Hi Fabrice,
your solution works well. Thanks for your answer.
Regards
Tobias
Von: Fabrice Durand via PacketFence-users
<[email protected]>
Gesendet: Freitag, 8. Juni 2018 14:44
An: [email protected]
Cc: Fabrice Durand <[email protected]>
Betreff: Re: [PacketFence-users] Switch CLI Access
Hello Tobias,
bte we don't have all the switches supported in PacketFence to be able to test
if the CLI access is wroking.
But if you tell me that the generic switch works with CLI access then you can
try to add that in the H3C.pm file:
=item returnAuthorizeWrite
Return a generic accept without any attributes for this module
=cut
sub returnAuthorizeWrite {
my ($self, $args) = @_;
my $logger = $self->logger;
my $radius_reply_ref;
my $status;
$radius_reply_ref->{'Reply-Message'} = "Switch enable access granted by
PacketFence";
$logger->info("User $args->{'user_name'} logged in $args->{'switch'}{'_id'}
with write access");
my $filter = pf::access_filter::radius->new;
my $rule = $filter->test('returnAuthorizeWrite', $args);
($radius_reply_ref, $status) =
$filter->handleAnswerInRule($rule,$args,$radius_reply_ref);
return [$status, %$radius_reply_ref];
}
=item returnAuthorizeRead
Return a generic accept without any attributes for this module
=cut
sub returnAuthorizeRead {
my ($self, $args) = @_;
my $logger = $self->logger;
my $radius_reply_ref;
my $status;
$radius_reply_ref->{'Reply-Message'} = "Switch read access granted by
PacketFence";
$logger->info("User $args->{'user_name'} logged in $args->{'switch'}{'_id'}
with read access");
my $filter = pf::access_filter::radius->new;
my $rule = $filter->test('returnAuthorizeRead', $args);
($radius_reply_ref, $status) =
$filter->handleAnswerInRule($rule,$args,$radius_reply_ref);
return [$status, %$radius_reply_ref];
}
Regards
Fabrice
Le 2018-06-07 à 07:03, Meiser Tobias via PacketFence-users a écrit :
Hello Fabrice,
we are using H3C::S5120 as Switch Type. When I try to logon via CLI the Radius
replies: Module-Failure-Message = "rest:
{\"control:PacketFence-Authorization-Status\":\"allow\",\"Reply-Message\":\"PacketFence
does not support this switch for read/write access login\"}
When I change switch type to "Generic" the switch login works as expected. Is
there a list of switches which are supported for cli access ?
Best Regards
Tobias
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected]<mailto:[email protected]> :: +1.514.447.4918 (x135) ::
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
