Hi Please can someone assist me. This project has come to a halt.
I do not seem to be getting something right. The captive portal does not come up after connecting to the guest SSID. I would really appreciate a response as soon as possible. Best regards On Mon, Nov 16, 2020, 11:23 Ezeh Victor <vickeyzed...@gmail.com> wrote: > Hi Ludovic/All, > > Kindly see the status of trying to access the captive portal; > > [image: image.png] > > On Mon, 16 Nov 2020 at 09:42, Ezeh Victor <vickeyzed...@gmail.com> wrote: > >> Hi Ludovic, >> >> Kind reminder. >> >> On Sun, Nov 15, 2020, 16:51 Ezeh Victor <vickeyzed...@gmail.com> wrote: >> >>> Hi Ludovic, >>> >>> Please I am still expecting your reply. >>> >>> On Fri, Nov 13, 2020, 19:27 Ezeh Victor <vickeyzed...@gmail.com> wrote: >>> >>>> Kindly find below; >>>> >>>> # Copyright (C) Inverse inc. >>>> # >>>> # >>>> # >>>> # See the enclosed file COPYING for license information (GPL). >>>> # If you did not receive this file, see >>>> # http://www.fsf.org/licensing/licenses/gpl.html >>>> [default] >>>> type=Cisco::WLC_2500 >>>> VoIPDHCPDetect=N >>>> coaPort=3799 >>>> uplink_dynamic=0 >>>> deauthMethod=RADIUS >>>> always_trigger=1 >>>> >>>> [172.20.130.252] >>>> description=WLC >>>> RoleMap=Y >>>> VlanMap=N >>>> registrationUrl=http://172.20.130.50/Cisco::WLC >>>> UrlMap=Y >>>> isolationRole=Isolation >>>> defaultRole=Authorize_Any >>>> registrationRole=Pre-Auth-For-WebRedirect >>>> radiusSecret=D4n-n3t0ps >>>> inlineRole=Inline >>>> >>>> # Copyright (C) Inverse inc. >>>> # >>>> # >>>> # >>>> # See the enclosed file COPYING for license information (GPL). >>>> # If you did not receive this file, see >>>> # http://www.fsf.org/licensing/licenses/gpl.html >>>> [192.168.0.1] >>>> description=Test Switch >>>> type=Cisco::Catalyst_2960 >>>> mode=production >>>> uplink=23,24 >>>> VoIPLLDPDetect=N >>>> >>>> #SNMPVersion = 3 >>>> #SNMPEngineID = 0000000000000 >>>> #SNMPUserNameRead = readUser >>>> #SNMPAuthProtocolRead = MD5 >>>> #SNMPAuthPasswordRead = authpwdread >>>> #SNMPPrivProtocolRead = DES >>>> #SNMPPrivPasswordRead = privpwdread >>>> #SNMPUserNameWrite = writeUser >>>> #SNMPAuthProtocolWrite = MD5 >>>> #SNMPAuthPasswordWrite = authpwdwrite >>>> #SNMPPrivProtocolWrite = DES >>>> #SNMPPrivPasswordWrite = privpwdwrite >>>> #SNMPVersionTrap = 3 >>>> #SNMPUserNameTrap = readUser >>>> #SNMPAuthProtocolTrap = MD5 >>>> #SNMPAuthPasswordTrap = authpwdread >>>> #SNMPPrivProtocolTrap = DES >>>> #SNMPPrivPasswordTrap = privpwdread >>>> [192.168.1.0/24] >>>> description=Test Range WLC >>>> type=Cisco::WLC >>>> mode=production >>>> uplink_dynamic=0 >>>> VoIPLLDPDetect=N >>>> >>>> On Fri, 13 Nov 2020 at 19:22, Ludovic Zammit <lzam...@inverse.ca> >>>> wrote: >>>> >>>>> Send me your conf/switches.conf >>>>> >>>>> Thanks, >>>>> >>>>> On Nov 13, 2020, at 1:20 PM, Ezeh Victor <vickeyzed...@gmail.com> >>>>> wrote: >>>>> >>>>> >>>>> Hi Ludovic, >>>>> >>>>> Thank you for your timely assistance. >>>>> >>>>> Kindly below some of the logs observed; >>>>> <image.png> >>>>> >>>>> >>>>> <image.png> >>>>> >>>>> >>>>> On Fri, 13 Nov 2020 at 18:48, Ludovic Zammit <lzam...@inverse.ca> >>>>> wrote: >>>>> >>>>>> Glad you are progressing. >>>>>> >>>>>> In web auth, the client IP address is sent out to PF management >>>>>> interface inside a HTTP request. >>>>>> >>>>>> So if you don’t see the portal, there is a good chance that IP won’t >>>>>> populate. >>>>>> >>>>>> Check in the logs/httpd.portal.access you should see the request I’m >>>>>> talking about above. >>>>>> >>>>>> Thanks, >>>>>> >>>>>> >>>>>> Ludovic zammitlzam...@inverse.ca :: +1.514.447.4918 (x145) :: >>>>>> www.inverse.ca >>>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >>>>>> (http://packetfence.org) >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Nov 13, 2020, at 10:44 AM, Ezeh Victor <vickeyzed...@gmail.com> >>>>>> wrote: >>>>>> >>>>>> Hi Ludovic, >>>>>> >>>>>> Thank you soo much for the last mail. >>>>>> >>>>>> I have made some progress and the device can now connect and receive >>>>>> IP information. The directive on FlexConnect ACL I think did the trick. >>>>>> Also, it is seen as an online node. >>>>>> >>>>>> The challenge now is the captive portal does not pop up as the device >>>>>> remains in unregistered mode and is assigned a vlan 0 as against the >>>>>> guest >>>>>> vlan 300 >>>>>> <image.png> >>>>>> >>>>>> <image.png> >>>>>> >>>>>> How do I ensure that the captive portal comes up after connection? >>>>>> >>>>>> On Thu, 12 Nov 2020 at 14:50, Ludovic Zammit <lzam...@inverse.ca> >>>>>> wrote: >>>>>> >>>>>>> Hello Victor, >>>>>>> >>>>>>> Here’s few steps that you can validate before moving forward. >>>>>>> >>>>>>> SSID config: >>>>>>> >>>>>>> - AAA override checked, RADIUS NAC (or ISE) enabled >>>>>>> - Interface set to the correct guest vlan >>>>>>> - Since you are using flex connect, make sure your vlan / ACL are >>>>>>> created on the flex connect config >>>>>>> >>>>>>> PacketFence: >>>>>>> >>>>>>> - receive the radius request on each connection >>>>>>> - reply the portal URL + the ACL name for the captive portal >>>>>>> - enable the external portal on the switch >>>>>>> - getting the portal deamon listening to the management interface >>>>>>> >>>>>>> Do you have an IP address when you connect? >>>>>>> >>>>>>> You can do advanced debuting with the SSH Cisco CLI like: >>>>>>> >>>>>>> debug client mac aa:bb:cc:dd:ee:ff >>>>>>> >>>>>>> Look at the logs, they will tell you why you client can’t connect >>>>>>> successfully. >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> >>>>>>> Ludovic zammitlzam...@inverse.ca :: +1.514.447.4918 (x145) :: >>>>>>> www.inverse.ca >>>>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and >>>>>>> PacketFence (http://packetfence.org) >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Nov 12, 2020, at 3:02 AM, Ezeh Victor <vickeyzed...@gmail.com> >>>>>>> wrote: >>>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> Thanks for all your responses but I have gone through the provided >>>>>>> links prior to making this request. >>>>>>> >>>>>>> A little bit of additional detail; >>>>>>> >>>>>>> - My SSID is Open and is a flex connect SSID to enable users to >>>>>>> pick IP addresses from local DHCP servers >>>>>>> - I have my access-lists in place >>>>>>> - I have configured the controller on packet fence following the >>>>>>> documentation >>>>>>> - I have enabled the captive portal on the management interface >>>>>>> - I have enabled self preregistration >>>>>>> >>>>>>> My challenges however are; >>>>>>> >>>>>>> - I cannot connect to the SSID. I keep getting an authentication >>>>>>> error. >>>>>>> - The captive portal does not show up >>>>>>> - I cannot see the controller node online as it is recorded as >>>>>>> offline on packetfence >>>>>>> >>>>>>> >>>>>>> I would appreciate a clear step on what to do based off of >>>>>>> successful implementations already done. >>>>>>> >>>>>>> The documentation has helped but I have not been successful. >>>>>>> >>>>>>> On Wed, 11 Nov 2020 at 20:14, Ludovic Zammit <lzam...@inverse.ca> >>>>>>> wrote: >>>>>>> >>>>>>>> Hello, >>>>>>>> >>>>>>>> >>>>>>>> https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_cisco_2 >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>>> >>>>>>>> Ludovic zammitlzam...@inverse.ca :: +1.514.447.4918 (x145) :: >>>>>>>> www.inverse.ca >>>>>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and >>>>>>>> PacketFence (http://packetfence.org) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Nov 10, 2020, at 8:24 AM, Ezeh Victor via PacketFence-users < >>>>>>>> packetfence-users@lists.sourceforge.net> wrote: >>>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> Please I need assistance with figuring how I can integrate >>>>>>>> PacketFence with Cisco WLC. >>>>>>>> >>>>>>>> Any assistance will be appreciated. >>>>>>>> >>>>>>>> Regards. >>>>>>>> _______________________________________________ >>>>>>>> PacketFence-users mailing list >>>>>>>> PacketFence-users@lists.sourceforge.net >>>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
