Hi,
I'm trying to use packetfence as a radius server to authenticate VPN users,
but for some reason users are being rejected. This is the radius packet
that packetfence is receiving.
RADIUS Request User-Name = "etienne.vella" NAS-IP-Address = 10.69.3.182
Called-Station-Id = "10.69.3.182" Calling-Station-Id = "46.11.42.225"
NAS-Identifier = "MST-FG-VPN" NAS-Port-Type = Virtual Acct-Session-Id =
"198d4a74" Event-Timestamp = "Aug 31 2020 11:15:22 CEST" Connect-Info =
"vpn-ipsec" Fortinet-Vdom-Name = "VPN_Aggrega" MS-CHAP-Challenge =
0x5c992c2631444239cff4e9e7b4b33471 MS-CHAP2-Response =
0x62007f4cbb3747f430b832132ef4b34f9899000000000000000007cd0718d3afa47ae9f0ae196d1cec78949bc50d94616770
Stripped-User-Name = "etienne.vella" Realm = "null"
FreeRADIUS-Client-IP-Address = 10.69.3.182 Module-Failure-Message = "rest:
Server returned:" Module-Failure-Message = "rest:
{\"control:PacketFence-Authorization-Status\":\"allow\",\"Reply-Message\":\"CLI
Access is not allowed by PacketFence on this switch\"}" User-Password =
"******" SQL-User-Name = "etienne.vella"
Is it possible to explain how Fortinet VPN is now supported as i'm not able
to find anything within the documentation.
Basically all i need to authenticate the user then trigger and RSSO to all
firewalls. Regarding DHCP i'm already forwarding those from the 'helper
address' fortinet equivalent.
Regards,
Cheers
Etienne
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
