketFence-users mailing
>> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>>
>> ------------------------------------------------------------
>> ------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
>
> _______________________________________________
> PacketFence-users mailing
> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
> --
> Fabrice durandfdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
