I?ve added rules and communication is working - using curl I have generate API key from PacketFence server.
Problem is I don?t see outgoing packets on interface to my PaloAlto firewall.
W dniu ?r., 11.03.2020 o 18:02 Tomasz Karczewski OLMAN <[email protected]> napisa?(a):
Please check if you PA doesnt filter packets.Hi,-------- Oryginalna wiadomo?? --------Od: Przemyslaw Zoltowski via PacketFence-users <[email protected].net> Data: 11.03.2020 17:02 (GMT+01:00)DW: Przemyslaw Zoltowski <[email protected]>Temat: [PacketFence-users] 9.3.0 - SSO PaloAlto doesn't work
I've configured SSO according to documentation. I also make sure that PacketFence has access to PaloAlto firewall.
In pfsso.log I can see that SSO is operational and sends info to PA:
Mar 11 14:13:26 packetfence pfsso[2238]: t=2020-03-11T14:13:26+0100 lvl=info msg="Processing SSO Start" pid=2238 request-uuid=1816cea7-639a-11ea-bf1a-0050569ad40d [email protected] ip=10.201.6.184 mac=d4:a3:3d:xx:xx:xx role=guest firewall-id=x.x.x.x
But I don't see anything going to PaloAlto IP in tcpdump on uplnik interface.
Generating API key with curl from PacketFence works and I can see this packets in tcpudmp.
Did anyone has this problem ? PF version: packetfence-9.3.0-20200113144930.108928498.0007.el7.x86_64 on Centos 7
Thanks for advice!
zolty
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
