Hello,
I've been trying to set up a PacketFence prototype to demo for our company but have been running into issues just setting it up.
I want to get an isolated test system going. I have a Cisco 2960-X Switch and a Server with 6 Interfaces.
For whatever reason, once I reach 'Step 7' in the configuration wizard, it never completes. "haproxy-portal" and "httpd.admin" do get started, however nothing else ever does.
Moreover, once I've reached this step I lose all connectivity to the server (even after iptables flush etc.). I can ssh FROM the server to my workstation, but not the other way around. Basically, I lose all connectivity _to_ the server (but can initiate connections _from_ it).
Once it's in this state I have no idea how to troubleshoot it and end up wiping the entire system and starting from scratch again.
Here is my setup:
Dell PowerEdge R210 II Server with 8 GB of RAM
CentOS 7.5 Minimal Installation
6 Network Interfaces
Cisco 2960-X Switch
CentOS 7.5 Minimal Installation
6 Network Interfaces
Cisco 2960-X Switch
Installation Steps: (For VLAN Enforcement)
-Install CentOS 7.5 Minimal
-Yum Update
-Disable SELinux & FirewallD (+ reboot)
-Create '99-no-dns.conf' file in /etc/NetworkManager/conf.d/
-Install the PacketFence repository RPM file
-Install only the dependencies for PacketFence as per: https://github.com/inverse-inc/packetfence/issues/2689
-Install Packetfence Proper
Note: I still get a ton of "Could not write namespace .... to L2 cache !" messages.
-Yum Update
-Disable SELinux & FirewallD (+ reboot)
-Create '99-no-dns.conf' file in /etc/NetworkManager/conf.d/
-Install the PacketFence repository RPM file
-Install only the dependencies for PacketFence as per: https://github.com/inverse-inc/packetfence/issues/2689
-Install Packetfence Proper
Note: I still get a ton of "Could not write namespace .... to L2 cache !" messages.
With this, I'm presented with the "Please fire up your Web broswer" message and I go through the configurator which I set up for VLAN Management.
Network Topology:
VLANs:
VLAN 10 - "Pool" (where the devices will end up after being authenticated)
VLAN 102 - "Registration"
VLAN 103 - "Isolation"
VLAN 102 - "Registration"
VLAN 103 - "Isolation"
em1: Connected to Corporate Network, IP via DHCP (for In-Band management of the server from my workstation, also provides internet access).
em2: Connected directly to the Cisco 2960-X Management interface (uses a /30). This is set as my "Management" interface.
em2: Connected directly to the Cisco 2960-X Management interface (uses a /30). This is set as my "Management" interface.
p1p1: Trunk Link for VLAN 102/103. Has IPs 192.168.102.1 & 192.168.103.1 respectively.
p1p2: "Pool" trunk link for VLAN 10 (native) (192.168.10.1)
p1p2: "Pool" trunk link for VLAN 10 (native) (192.168.10.1)
So in reality, Packetfence only really uses the em2/p1p1/p1p2 interfaces (where em1 is just for internet/in-band access).
So far so good until I hit 'Step 7' and try to start the services. They blink for a while, then eventually settle at 'unknown'. I also lose all connectivity to the server.
I've uploaded the output from my installation process here:
https://paste.ee/p/FhXhM
------------
I suspect this issue might have something to do with the 4th interface (connected to the corporate network/internet), but that's just speculation.
Does designating an interface as 'Management' limit SSH/http to that network ? Because I'm not trying to interact with it over the "Management" network (which is simply a /30 between the switch and the server)...
Could somebody please suggest some ways that I can troubleshoot this? I know that Packetfence is running because 'systemctl status packetfence.target' says it's active -- but that doesn't really give me very much information.
Thanks !
-Jay
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
