Dear Fabrice,
I looking at /usr/local/pf/raddb/sites-available/packetfence-tunnel
and/usr/local/pf/raddb/modules/ldap
I realized that this guide probably is related to an old Freeradius ,
may be version 2.
This is because in my PF 8.2.1 setup both are missing.
I've got:
/usr/local/pf/raddb/sites-enabled/packetfence-tunnel
and
/usr/local/pf/raddb/mods-available/ldap
Can I follow your guide anyway even if it is probably related to a
different freeradius ?
Thanks !
Enrico
Il 20/12/18 21:06, Enrico ha scritto:
Dear All,
so If I understand I need to change Wireless-NOEAP to Wireless-EAP and
create, or change, /usr/local/pf/raddb/modules/ldap following
this guide: 16.3 EAP Authentication.....
but tell more about because this file
/usr/local/pf/raddb/sites-available/packetfence-tunnel
shows nothing about pap.
Is it normal that in this file there are only ldap and eap authorize
module ?
Thanks a lot again !!!
Best Regards
Enrico
Il 20/12/18 19:39, Fabrice Durand via PacketFence-users ha scritto:
Hello Enrico,
you need to add manually the ldap server in the freeradius
configuration.
(https://packetfence.org/doc/PacketFence_Installation_Guide.html#_eap_authentication_against_openldap)
Regards
Fabrice
Le 18-12-20 à 10 h 15, Enrico Becchetti via PacketFence-users a écrit :
Hi all,
I again ask in this mailing list to finish the setup of my PacketFence
server. I'm running Centos 7.6 x86 with
packetfence-8.2.1-3.el7.noarch and , as you can read from
the subject of this email, I need to activate 802.1X authentication
using TTLS and PAP.
I've one production vlan and PF in Inline mode for this network , I
've also defined
"connection profile", "authentication sources","network device" and
so on.
You can see all of my settings here:
https://www.dropbox.com/s/rjc0j8mapt4ymzg/8021x.pdf?dl=0
PF must use my ldap server as backend. In fact all authentication
requests come from
AP and Switch must be forwarded to the ldap server. All supplicants
are configured with
TTLS and PAP security profile and I'ven't any Active Domain controller.
In the following lines radius debug from packetfence:
(9) Thu Dec 20 15:09:35 2018: WARNING: You set Proxy-To-Realm =
local, but it is a LOCAL realm! Cancelling proxy request.
(9) Thu Dec 20 15:09:35 2018: ERROR: No Auth-Type found: rejecting
the user via Post-Auth-Type = Reject
log file is here:
https://www.dropbox.com/s/579hffpa4w6ff9z/radiusdebug.log?dl=0
Authentication Methods are set to:MD5,MSCHAPv2,PEAP,TLS,TTLS.
Someone has any ideas to fix it ?
Thank you in advance for your help.
Best Regards
Enrico
--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
_______________________________________________________________________
--
_______________________________________________________________________
Enrico Becchetti Servizio di Calcolo e Reti
Istituto Nazionale di Fisica Nucleare - Sezione di Perugia
Via Pascoli,c/o Dipartimento di Fisica 06123 Perugia (ITALY)
Phone:+39 075 5852777 Mail: Enrico.Becchetti<at>pg.infn.it
_______________________________________________________________________
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
