don't mind the " backend has no server available" it was a false alarm. I still dont know why the portal doesn't show up as i thought the packetfence server management ip should listen on port 80 ... ?
Regards On Tue, 30 Apr 2019 at 10:10, pro fence <[email protected]> wrote: > Hello, > > one thing i have in haproxy log file is : > > backend registration_vlan_ip-backend has no server available! > backend isolation_vlan_ip-backend has no server available! > > Any help is appreciated > Regards, > > On Mon, 29 Apr 2019 at 16:06, pro fence <[email protected]> wrote: > >> Fabrice, >> here is what i have after issuing your commands : >> >> tcp 0 0 registration_vlan_ip:80 0.0.0.0:* >> LISTEN 7758/haproxy >> tcp 0 0 isolation_vlan_ip:80 0.0.0.0:* >> LISTEN 7758/haproxy >> tcp 0 0 127.0.0.1:80 0.0.0.0:* >> LISTEN 9239/httpd >> tcp 0 0 127.0.0.1:80 127.0.0.1:43622 >> SYN_RECV - >> tcp 0 0 127.0.0.1:8080 0.0.0.0:* >> LISTEN 7877/perl >> tcp 0 0 127.0.0.1:8080 127.0.0.1:43946 >> TIME_WAIT - >> tcp 0 0 127.0.0.1:8080 127.0.0.1:44226 >> ESTABLISHED 8288/perl >> tcp 0 0 127.0.0.1:44226 127.0.0.1:8080 >> ESTABLISHED 7883/pfhttpd >> >> >> tcp 0 0 registration_vlan_ip:443 0.0.0.0:* >> LISTEN 7758/haproxy >> tcp 0 0 isolation_vlan_ip:443 0.0.0.0:* >> LISTEN 7758/haproxy >> >> On Mon, 29 Apr 2019 at 15:54, pro fence <[email protected]> wrote: >> >>> Hello Fabrice, >>> >>> thank you, here it is, i skipped the "alerting" section >>> >>> #Subject prefix for email notifications of rogue DHCP servers, >>> violations with an action of "email", or any other >>> #PacketFence-related message. >>> subjectprefix=[PF Alertt] >>> >>> [captive_portal] >>> # >>> # captive_portal.network_detection_ip >>> # >>> # This IP is used as the webserver who hosts the >>> common/network-access-detection.gif which is used to detect if network >>> # access was enabled. >>> # It cannot be a domain name since it is used in registration or >>> quarantine where DNS is blackholed. >>> # It is recommended that you allow your users to reach your packetfence >>> server and put your LAN's PacketFence IP. >>> # By default we will make this reach PacketFence's website as an easy >>> solution. >>> # >>> network_detection_ip=management_ip >>> >>> [active_active] >>> # >>> # active_active.password >>> # >>> # Shared KEY for vrrp protocol (Must be the same on all members). >>> password=pwd >>> >>> [interface eth0] >>> ip=management_ip >>> type=management,portal,high-availability >>> mask=255.255.0.0 >>> >>> [interface eth1] >>> enforcement=vlan >>> ip=registration_vlan_ip >>> type=internal >>> mask=255.255.0.0 >>> >>> [interface eth2] >>> enforcement=vlan >>> ip=isolation_vlan_ip >>> type=internal >>> mask=255.255.0.0 >>> >>> i will the commands and let you know >>> Regards >>> >>> >>> On Mon, 29 Apr 2019 at 15:46, Fabrice Durand via PacketFence-users < >>> [email protected]> wrote: >>> >>>> Hello Pro, >>>> >>>> haproxy is the process who is suppose to listen on the port 80 and 443. >>>> >>>> It looks that the configuration is not correctly generated. >>>> >>>> Can you you paste your pf.conf >>>> >>>> and do that: >>>> >>>> pfcmd pfconfig clear_backend >>>> >>>> pfcmd configreload hard >>>> >>>> pfcmd service haproxy-portal restart >>>> >>>> pfcmd service iptables restart >>>> >>>> >>>> Regards >>>> >>>> Fabrice >>>> >>>> >>>> Le 19-04-29 à 09 h 39, pro fence via PacketFence-users a écrit : >>>> >>>> HI, >>>> >>>> thanks for the reply i have already did that. >>>> Here is what i have >>>> >>>> >>>> tcp 0 0 127.0.0.1:80 0.0.0.0:* >>>> LISTEN 9239/httpd >>>> tcp 0 0 127.0.0.1:80 127.0.0.1:33796 >>>> SYN_RECV - >>>> tcp 0 0 registration_vlan_ip:80 0.0.0.0:* >>>> LISTEN 8662/haproxy >>>> tcp 0 0 isolation_vlan_ip:80 0.0.0.0:* >>>> LISTEN 8662/haproxy >>>> tcp 0 0 127.0.0.1:8080 0.0.0.0:* >>>> LISTEN 7877/perl >>>> tcp 0 0 127.0.0.1:8080 127.0.0.1:34264 >>>> TIME_WAIT - >>>> >>>> tcp 0 0 10.registration_vlan_ip:443 0.0.0.0:* >>>> LISTEN 8662/haproxy >>>> tcp 0 0 10.isolation_vlan_ip:443 0.0.0.0:* >>>> LISTEN 8662/haproxy >>>> >>>> the problem is that the portal url (on the switch role config) is as >>>> follows http://magement_ip/Cisco::WLC >>>> >>>> so when i use my ssid to connect it can't show the portal as a telnet >>>> management_ip 80 doens't work. >>>> I am new to packetfence so i d'ont know how a working config should >>>> behave. I a using a personnalised ssl certificate and i have the file >>>> server.pem set along with server.crt and server.key and my >>>> packetfence-haproxy-portal service is up as a matter of fact here my >>>> running services : >>>> >>>> packetfence-api-frontend.service >>>> loaded active running PacketFence API frontend Service >>>> >>>> packetfence-config.service >>>> loaded active running PacketFence Config Service >>>> >>>> packetfence-haproxy-portal.service >>>> loaded active running PacketFence HAProxy Load Balancer for the >>>> captive portal >>>> >>>> packetfence-httpd.aaa.service >>>> loaded active running PacketFence AAA Apache HTTP Server >>>> >>>> packetfence-httpd.dispatcher.service >>>> loaded active running PacketFence HTTP Dispatcher >>>> >>>> packetfence-httpd.parking.service >>>> loaded active running PacketFence Parking Apache HTTP Server >>>> >>>> packetfence-httpd.portal.service >>>> loaded active running PacketFence Captive Portal Apache HTTP >>>> Server >>>> >>>> packetfence-httpd.webservices.service >>>> loaded active running PacketFence Webservices Apache HTTP >>>> Server >>>> >>>> packetfence-iptables.service >>>> loaded active running PacketFence Iptables configuration >>>> >>>> packetfence-mariadb.service >>>> loaded active running PacketFence MariaDB instance >>>> >>>> packetfence-netdata.service >>>> loaded active running Real time performance monitoring >>>> >>>> packetfence-pfdhcp.service >>>> loaded active running PacketFence GO DHCPv4 Server Daemon >>>> >>>> packetfence-pfdhcplistener.service >>>> loaded active running PacketFence DHCP Listener Service >>>> >>>> packetfence-pfdns.service >>>> loaded active running PacketFence GO DNS Server Daemon >>>> >>>> packetfence-pffilter.service >>>> loaded active running PacketFence pffilter Service >>>> >>>> packetfence-pfipset.service >>>> loaded active running PacketFence Ipset Daemon >>>> >>>> packetfence-pfmon.service >>>> loaded active running PacketFence pfmon Service >>>> >>>> packetfence-pfperl-api.service >>>> loaded active running PacketFence Unified API >>>> >>>> packetfence-pfqueue.service >>>> loaded active running PacketFence pfqueue Service >>>> >>>> packetfence-pfsso.service >>>> loaded active running PacketFence PFSSO Service >>>> >>>> packetfence-pfstats.service >>>> loaded active running PacketFence Stats daemon >>>> >>>> packetfence-radiusd-acct.service >>>> loaded active running PacketFence FreeRADIUS multi-protocol >>>> accounting server >>>> >>>> packetfence-radiusd-auth.service >>>> loaded active running PacketFence FreeRADIUS authentication >>>> multi-protocol authentication server >>>> >>>> packetfence-radsniff.service >>>> loaded active running PacketFence radsniff Service >>>> >>>> packetfence-redis-cache.service >>>> loaded active running PacketFence Redis Cache Service >>>> packetfence-redis_queue.service >>>> >>>> thanks in advance, >>>> regards >>>> >>>> On Mon, 29 Apr 2019 at 15:15, Fabrice Durand via PacketFence-users < >>>> [email protected]> wrote: >>>> >>>>> Hello pro, >>>>> >>>>> you just need to add and additional listening daemon on the management >>>>> interface: >>>>> >>>>> https://@mgmt_ip:1443/admin/configuration#configuration/networks/interfaces >>>>> >>>>> Then restart packetfence. >>>>> >>>>> Regards >>>>> >>>>> Fabrice >>>>> Le 19-04-29 à 08 h 49, pro fence via PacketFence-users a écrit : >>>>> >>>>> Hi, >>>>> >>>>> thanks for the reply. but i still don't see how to active port 80 and >>>>> 443 on management ip. >>>>> >>>>> Any help is appreciated >>>>> Regards, >>>>> >>>>> On Mon, 29 Apr 2019 at 14:06, Nicolas Quiniou-Briand via >>>>> PacketFence-users <[email protected]> wrote: >>>>> >>>>>> >>>>>> >>>>>> On 2019-04-29 10:27 a.m., pro fence via PacketFence-users wrote: >>>>>> > my packetfence server is not listening on port 80 on the management >>>>>> > interface (and my portal is on that interface as per the >>>>>> installation >>>>>> > guide), but it is listening on registration and isolation. >>>>>> > changing the /usr/local/pf/var/conf/haproxy-portal.conf is useless >>>>>> > because it is lost on restart. >>>>>> >>>>>> You should be able to change this setting in pf.conf (see ports >>>>>> section). >>>>>> -- >>>>>> Nicolas Quiniou-Briand >>>>>> [email protected] :: +1.514.447.4918 *140 :: https://inverse.ca >>>>>> Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence >>>>>> (https://packetfence.org) and Fingerbank (http://fingerbank.org) >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> PacketFence-users mailing list >>>>>> [email protected] >>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> PacketFence-users mailing >>>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>> >>>>> -- >>>>> Fabrice [email protected] :: +1.514.447.4918 (x135) :: >>>>> www.inverse.ca >>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >>>>> (http://packetfence.org) >>>>> >>>>> _______________________________________________ >>>>> PacketFence-users mailing list >>>>> [email protected] >>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>> >>>> >>>> >>>> _______________________________________________ >>>> PacketFence-users mailing >>>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>> >>>> -- >>>> Fabrice [email protected] :: +1.514.447.4918 (x135) :: >>>> www.inverse.ca >>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >>>> (http://packetfence.org) >>>> >>>> _______________________________________________ >>>> PacketFence-users mailing list >>>> [email protected] >>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>> >>>
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
