Re: [PacketFence-users] tagged VLANs, RFC 4675, Egress-VLANID

Thu, 09 May 2019 05:46:05 -0700 

On Wed, May 8, 2019 18:37, Durand fabrice wrote:
> Hello David,
>
> can you try that:
>
>      [mymachine1]
>      filter = mac
>      operator = is
>      value = 07:3d:95:14:aa:ee
>
>      [mac:mymachine1]
>      scope = returnRadiusAccessAccept
>      merge_answer = yes
>      answer1 = Egress-VLANID => 0x31000190;0x32000064

Yup, that worked:

        Reply-Message = "Request processed by PacketFence"
        Tunnel-Type:0 = VLAN
        Tunnel-Private-Group-Id:0 = "100"
        Egress-VLANID = 822083984
        Egress-VLANID = 838860900
        Tunnel-Medium-Type:0 = IEEE-802

Thanks. So it looks like for every key-value pair, a separate answerX is
needed for each key. So in radius_filters.conf.example, there are three
answers:

        answer1 = Tunnel-Medium-Type => 6
        answer2 = Tunnel-Type => 13
        answer3 = Tunnel-Private-Group-ID => 42

but that's because each has a different Tunnel-* key. Where I have two
values for the same Egress-VLANID key, so should only have one answer.


This also seemed to have semi-solved the DB connection issue. When I run
"sudo systemctl restart packetfence-httpd.aaa.service" it works properly,
but when I restart via the web UI I get:

        May  9 08:22:44 pf1 packetfence: INFO pfcmd.pl(15273): Stopping
httpd.aaa with pid 14783 (pf::services::manager::stopService)
        May  9 08:22:44 pf1 packetfence: INFO pfcmd.pl(15273): child
exited with value 0 (pf::services::manager::stopService)
        May  9 08:22:44 pf1 packetfence: INFO pfcmd.pl(15273): Connecting
to MySQL database (pfconfig::backend::mysql::_get_db)
        May  9 08:22:44 pf1 packetfence: INFO pfcmd.pl(15273): Instantiate
profile default (pf::Connection::ProfileFactory::_from_profile)
        May  9 08:22:49 pf1 packetfence: INFO pfcmd.pl(15273): Connecting
to MySQL database (pfconfig::backend::mysql::_get_db)
        May  9 08:22:50 pf1 packetfence: ERROR pfcmd.pl(15273): Can't get
any result from DB while trying to check for database schema
version (pf::version::version_check_db)
        May  9 08:22:51 pf1 packetfence: INFO pfcmd.pl(15273):
Preprocessing filter condition 'mymachine1'
(pf::config::builder::scoped_filter_engines::preprocessCondition)
        May  9 08:22:51 pf1 packetfence: INFO pfcmd.pl(15273): Processing
rule 'mac:mymachine1'
(pf::config::builder::scoped_filter_engines::preprocessRule)

And then the web UI simply has the "Start" button, which means that
httpd.aaa isn't even running anymore.





_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to