Hello Enrico,
you need to add manually the ldap server in the freeradius
configuration.
(https://packetfence.org/doc/PacketFence_Installation_Guide.html#_eap_authentication_against_openldap)
Regards
Fabrice
Le 18-12-20 à 10 h 15, Enrico Becchetti via PacketFence-users a écrit :
Hi all,
I again ask in this mailing list to finish the setup of my PacketFence
server. I'm running Centos 7.6 x86 with
packetfence-8.2.1-3.el7.noarch and , as you can read from
the subject of this email, I need to activate 802.1X authentication
using TTLS and PAP.
I've one production vlan and PF in Inline mode for this network , I
've also defined
"connection profile", "authentication sources","network device" and so
on.
You can see all of my settings here:
https://www.dropbox.com/s/rjc0j8mapt4ymzg/8021x.pdf?dl=0
PF must use my ldap server as backend. In fact all authentication
requests come from
AP and Switch must be forwarded to the ldap server. All supplicants
are configured with
TTLS and PAP security profile and I'ven't any Active Domain controller.
In the following lines radius debug from packetfence:
(9) Thu Dec 20 15:09:35 2018: WARNING: You set Proxy-To-Realm =
local, but it is a LOCAL realm! Cancelling proxy request.
(9) Thu Dec 20 15:09:35 2018: ERROR: No Auth-Type found: rejecting
the user via Post-Auth-Type = Reject
log file is here:
https://www.dropbox.com/s/579hffpa4w6ff9z/radiusdebug.log?dl=0
Authentication Methods are set to:MD5,MSCHAPv2,PEAP,TLS,TTLS.
Someone has any ideas to fix it ?
Thank you in advance for your help.
Best Regards
Enrico
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
