Hello Johan,
in the code PacketFence need to have a snmp access to resolve the
ifindex of the port.
(https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/H3C.pm#L183)
So right now snmp is mandatory.
Regards
Fabrice
Le 2018-06-18 à 04:25, Johan Thomas via PacketFence-users a écrit :
Hello Fabrice,
Sure, i'm using the H3C::S5120 switch module
Here is the log files when connecting an unreg device (i havent
configured the SNMP) :
*Packetfence.log :*
Jun 18 10:16:35 packetfence packetfence_httpd.aaa: httpd.aaa(5402)
ERROR: [mac:8c:ec:4b:e3:7e:00] error creating SNMP v1 read
connection to 192.168.0.200 <http://192.168.0.200>: No response
from remote host "192.168.0.200" (pf::Switch::connectRead)
Jun 18 10:16:35 packetfence packetfence_httpd.aaa: httpd.aaa(5402)
INFO: [mac:8c:ec:4b:e3:7e:00] handling radius autz request: from
switch_ip => (192.168.0.200), connection_type =>
WIRED_MAC_AUTH,switch_mac => (Unknown), mac =>
[8c:ec:4b:e3:7e:00], *_port => 0_*, username =>
"8c-ec-4b-e3-7e-00" (pf::radius::authorize)
Jun 18 10:16:35 packetfence packetfence_httpd.aaa: httpd.aaa(5402)
INFO: [mac:8c:ec:4b:e3:7e:00] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Jun 18 10:16:35 packetfence packetfence_httpd.aaa: httpd.aaa(5402)
INFO: [mac:8c:ec:4b:e3:7e:00] is of status unreg; belongs into
registration VLAN (pf::role::getRegistrationRole)
Jun 18 10:16:35 packetfence packetfence_httpd.aaa: httpd.aaa(5402)
INFO: [mac:8c:ec:4b:e3:7e:00] (192.168.0.200) Added VLAN 3 to the
returned RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept)
Jun 18 10:18:27 packetfence pfipset[6451]:
t=2018-06-18T10:18:27+0200 lvl=info msg="Reloading ipsets" pid=6451
*Radius.log :*
Jun 18 10:16:35 packetfence auth[5757]: Need 2 more connections to
reach min connections (3)
Jun 18 10:16:35 packetfence auth[5757]: rlm_rest (rest): Opening
additional connection (29), 1 of 63 pending slots used
Jun 18 10:16:35 packetfence auth[5757]: Need 1 more connections to
reach min connections (3)
Jun 18 10:16:35 packetfence auth[5757]: rlm_sql (sql): Opening
additional connection (47), 1 of 62 pending slots used
Jun 18 10:16:35 packetfence auth[5757]: [mac:8c:ec:4b:e3:7e:00]
Accepted user: and returned VLAN 3
Jun 18 10:16:35 packetfence auth[5757]: (34190) Login OK:
[8c-ec-4b-e3-7e-00] (from client 192.168.0.200 port *16797697* cli
8c:ec:4b:e3:7e:00)
Thanks in advance !
Johan
2018-06-14 20:02 GMT+02:00 Fabrice Durand via PacketFence-users
<[email protected]
<mailto:[email protected]>>:
Hello Johan,
can you paste the packetfence.log, the radius audit log entry
(Radius request) and the switch module you are using ?
Regards
Fabrice
Le 2018-06-14 à 10:27, Johan Thomas via PacketFence-users a écrit :
Hi,
We are installing packetfence and we have a lot of HPE 1920 and 1910.
I'm testing them with packetfence but i'm having a strange behavior.
Packetfence receive the Radius request, the port received the
registration VLAN but the switch port is not good in the
interface: we only see "port 0".
I have launched a raddebug:
* NAS-Port is 16805889
* NAS-Port-Id is "slot=1;subslot=0;port=7;vlanid=1" (and here
the port is ok)
Can i make something to have the port ok ?
Thanks in advance
Johan
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
--
Fabrice Durand
[email protected] <mailto:[email protected]> :: +1.514.447.4918 (x135)
::www.inverse.ca <http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
