Hello Bill, Out of curiosity, did you select and apply that template that you created to your switch ?
Thanks, Ludovic Zammit lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: www.inverse.ca <http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On May 11, 2020, at 4:24 PM, Bill Handler <bhand...@pcsknox.com> wrote: > > Ludovic, > > Made a custom template, but it does not seem to be passing the RADIUS > Attribute… > > This is the Template I’ve created: > > <image005.jpg> > > The Extreme-Netlogin-Extended-Vlan attribute does not seem to be being passed > to the switch… within the Auditing window for the end-system I see: > > <image006.png> > > For the canned Extreme Template RADIUS shows: > <image007.png> > I changed the VLAN within the config to ‘Data’ to ensure it was being read… > > The radiusd.log shows: > > [root@pf428 logs]# cat -t 50 radius.log | grep VLAN > cat: 50: No such file or directory > May 11 04:40:29 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 05:40:28 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 06:40:27 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 06:46:27 pf428 auth[3321]: [mac:a0:d3:c1:12:b6:a2] Accepted user: > host/TRAINING-SD03.pcsknox.com <http://training-sd03.pcsknox.com/> and > returned VLAN 200 > May 11 07:40:26 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 08:40:25 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 09:40:24 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 10:40:23 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 11:40:22 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 12:40:21 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 13:40:19 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 14:40:18 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 15:40:17 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 15:47:26 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 15:47:27 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 15:48:27 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 15:53:24 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 15:53:26 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 15:54:27 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:01:04 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 16:01:04 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:02:05 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:03:05 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:07:52 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 16:07:52 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:08:52 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:09:37 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN Data > May 11 16:09:38 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:10:38 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:16:33 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN Data > May 11 16:16:33 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:17:33 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:18:34 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > > > The end-system is being authenticated, but when using the Extreme Attribute, > it is not returning anything from RADIUS, and leaves the VLAN blank in the > log… > > Any help is appreciated > > Thanks, > > Bill > > From: Ludovic Zammit <lzam...@inverse.ca <mailto:lzam...@inverse.ca>> > Sent: Thursday, May 7, 2020 8:34 AM > To: Bill Handler <bhand...@pcsknox.com <mailto:bhand...@pcsknox.com>> > Cc: packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net> > Subject: Re: [PacketFence-users] Role mapped to Tagged VLANs > > Hello Bill, > > If you are using PacketFence v10 we have implemented switch templates. > > It’s under Configuration > Integration > Switch Templates > > You can check out how the Cisco::Switch is done with the voice scope: > > <image003.png> > > Or the HP::Switch : > > <image004.png> > If you don’t have PacketFence v10, you would need to create you own switch > module in perl. > > Thanks, > > Ludovic Zammit > lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > On May 7, 2020, at 5:31 AM, Bill Handler <bhand...@pcsknox.com > <mailto:bhand...@pcsknox.com>> wrote: > > Understood, what I was meaning is how do we add the VSAs to PacketFence to > enhance/expand the functionality? Or set custom attributes for the certain > vendors’ equipment? > > Thanks, > > Bill > > Sent from my iPad > > On May 6, 2020, at 9:33 PM, Ludovic Zammit <lzam...@inverse.ca > <mailto:lzam...@inverse.ca>> wrote: > > Each vendor have specific ones. > > It’s the way they support voice, check their radius attributes documentation. > > Thanks, > > > On May 6, 2020, at 7:51 PM, Bill Handler <bhand...@pcsknox.com > <mailto:bhand...@pcsknox.com>> wrote: > > Ludovic, > > How do we add vendor-specific VSAs? > > Thanks, > > Bill > > Sent from my iPad > > On May 6, 2020, at 8:09 AM, Ludovic Zammit <lzam...@inverse.ca > <mailto:lzam...@inverse.ca>> wrote: > > Hello Bill, > > You would have to rely on the Radius VOIP capabilities of those network > equipment. > > PacketFence supports VOIP on HP/ Aruba switches. On the Aruba AP you would > have to process the VOIP as a normal VLAN. You can try to check the VOIP flag > under a mac address and connect it on a HP/ Aruba switch. You would need to > have your voice VLAN marked as a voice clan under your switch. > > As per Extreme switch, we don’t support voice VSA. > > Thanks, > > Ludovic Zammit > lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > On May 6, 2020, at 8:00 AM, Bill Handler <bhand...@pcsknox.com > <mailto:bhand...@pcsknox.com>> wrote: > > Extreme Networks and HP/Aruba switches/APs with a variety of VoIP phones - > yealink Avaya polycom etc > > Sent from my iPhone > > > On May 6, 2020, at 6:53 AM, Ludovic Zammit <lzam...@inverse.ca > <mailto:lzam...@inverse.ca>> wrote: > > Hello Bill, > > Which kind of equipment are you using ? > > Thanks, > > Ludovic Zammit > lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > On May 5, 2020, at 6:02 PM, Bill Handler via PacketFence-users > <packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net>> wrote: > > Team, > > Is there a way to push a tagged VLAN to the switch when a device > authenticates? For example a VoIP phone, or AP. We’ve tested with a phone > with a PC on the passthrough port. The PC authenticates fine on the correct > VLAN, but we don’t know how to configure PF to send the phone VLAN as tagged > to the switch. > > Thanks, > > Bill > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > <mailto:PacketFence-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > <https://lists.sourceforge.net/lists/listinfo/packetfence-users> > > >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
