I'm not actually on site right now, so I'm relying on my on-site tech to test things in his spare time. That said, I believe I misread his initial report, as I noticed that the "Allow AAA Override" was not checked on the WLC for the test SSID. That would explain things better.
Thanks again for a great product. Hans On Sun, Oct 13, 2019 at 4:09 PM Durand fabrice via PacketFence-users < [email protected]> wrote: > Hello Hans, > > can you provide the logs for the mac addresse you are testing with ? > > Like "cat packetfence.log|grep 00:11:22:33:44:55" > > Regards > > Fabrice > > > Le 19-10-13 à 16 h 17, Hans Johnson via PacketFence-users a écrit : > > Hi everyone, > > After years of running PF 6.5.1, I've finally found the time to build > myself a new PF instance, this time running the latest version (9.1). > > My setup is reasonably simple. Cisco WLC authenticating an open SSID > against PacketFence via MAC authentication, and requiring a > username/password to log in. This is backed against Active Directory. > Basically, we give our staffb BYOD access this way, without providing any > access to the public. > > Anyhow, it's mostly all working on the first go-round for a device. > Connect to the wifi, get assigned to the registration VLAN, and the captive > portal screen pops up. User logs in with their AD credentials, they get > popped over to the appropriate staff VLAN, and things work properly. All > the AD and RADIUS CoA stuff seems to be working properly. I have the > registration set to last two weeks. > > The issue happens when they disconnect from the wireless, then re-connect. > Rather than getting punted back to the appropriate staff VLAN, they wind up > back on the registration VLAN, and the captive portal shows "An error > occured" "Your network should be enabled within a minute or two. If it's > not reboot your computer" and the device never gets punted back to the > non-registration VLAN. > > I'm wondering if I did something to my Port Modules section. I simplified > it, perhaps too much, as I wanted the AUP text to come up directly, and > just a click through to the username/password. As such, right now, the > portal modules only has the default root policy, followed by the "default > login policy" > > Any thoughts on what I'm missing? > > Thanks, > > Hans > > -- > --------------------------------------------- > Hans Johnson ([email protected]) > B.ASc, Computer Engineering > Simon Fraser University > > ... Si hoc legere scis numium eruditionis habes. -- Anonymous > > > _______________________________________________ > PacketFence-users mailing > [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > -- --------------------------------------------- Hans Johnson ([email protected]) B.ASc, Computer Engineering Simon Fraser University ... Si hoc legere scis numium eruditionis habes. -- Anonymous
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
