Hello Fabrice, thank you, here it is, i skipped the "alerting" section
#Subject prefix for email notifications of rogue DHCP servers, violations with an action of "email", or any other #PacketFence-related message. subjectprefix=[PF Alertt] [captive_portal] # # captive_portal.network_detection_ip # # This IP is used as the webserver who hosts the common/network-access-detection.gif which is used to detect if network # access was enabled. # It cannot be a domain name since it is used in registration or quarantine where DNS is blackholed. # It is recommended that you allow your users to reach your packetfence server and put your LAN's PacketFence IP. # By default we will make this reach PacketFence's website as an easy solution. # network_detection_ip=management_ip [active_active] # # active_active.password # # Shared KEY for vrrp protocol (Must be the same on all members). password=pwd [interface eth0] ip=management_ip type=management,portal,high-availability mask=255.255.0.0 [interface eth1] enforcement=vlan ip=registration_vlan_ip type=internal mask=255.255.0.0 [interface eth2] enforcement=vlan ip=isolation_vlan_ip type=internal mask=255.255.0.0 i will the commands and let you know Regards On Mon, 29 Apr 2019 at 15:46, Fabrice Durand via PacketFence-users < [email protected]> wrote: > Hello Pro, > > haproxy is the process who is suppose to listen on the port 80 and 443. > > It looks that the configuration is not correctly generated. > > Can you you paste your pf.conf > > and do that: > > pfcmd pfconfig clear_backend > > pfcmd configreload hard > > pfcmd service haproxy-portal restart > > pfcmd service iptables restart > > > Regards > > Fabrice > > > Le 19-04-29 à 09 h 39, pro fence via PacketFence-users a écrit : > > HI, > > thanks for the reply i have already did that. > Here is what i have > > > tcp 0 0 127.0.0.1:80 0.0.0.0:* > LISTEN 9239/httpd > tcp 0 0 127.0.0.1:80 127.0.0.1:33796 > SYN_RECV - > tcp 0 0 registration_vlan_ip:80 0.0.0.0:* > LISTEN 8662/haproxy > tcp 0 0 isolation_vlan_ip:80 0.0.0.0:* > LISTEN 8662/haproxy > tcp 0 0 127.0.0.1:8080 0.0.0.0:* > LISTEN 7877/perl > tcp 0 0 127.0.0.1:8080 127.0.0.1:34264 > TIME_WAIT - > > tcp 0 0 10.registration_vlan_ip:443 0.0.0.0:* > LISTEN 8662/haproxy > tcp 0 0 10.isolation_vlan_ip:443 0.0.0.0:* > LISTEN 8662/haproxy > > the problem is that the portal url (on the switch role config) is as > follows http://magement_ip/Cisco::WLC > > so when i use my ssid to connect it can't show the portal as a telnet > management_ip 80 doens't work. > I am new to packetfence so i d'ont know how a working config should > behave. I a using a personnalised ssl certificate and i have the file > server.pem set along with server.crt and server.key and my > packetfence-haproxy-portal service is up as a matter of fact here my > running services : > > packetfence-api-frontend.service > loaded active running PacketFence API frontend Service > > packetfence-config.service > loaded active running PacketFence Config Service > > packetfence-haproxy-portal.service > loaded active running PacketFence HAProxy Load Balancer for the > captive portal > > packetfence-httpd.aaa.service > loaded active running PacketFence AAA Apache HTTP Server > > packetfence-httpd.dispatcher.service > loaded active running PacketFence HTTP Dispatcher > > packetfence-httpd.parking.service > loaded active running PacketFence Parking Apache HTTP Server > > packetfence-httpd.portal.service > loaded active running PacketFence Captive Portal Apache HTTP > Server > > packetfence-httpd.webservices.service > loaded active running PacketFence Webservices Apache HTTP Server > > packetfence-iptables.service > loaded active running PacketFence Iptables configuration > > packetfence-mariadb.service > loaded active running PacketFence MariaDB instance > > packetfence-netdata.service > loaded active running Real time performance monitoring > > packetfence-pfdhcp.service > loaded active running PacketFence GO DHCPv4 Server Daemon > > packetfence-pfdhcplistener.service > loaded active running PacketFence DHCP Listener Service > > packetfence-pfdns.service > loaded active running PacketFence GO DNS Server Daemon > > packetfence-pffilter.service > loaded active running PacketFence pffilter Service > > packetfence-pfipset.service > loaded active running PacketFence Ipset Daemon > > packetfence-pfmon.service > loaded active running PacketFence pfmon Service > > packetfence-pfperl-api.service > loaded active running PacketFence Unified API > > packetfence-pfqueue.service > loaded active running PacketFence pfqueue Service > > packetfence-pfsso.service > loaded active running PacketFence PFSSO Service > > packetfence-pfstats.service > loaded active running PacketFence Stats daemon > > packetfence-radiusd-acct.service > loaded active running PacketFence FreeRADIUS multi-protocol > accounting server > > packetfence-radiusd-auth.service > loaded active running PacketFence FreeRADIUS authentication > multi-protocol authentication server > > packetfence-radsniff.service > loaded active running PacketFence radsniff Service > > packetfence-redis-cache.service > loaded active running PacketFence Redis Cache Service > packetfence-redis_queue.service > > thanks in advance, > regards > > On Mon, 29 Apr 2019 at 15:15, Fabrice Durand via PacketFence-users < > [email protected]> wrote: > >> Hello pro, >> >> you just need to add and additional listening daemon on the management >> interface: >> >> https://@mgmt_ip:1443/admin/configuration#configuration/networks/interfaces >> >> Then restart packetfence. >> >> Regards >> >> Fabrice >> Le 19-04-29 à 08 h 49, pro fence via PacketFence-users a écrit : >> >> Hi, >> >> thanks for the reply. but i still don't see how to active port 80 and >> 443 on management ip. >> >> Any help is appreciated >> Regards, >> >> On Mon, 29 Apr 2019 at 14:06, Nicolas Quiniou-Briand via >> PacketFence-users <[email protected]> wrote: >> >>> >>> >>> On 2019-04-29 10:27 a.m., pro fence via PacketFence-users wrote: >>> > my packetfence server is not listening on port 80 on the management >>> > interface (and my portal is on that interface as per the installation >>> > guide), but it is listening on registration and isolation. >>> > changing the /usr/local/pf/var/conf/haproxy-portal.conf is useless >>> > because it is lost on restart. >>> >>> You should be able to change this setting in pf.conf (see ports section). >>> -- >>> Nicolas Quiniou-Briand >>> [email protected] :: +1.514.447.4918 *140 :: https://inverse.ca >>> Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence >>> (https://packetfence.org) and Fingerbank (http://fingerbank.org) >>> >>> >>> _______________________________________________ >>> PacketFence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >> >> >> _______________________________________________ >> PacketFence-users mailing >> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> -- >> Fabrice [email protected] :: +1.514.447.4918 (x135) :: >> www.inverse.ca >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >> (http://packetfence.org) >> >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > > > _______________________________________________ > PacketFence-users mailing > [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users > > -- > Fabrice [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence > (http://packetfence.org) > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
