hello durand. 203.100.23.60, yes that ip address is my flr eduroam server.
after define my flr eduroam server in file /usr/local/pf/raddb/client.conf
like this:
client eduroam_flr_server_1 {
ipaddr = 203.100.23.60
shortname = eduroam_tlrs1
secret = {secret}
virtual_server = eduroam
}
and add
if ( "%{client:shortname}" !~ /eduroam_tlrs/ ) {
rest
}
in conf/radiusd/eduroam.
im still unable to connect, the error still same.
(513) Thu Jun 21 14:52:47 2018: ERROR: rest:
{"control:PacketFence-Authorization-Status":"allow","Reply-Message":"Switch
is not managed by
PacketFence","control:PacketFence-Request-Time":1529567567}.
attch my eduroam log and eduroam configuration.
On Sat, Jun 23, 2018 at 9:32 PM, Durand fabrice via PacketFence-users <
[email protected]> wrote:
> Hello Jabang,
>
> Does 203.100.23.60 is the eduroam server ?
>
> did you defined 203.100.23.60 as a client in freeradius ?
>
> Like this :
>
> client eduroam_flr_server_1 {
> ipaddr = 203.100.23.60
> secret = <secret>
> nastype = 'eduroam_flr'
> }
>
> If yes then you will need to do a little bit of unlang to bypass
> packetfence when the request is coming from the eduroam server.
>
> The idea is to define the client like this:
>
>
> client eduroam_flr_server_1 {
> ipaddr = 203.100.23.60
> shortname = eduroam_tlrs1
> secret = <secret>
> virtual_server = eduroam
> }
>
> Then in https://github.com/inverse-inc/packetfence/blob/devel/
> conf/radiusd/eduroam.example#L335 (conf/radiusd/eduroam in your setup)
>
> if ( "%{client:shortname}" !~ /eduroam_tlrs/ ) {
> rest
> }
> #rest
>
> So when a request will come from the eduroam server then the request will
> use the eduroam virtual server and in unlang if the request is from eduroam
> then bypass rest (packetfence).
>
> Btw it should be something integrated to PacketFence by default.
>
> Regards
> Fabrice
>
>
>
>
> Le 2018-06-22 à 04:17, jabang konate via PacketFence-users a écrit :
>
> hi all
>
> i try to configure packetfence act as eduroam server.
> i have problem, all my local user or realm can't connect from other
> university.
> after debugging i realize all radius request from other university access
> point is rejected, i see this log in freeradius.
>
>
> ERROR: rest:
> {"control:PacketFence-Authorization-Status":"allow","Reply-Message":"Switch
> is not managed by PacketFence","control:PacketFence-Request-Time":
> 1529567567}
>
> after that i try to add some access point to packetfence switch
> configuration, and then i can connect.
>
> do i need add all access point in eduroam federation? or i miss
> configuration in eduroam integration with packetfence.
>
> attach my radius-eduroam log file.
>
> thanks.
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
>
> _______________________________________________
> PacketFence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
eduroam2.log
Description: Binary data
eduroam
Description: Binary data
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
