Hi all.
I´m evaluating packefence solution for guest portal and a little more
control.
After a long time testing the solution, I stoped in a "problem" or
unknown feature in Aruba Controller.
All processes for registration are OK. I´m using Sponsor for Authorize
guests and change role by Radius Reply.
I can see my client on Aruba Controller changing the role (PF_Open_Guest
for PF_Guest_Auth), and the role "PF_Guest_auth" has a Role vlan ID
marked to 194 (My Destination vlan for this role) but my device dont
change IP Address after change the role.
I can see the client with correct role but wrong IP Add.
How can i do for Aruba controller permit change of Device IP add after
Change a role?
MY CHOOSE FOR WORKFLOW:
when device not authorized connects, controller send a DHCP from
reserved Vlan for registration. This vlan is contained between Aruba
Controller and Packetfence and the Gateway for this Vlan is packetfence.
Any access for this device is redirected for Packetfence portal.
After registration process (whatever it is: Password, email,
Sponsor...), packetfence chooses, following some conditions, a role for
register and authorize the user/device and this ROLE is sent by
packetfence for controller in Radius message Reply as follow:
(Jun 26 08:40:51 PacketFence-ZEN pfqueue: pfqueue(4045) INFO: [xxxxx]
Returning ACCEPT with role: PF_Guest_Permit_auth (pf::Switch::Aruba::try
{...} ))
This Role PF_Guest_Permit_auth is configured on Controller aruba as
follow:
user-role PF_Guest_Permit_auth
vlan 194
access-list session PERMITE_TUDO_POLICY
When process Finishes, i can see by Aruba cli comand "Show user Mac xxx"
that this user/device is connected with correctly options and the Role
was applyed for RFC3576 (COA) but VLAN is the same (2000 -
registration), even role PF_Guest_Permit_auth setting for 194.
All my chooses on packetfence are by ROLE, according that roles, a
specific Vlan should by Applyed.
Id like to publish only 1 SSID, and according with packefence policies,
the device is registered on differents Vlans ans Roles in Aruba
Controller.
It is possible??! Someone with same problem?
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
