Hello Caiqui, I am currently implementing Packetfence Zen 8.x in a lab setting and I was using VLAN enforcement using Huawei s5710 switch. I was using the Manual Provided by Packetfence. I make the necessary recommended configs on the switch. But the switch recommended was a controller. I am trying to configure 8021.x EAP.
I have been managed to set up the server after a month of blind trial and error since I got stuck after error after error. I have managed to reach a spot where I am able to land the captive portal and authenticate users based on htaccess file source and active directory source. But after my dummy users are authenticated, they cant read the internet. because they are greeted with this error " Unable to detect network connectivity below is a snippet of my packetfence.log and an output of my ipset -L ipset -L Name: parking Type: hash:ip Revision: 1 Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16528 References: 2 Members: Name: pfsession_passthrough Type: hash:ip,port Revision: 2 Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16528 References: 2 Members: Name: pfsession_isol_passthrough Type: hash:ip,port Revision: 2 Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16528 References: 2 Members: ### packetfence.log Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found authentication source(s) : 'file1,ADSource' for realm 'null' (pf::config::util::filter_authentication_sources) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Authenticating user using sources : file1,ADSource (captiveportal::PacketFence::DynamicRouting::Module::Authentication::Login::authenticate) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Authentication successful for myuser in source file1 (Htpasswd) (pf::authentication::authenticate) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Successfully authenticated myuser (captiveportal::PacketFence::DynamicRouting::Module::Authentication::Login::authenticate) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) WARN: [mac:00:11:22:33:44:55] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Using sources file1 for matching (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Matched rule (FileRule) in source file1, returning actions. (pf::Authentication::Source::match_rule) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Matched rule (FileRule) in source file1, returning actions. (pf::Authentication::Source::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) WARN: [mac:00:11:22:33:44:55] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Using sources file1 for matching (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Matched rule (FileRule) in source file1, returning actions. (pf::Authentication::Source::match_rule) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Matched rule (FileRule) in source file1, returning actions. (pf::Authentication::Source::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) WARN: [mac:00:11:22:33:44:55] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Using sources file1 for matching (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) WARN: [mac:00:11:22:33:44:55] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Using sources file1 for matching (pf::authentication::match) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(8357) INFO: [mac:00:11:22:33:44:55] Found source file1 in session. (Class::MOP::Class:::around) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] Instantiate profile Profile (pf::Connection::ProfileFactory::_from_profile) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) ERROR: [mac:00:11:22:33:44:55] Error while communicating with the Fingerbank collector. 500 Can't connect to 127.0.0.1:4723 (pf::fingerbank::endpoint_attributes) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) WARN: [mac:00:11:22:33:44:55] Use of uninitialized value in string ne at /usr/local/pf/lib/captiveportal/PacketFence/DynamicRouting/Application.pm line 137. (captiveportal::PacketFence::DynamicRouting::Application::process_fingerbank) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) ERROR: [mac:00:11:22:33:44:55] Error while communicating with the Fingerbank collector. 500 Can't connect to 127.0.0.1:4723 (pf::fingerbank::update_collector_endpoint_data) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf pfqueue: pfqueue(8041) ERROR: [mac:unknown] Error while communicating with the Fingerbank collector. 500 Can't connect to 127.0.0.1:4723 (pf::fingerbank::endpoint_attributes) Feb 15 19:55:56 pf pfqueue: pfqueue(8041) ERROR: [mac:unknown] Unable to fetch query arguments for Fingerbank query. Aborting. (pf::fingerbank::process) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] No provisioner found for 00:11:22:33:44:55. Continuing. (captiveportal::PacketFence::DynamicRouting::Module::Provisioning::execute_child) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] User myuser has authenticated on the portal. (Class::MOP::Class:::after) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] violation 1300003 force-closed for 00:11:22:33:44:55 (pf::violation::violation_force_close) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) INFO: [mac:00:11:22:33:44:55] Instantiate profile default (pf::Connection::ProfileFactory::_from_profile) Feb 15 19:55:56 pf packetfence_httpd.portal: httpd.portal(7953) WARN: [mac:00:11:22:33:44:55] Use of uninitialized value in concatenation (.) or string at /usr/local/pf/lib/captiveportal/PacketFence/DynamicRouting/Module/Root.pm line 89. (captiveportal::PacketFence::DynamicRouting::Module::Root::release) Feb 15 19:55:57 pf packetfence_httpd.portal: httpd.portal(7959) WARN: [mac:unknown] locale from the URL is not supported (pf::Portal::Session::getLanguages) Feb 15 19:55:57 pf packetfence_httpd.portal: httpd.portal(7959) WARN: [mac:00:11:22:33:44:55] locale from the URL is not supported (pf::Portal::Session::getLanguages) Feb 15 19:55:57 pf packetfence_httpd.portal: httpd.portal(7959) INFO: [mac:00:11:22:33:44:55] Instantiate profile Profile (pf::Connection::ProfileFactory::_from_profile) Feb 15 19:55:57 pf packetfence_httpd.portal: httpd.portal(7959) WARN: [mac:00:11:22:33:44:55] locale from the URL is not supported (captiveportal::PacketFence::Controller::Root::getLanguages) Feb 15 19:55:57 pf packetfence_httpd.portal: httpd.portal(7959) ERROR: [mac:00:11:22:33:44:55] Error while communicating with the Fingerbank collector. 500 Can't connect to 127.0.0.1:4723 (pf::fingerbank::endpoint_attributes) Feb 15 19:55:57 pf packetfence_httpd.portal: httpd.portal(7959) WARN: [mac:00:11:22:33:44:55] Use of uninitialized value in string ne at /usr/local/pf/lib/captiveportal/PacketFence/DynamicRouting/Application.pm line 137. (captiveportal::PacketFence::DynamicRouting::Application::process_fingerbank) ### Huawei Config [AC] radius-server template radius_packetfence [AC-radius-radius_packetfence] radius-server authentication 192.168.2.1 1812 weight 80 [AC-radius-radius_packetfence] radius-server accounting 192.168.2.1 1813 weight 80 [AC-radius-radius_packetfence] radius-server shared-key cipher s3cr3t [AC-radius-radius_packetfence] undo radius-server user-name domain-included [AC-radius-radius_packetfence] quit [AC] radius-server authorization 192.168.2.1 shared-key cipher s3cr3t server-group radius_packetfence [AC] aaa [AC-aaa] authentication-scheme radius_packetfence [AC-aaa-authen-radius_packetfence] authentication-mode radius [AC-aaa-authen-radius_packetfence] quit [AC-aaa] accounting-scheme radius_packetfence [AC-aaa-accounting-radius_packetfence] accounting-mode radius [AC-aaa-accounting-radius_packetfence] quit [AC-aaa] domain mydomain.com [AC-aaa-domain-mydomain.com] authentication-scheme radius_packetfence [AC-aaa-domain-mydomain.com] accounting-scheme radius_packetfence [AC-aaa-domain-mydomain.com] radius-server radius_packetfence [AC-aaa-domain-mydomain.com] quit [AC-aaa] quit <AC>system-view [AC] dot1x enable I pray I will get some attention, Kind regards
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
