Hello Joffrey,
the output is a little bit messy.
What is the switch ? (Dell ?)
Can you run raddebug -f /usr/local/pf/var/run/radiusd.log -t 3000
Can you post the content of packetfence.log when you authenticate ?
Regards
Fabrice
Le 20-05-07 à 12 h 48, Joffrey Bienvenue via PacketFence-users a écrit :
Hello
We are able to login through radius but our switch doesn't seem to
configure the vlan on the user port:
Auditing output from packetfence
MAC Address
00:1d:72:e2:64:30
Auth Status
Accept
Auth Status
eap
Auto Registration
1
Calling Station Identifier
00:1d:72:e2:64:30
Computer Name
joffreydebian
EAP Type
MSCHAPv2
Event Type
Radius-Access-Request
IP Address
Is a Phone
0
Node Status
reg
Domain
SAPACC
Profile
8021x
Realm
sapacc
Reason
Role
N/A
Source
PeerlessAD
Stripped User Name
joffrey
User Name
SAPACC\joffrey
Unique Identifier
Created at
2020-05-07 12:37:43
PF VLAN onfig for switch:
registrationVlan=164
isolationVlan=165
voiceVlan=93
inlineVlan=233
mode=testing
EmployeeVlan=98
guestVlan=19
always_trigger=1
AdminVlan=5
Our switch config:
aaa authentication login "defaultList" local
authentication enable
authentication dynamic-vlan enable
dot1x system-auth-control
aaa authentication dot1x default radius
aaa authorization network default radius
aaa server radius dynamic-author
Our port config:
show running-config interface gigabitethernet 1/0/3
switchport mode general
switchport general allowed vlan add 5,19,98,164-165
authentication event fail action authorize vlan164
authentication order dot1x mab
authentication priority dot1x mab
Are we missing anything?
--
Joffrey Bienvenue | CTO | Peerless Clothing Inc. | 8888 Boul. Pie
IX Montréal, QC H1Z 4J5 | 514-723-7887
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
