Hello Jabang,
Just for curiosity and to write the code in PacketFence, can you give me
the radius debug ?
Regards
Fabrice
Le 2018-06-26 à 00:08, jabang konate via PacketFence-users a écrit :
Hello Durand fabrice,
i added to both file eduroam and packetfence tunnel and it work now.
thanks for your help.
i will go to next project external captive portal packetfence with
ruckus integration.
On Mon, Jun 25, 2018 at 6:51 PM, Durand fabrice via PacketFence-users
<[email protected]
<mailto:[email protected]>> wrote:
Hello Jabang,
instead of conf/radiusd/eduroam , do it in
https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/packetfence-tunnel.example#L257
<https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/packetfence-tunnel.example#L257>
You can see in the trace that the request is sent to
packetfence-tunnel, so you need to bypass the rest module if the
request is coming from the eduroam server.
Let me know if it works now.
Regards
Fabrice
Le 2018-06-24 à 23:48, jabang konate via PacketFence-users a écrit :
hello durand.
203.100.23.60, yes that ip address is my flr eduroam server.
after define my flr eduroam server in file
/usr/local/pf/raddb/client.conf like this:
client eduroam_flr_server_1 {
ipaddr = 203.100.23.60
shortname = eduroam_tlrs1
secret = {secret}
virtual_server = eduroam
}
and add
if ( "%{client:shortname}" !~ /eduroam_tlrs/ ) {
rest
}
in conf/radiusd/eduroam.
im still unable to connect, the error still same.
(513) Thu Jun 21 14:52:47 2018: ERROR: rest:
{"control:PacketFence-Authorization-Status":"allow","Reply-Message":"Switch
is not managed by
PacketFence","control:PacketFence-Request-Time":1529567567}.
attch my eduroam log and eduroam configuration.
On Sat, Jun 23, 2018 at 9:32 PM, Durand fabrice via
PacketFence-users <[email protected]
<mailto:[email protected]>> wrote:
Hello Jabang,
Does 203.100.23.60 is the eduroam server ?
did you defined 203.100.23.60 as a client in freeradius ?
Like this :
client eduroam_flr_server_1 {
ipaddr = 203.100.23.60
secret = <secret>
nastype = 'eduroam_flr'
}
If yes then you will need to do a little bit of unlang to
bypass packetfence when the request is coming from the
eduroam server.
The idea is to define the client like this:
client eduroam_flr_server_1 {
ipaddr = 203.100.23.60
shortname = eduroam_tlrs1
secret = <secret>
virtual_server = eduroam
}
Then in
https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/eduroam.example#L335
<https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/eduroam.example#L335>
(conf/radiusd/eduroam in your setup)
if ( "%{client:shortname}" !~ /eduroam_tlrs/ ) {
rest
}
#rest
So when a request will come from the eduroam server then the
request will use the eduroam virtual server and in unlang if
the request is from eduroam then bypass rest (packetfence).
Btw it should be something integrated to PacketFence by default.
Regards
Fabrice
Le 2018-06-22 à 04:17, jabang konate via PacketFence-users a
écrit :
hi all
i try to configure packetfence act as eduroam server.
i have problem, all my local user or realm can't connect
from other university.
after debugging i realize all radius request from other
university access point is rejected, i see this log in
freeradius.
ERROR: rest:
{"control:PacketFence-Authorization-Status":"allow","Reply-Message":"Switch
is not managed by
PacketFence","control:PacketFence-Request-Time":1529567567}
after that i try to add some access point to packetfence
switch configuration, and then i can connect.
do i need add all access point in eduroam federation? or i
miss configuration in eduroam integration with packetfence.
attach my radius-eduroam log file.
thanks.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
