Can you reach the captive portal on the management interface of PF from you guest network ?
Thanks, Ludovic Zammit lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: www.inverse.ca <http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On Dec 1, 2020, at 1:10 PM, Ezeh Victor <vickeyzed...@gmail.com> wrote: > > Hi Ludovic, > > I removed the access list from the VLAN. > > On Tue, Dec 1, 2020, 19:08 Ludovic Zammit <lzam...@inverse.ca > <mailto:lzam...@inverse.ca>> wrote: > > > Did you remove that? If not, remove it. > > Thanks, > > Ludovic Zammit > lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > >> On Dec 1, 2020, at 12:35 PM, Ezeh Victor <vickeyzed...@gmail.com >> <mailto:vickeyzed...@gmail.com>> wrote: >> >> Hi Ludovic, >> >> Kindly find attached the logs. >> >> On Tue, 1 Dec 2020 at 17:24, Ludovic Zammit <lzam...@inverse.ca >> <mailto:lzam...@inverse.ca>> wrote: >> In that case, on that version the ACL just need to be there on the >> controller as you did create it. >> >> The ACL is assigned dynamically to your device and not the SSID. >> >> Try to debug with that command using SSH on the controller: >> >> (Cisco Controller) >debug client ? >> >> <MAC addr1> Enter MAC address >> >> Command: debug client aa:bb:cc:dd:ee:ff >> >> Send me the output please. >> >> Thanks, >> >> Ludovic Zammit >> lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: >> www.inverse.ca <http://www.inverse.ca/> >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >> <http://packetfence.org/>) >> >> >> >> >>> On Dec 1, 2020, at 10:15 AM, Ezeh Victor <vickeyzed...@gmail.com >>> <mailto:vickeyzed...@gmail.com>> wrote: >>> >>> Also, when I tried applying it to the WLAN in the Flexconnect group below >>> is the error I received >>> >>> <image.png> >>> >>> On Tue, 1 Dec 2020 at 15:44, Ezeh Victor <vickeyzed...@gmail.com >>> <mailto:vickeyzed...@gmail.com>> wrote: >>> Hi Ludovic, >>> >>> Thanks for the response and the correction. >>> >>> Kindly note that the WLAN is in flex connect mode and from initial >>> correspondence, I created a flex connect ACL. >>> >>> I cannot assign a flex connect ACL to a WLAN directly. >>> >>> However, I created an ACL on the controller and applied it to the WLAN >>> directly as seen below; >>> >>> <image.png> >>> >>> >>> <image.png> >>> >>> This did not also work and I am not getting automatic re-direction as I >>> previously got. >>> <image.png> >>> >>> <image.png> >>> >>> On Tue, 1 Dec 2020 at 14:17, Ludovic Zammit <lzam...@inverse.ca >>> <mailto:lzam...@inverse.ca>> wrote: >>> Hello Victor, >>> >>> Your Web auth reg ACL is not good, the TCP should match the PF management >>> IP address. >>> >>> When you add the ACL on the flexconnect, you need to add them under the >>> WLAN and not the VLAN itself. >>> >>> Thanks, >>> >>> Ludovic Zammit >>> lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) >>> :: www.inverse.ca <http://www.inverse.ca/> >>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >>> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >>> <http://packetfence.org/>) >>> >>> >>> >>> >>>> On Dec 1, 2020, at 3:36 AM, Ezeh Victor <vickeyzed...@gmail.com >>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>> >>>> Hi Ludovic, >>>> >>>> Kindly find the response below; >>>> >>>> >>>> - Do you have the portal listening on 172.20.130.50? >>>> <image.png> >>>> >>>> >>>> >>>> >>>> - Could you show me the radius reply regarding that wireless connection? >>>> <image.png> >>>> >>>> >>>> >>>> - Do you have the External portal checked on your switch module? >>>> <image.png> >>>> >>>> >>>> >>>> >>>> - Do you have access to the portal from your guest network? >>>> >>>> A user connected to the Guest SSID - I do not understand why this is >>>> happening because the gateway can reach the PacketFence management IP >>>> <image.png> >>>> >>>> Core device reachability to PacketFence from GUEST SSID Gateway >>>> <image.png> >>>> >>>> PacketFence reachability to GUEST Gateway >>>> <image.png> >>>> >>>> PacketFence reachability to a client connected to the GUEST SSID - This is >>>> also surprising since the server can reach the Guest gateway >>>> <image.png> >>>> >>>> The route to the GUEST network from PacketFence >>>> <image.png> >>>> >>>> >>>> >>>> >>>> - Does your ACL Pre-Auth-For-WebRedirect is correctly configured on the >>>> controller? >>>> <image.png> >>>> >>>> Tried the following combinations below; >>>> <image.png> >>>> >>>> <image.png> >>>> >>>> <image.png> >>>> >>>> But it keeps showing a blank page with via this link: >>>> http://172.20.130.50/Cisco::WLC/sid774610 >>>> <http://172.20.130.50/Cisco::WLC/sid774610>? >>>> >>>> On Mon, 30 Nov 2020 at 20:32, Ludovic Zammit <lzam...@inverse.ca >>>> <mailto:lzam...@inverse.ca>> wrote: >>>> Alright, few things to checkout: >>>> >>>> - Do you have the portal listening on 172.20.130.50? >>>> - Could you show me the radius reply regarding that wireless connection ? >>>> - Do you have the External portal checked on your switch module? >>>> - Do you have access to the portal from your guest network ? >>>> - Does your ACL Pre-Auth-For-WebRedirect is correctly configured on the >>>> controller? >>>> >>>> Thanks, >>>> >>>> Ludovic Zammit >>>> lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) >>>> :: www.inverse.ca <http://www.inverse.ca/> >>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >>>> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >>>> <http://packetfence.org/>) >>>> >>>> >>>> >>>> >>>>> On Nov 30, 2020, at 9:00 AM, Ezeh Victor <vickeyzed...@gmail.com >>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>> >>>>> Hi Ludovic, >>>>> >>>>> Thank you for your email. >>>>> >>>>> Kindly find below issue experienced. >>>>> >>>>> When I connect to the SSID Guest-Test, the processes below are what takes >>>>> place; >>>>> The computer opens a browser and tries to visit >>>>> http://www.msftconnecttest.com/redirect >>>>> <http://www.msftconnecttest.com/redirect> then >>>>> http://172.20.130.50/Cisco::WLC/sidff17da >>>>> <http://172.20.130.50/Cisco::WLC/sidff17da>? >>>>> It then ends http://172.20.130.50/access?lang= >>>>> <http://172.20.130.50/access?lang=> with no display. >>>>> When I now try to change the SSID back to the normal staff SSID, it then >>>>> continues to >>>>> http://172.20.130.50/captive-portal?destination_url=http://172.20.130.50/Cisco::WLC/sidff17da?&; >>>>> >>>>> <http://172.20.130.50/captive-portal?destination_url=http://172.20.130.50/Cisco::WLC/sidff17da?&;> >>>>> and displays the captive portal which obviously returns with an error >>>>> that no network access is detected. >>>>> Kindly advise, what am I missing? >>>>> >>>>> >>>>> On Thu, 26 Nov 2020 at 15:59, Ezeh Victor <vickeyzed...@gmail.com >>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>> Hi Durand, >>>>> >>>>> I also made some observations today; >>>>> >>>>> When I connect to the SSID Guest-Test, the processes below are what takes >>>>> place; >>>>> The computer opens a browser and tries to visit >>>>> http://www.msftconnecttest.com/redirect >>>>> <http://www.msftconnecttest.com/redirect> then >>>>> http://172.20.130.50/Cisco::WLC/sidff17da >>>>> <http://172.20.130.50/Cisco::WLC/sidff17da>? >>>>> It then ends http://172.20.130.50/access?lang= >>>>> <http://172.20.130.50/access?lang=> with no display. >>>>> >>>>> When I now try to change the SSID back to the normal staff SSID, it then >>>>> continues to >>>>> http://172.20.130.50/captive-portal?destination_url=http://172.20.130.50/Cisco::WLC/sidff17da?&; >>>>> >>>>> <http://172.20.130.50/captive-portal?destination_url=http://172.20.130.50/Cisco::WLC/sidff17da?&;> >>>>> and displays the captive portal which obviously returns with an error >>>>> that no network access is detected. >>>>> >>>>> Kindly advise, what am I missing? >>>>> >>>>> >>>>> On Thu, 26 Nov 2020 at 09:26, Ezeh Victor <vickeyzed...@gmail.com >>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>> Dear Durand, >>>>> >>>>> Kindly find below; >>>>> >>>>> Access-list changed >>>>> <image.png> >>>>> >>>>> Pings to Packet fence from a wire device >>>>> <image.png> >>>>> >>>>> <image.png> >>>>> >>>>> Pings from Packet Fence and route table >>>>> >>>>> <image.png> >>>>> >>>>> After connecting to the Guest SSID, I got a re-direction but the captive >>>>> portal did not show up; >>>>> >>>>> <image.png> >>>>> >>>>> It seems I have an issue with the captive portal. >>>>> >>>>> Kindly assist. >>>>> >>>>> On Thu, 26 Nov 2020 at 02:33, Durand fabrice <fdur...@inverse.ca >>>>> <mailto:fdur...@inverse.ca>> wrote: >>>>> If i understand correctly, your vlan 300 is the guest vlan where the user >>>>> device is, right ? >>>>> >>>>> And if i understand correctly the ACL, you permit the source >>>>> 172.20.130.50 to reach 172.26.80.0/25 <http://172.26.80.0/25> but it >>>>> should be the inverse ! (your ACL is in IN direction) >>>>> >>>>> So put a wire device in the vlan 300 and try to ping 172.20.130.50 , if >>>>> it doesn't work then remove your acl and retry. >>>>> >>>>> Also from the packetfence server are you able to ping 172.26.80.1 ? >>>>> >>>>> What is the result of : ip route get 172.26.80.1 >>>>> >>>>> is it returning the source interface where the portal is ? >>>>> >>>>> Regards >>>>> >>>>> Fabrice >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Le 20-11-25 à 05 h 31, Ezeh Victor a écrit : >>>>>> Hi Durand, >>>>>> >>>>>> Kindly find below screenshots; >>>>>> >>>>>> <image.png> >>>>>> <image.png> >>>>>> <image.png> >>>>>> <image.png> >>>>>> <image.png> >>>>>> <image.png> >>>>>> >>>>>> <image.png> >>>>>> <image.png> >>>>>> >>>>>> >>>>>> On Wed, 25 Nov 2020 at 03:01, Durand fabrice <fdur...@inverse.ca >>>>>> <mailto:fdur...@inverse.ca>> wrote: >>>>>> First you need to try with a acl with permit any any and try to go on >>>>>> the portal url. >>>>>> >>>>>> If it doesn't show the portal then it mean that there is a network issue >>>>>> between the vlan where the device is and the ip of the captive portal. >>>>>> >>>>>> What you can try also is to put a wired device in this guest vlan and >>>>>> try to go on https://172.20.130.50/captive-portal >>>>>> <https://172.20.130.50/captive-portal> >>>>>> Regards >>>>>> >>>>>> Fabrice >>>>>> >>>>>> >>>>>> >>>>>> Le 20-11-24 à 05 h 57, Ezeh Victor a écrit : >>>>>>> Hi Durand, >>>>>>> >>>>>>> This is the result of trying to access the captive portal; >>>>>>> >>>>>>> <image.png> >>>>>>> >>>>>>> Is that the right URL? >>>>>>> >>>>>>> I would appreciate your response. >>>>>>> >>>>>>> Best Regards >>>>>>> >>>>>>> On Tue, 24 Nov 2020 at 10:01, Ezeh Victor <vickeyzed...@gmail.com >>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>> Hi Durand, >>>>>>> >>>>>>> Any feedback on my previous response? >>>>>>> >>>>>>> Find screenshot again >>>>>>> <image.png> >>>>>>> >>>>>>> On Mon, 23 Nov 2020 at 12:57, Ezeh Victor <vickeyzed...@gmail.com >>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>> Hi Durand, >>>>>>> >>>>>>> I have done as directed. >>>>>>> >>>>>>> >>>>>>> Also, find below a screenshot of Radius Audit Logs >>>>>>> >>>>>>> <image.png> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Tue, 17 Nov 2020 at 04:07, Durand fabrice via PacketFence-users >>>>>>> <packetfence-users@lists.sourceforge.net >>>>>>> <mailto:packetfence-users@lists.sourceforge.net>> wrote: >>>>>>> Hello Victor, >>>>>>> >>>>>>> it looks that you defined https://172.20.130.50:1443/ >>>>>>> <https://172.20.130.50:1443/>... as the registrationUrl. >>>>>>> >>>>>>> And in the switch config you need to enable "External Portal >>>>>>> Enforcement". >>>>>>> >>>>>>> Also do you have the portal daemon enabled on the management interface >>>>>>> ? (https://mgmt:1443/admin/alt#/configuration/interfaces >>>>>>> <https://mgmt:1443/admin/alt#/configuration/interfaces>) >>>>>>> >>>>>>> Can you paste a screenshot of the radius audit log (radius tab) when >>>>>>> you connect on the ssid ? >>>>>>> >>>>>>> Regards >>>>>>> >>>>>>> Fabrice >>>>>>> >>>>>>> >>>>>>> >>>>>>> Le 20-11-16 à 17 h 56, Ezeh Victor via PacketFence-users a écrit : >>>>>>>> Hi >>>>>>>> >>>>>>>> Please can someone assist me. This project has come to a halt. >>>>>>>> >>>>>>>> I do not seem to be getting something right. The captive portal does >>>>>>>> not come up after connecting to the guest SSID. >>>>>>>> >>>>>>>> I would really appreciate a response as soon as possible. >>>>>>>> >>>>>>>> Best regards >>>>>>>> >>>>>>>> On Mon, Nov 16, 2020, 11:23 Ezeh Victor <vickeyzed...@gmail.com >>>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>>> Hi Ludovic/All, >>>>>>>> >>>>>>>> Kindly see the status of trying to access the captive portal; >>>>>>>> >>>>>>>> <image.png> >>>>>>>> >>>>>>>> On Mon, 16 Nov 2020 at 09:42, Ezeh Victor <vickeyzed...@gmail.com >>>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>>> Hi Ludovic, >>>>>>>> >>>>>>>> Kind reminder. >>>>>>>> >>>>>>>> On Sun, Nov 15, 2020, 16:51 Ezeh Victor <vickeyzed...@gmail.com >>>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>>> Hi Ludovic, >>>>>>>> >>>>>>>> Please I am still expecting your reply. >>>>>>>> >>>>>>>> On Fri, Nov 13, 2020, 19:27 Ezeh Victor <vickeyzed...@gmail.com >>>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>>> Kindly find below; >>>>>>>> >>>>>>>> # Copyright (C) Inverse inc. >>>>>>>> # >>>>>>>> # >>>>>>>> # >>>>>>>> # See the enclosed file COPYING for license information (GPL). >>>>>>>> # If you did not receive this file, see >>>>>>>> # http://www.fsf.org/licensing/licenses/gpl.html >>>>>>>> <http://www.fsf.org/licensing/licenses/gpl.html> >>>>>>>> [default] >>>>>>>> type=Cisco::WLC_2500 >>>>>>>> VoIPDHCPDetect=N >>>>>>>> coaPort=3799 >>>>>>>> uplink_dynamic=0 >>>>>>>> deauthMethod=RADIUS >>>>>>>> always_trigger=1 >>>>>>>> >>>>>>>> [172.20.130.252] >>>>>>>> description=WLC >>>>>>>> RoleMap=Y >>>>>>>> VlanMap=N >>>>>>>> registrationUrl=http://172.20.130.50/Cisco::WLC >>>>>>>> <http://172.20.130.50/Cisco::WLC> >>>>>>>> UrlMap=Y >>>>>>>> isolationRole=Isolation >>>>>>>> defaultRole=Authorize_Any >>>>>>>> registrationRole=Pre-Auth-For-WebRedirect >>>>>>>> radiusSecret=D4n-n3t0ps >>>>>>>> inlineRole=Inline >>>>>>>> >>>>>>>> # Copyright (C) Inverse inc. >>>>>>>> # >>>>>>>> # >>>>>>>> # >>>>>>>> # See the enclosed file COPYING for license information (GPL). >>>>>>>> # If you did not receive this file, see >>>>>>>> # http://www.fsf.org/licensing/licenses/gpl.html >>>>>>>> <http://www.fsf.org/licensing/licenses/gpl.html> >>>>>>>> [192.168.0.1] >>>>>>>> description=Test Switch >>>>>>>> type=Cisco::Catalyst_2960 >>>>>>>> mode=production >>>>>>>> uplink=23,24 >>>>>>>> VoIPLLDPDetect=N >>>>>>>> >>>>>>>> #SNMPVersion = 3 >>>>>>>> #SNMPEngineID = 0000000000000 >>>>>>>> #SNMPUserNameRead = readUser >>>>>>>> #SNMPAuthProtocolRead = MD5 >>>>>>>> #SNMPAuthPasswordRead = authpwdread >>>>>>>> #SNMPPrivProtocolRead = DES >>>>>>>> #SNMPPrivPasswordRead = privpwdread >>>>>>>> #SNMPUserNameWrite = writeUser >>>>>>>> #SNMPAuthProtocolWrite = MD5 >>>>>>>> #SNMPAuthPasswordWrite = authpwdwrite >>>>>>>> #SNMPPrivProtocolWrite = DES >>>>>>>> #SNMPPrivPasswordWrite = privpwdwrite >>>>>>>> #SNMPVersionTrap = 3 >>>>>>>> #SNMPUserNameTrap = readUser >>>>>>>> #SNMPAuthProtocolTrap = MD5 >>>>>>>> #SNMPAuthPasswordTrap = authpwdread >>>>>>>> #SNMPPrivProtocolTrap = DES >>>>>>>> #SNMPPrivPasswordTrap = privpwdread >>>>>>>> [192.168.1.0/24 <http://192.168.1.0/24>] >>>>>>>> description=Test Range WLC >>>>>>>> type=Cisco::WLC >>>>>>>> mode=production >>>>>>>> uplink_dynamic=0 >>>>>>>> VoIPLLDPDetect=N >>>>>>>> >>>>>>>> On Fri, 13 Nov 2020 at 19:22, Ludovic Zammit <lzam...@inverse.ca >>>>>>>> <mailto:lzam...@inverse.ca>> wrote: >>>>>>>> Send me your conf/switches.conf >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>>>> On Nov 13, 2020, at 1:20 PM, Ezeh Victor <vickeyzed...@gmail.com >>>>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> Hi Ludovic, >>>>>>>>> >>>>>>>>> Thank you for your timely assistance. >>>>>>>>> >>>>>>>>> Kindly below some of the logs observed; >>>>>>>>> <image.png> >>>>>>>>> >>>>>>>>> >>>>>>>>> <image.png> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Fri, 13 Nov 2020 at 18:48, Ludovic Zammit <lzam...@inverse.ca >>>>>>>>> <mailto:lzam...@inverse.ca>> wrote: >>>>>>>>> Glad you are progressing. >>>>>>>>> >>>>>>>>> In web auth, the client IP address is sent out to PF management >>>>>>>>> interface inside a HTTP request. >>>>>>>>> >>>>>>>>> So if you don’t see the portal, there is a good chance that IP won’t >>>>>>>>> populate. >>>>>>>>> >>>>>>>>> Check in the logs/httpd.portal.access you should see the request I’m >>>>>>>>> talking about above. >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> Ludovic Zammit >>>>>>>>> lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 >>>>>>>>> (x145) :: www.inverse.ca <http://www.inverse.ca/> >>>>>>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >>>>>>>>> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >>>>>>>>> <http://packetfence.org/>) >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> On Nov 13, 2020, at 10:44 AM, Ezeh Victor <vickeyzed...@gmail.com >>>>>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>>>>> >>>>>>>>>> Hi Ludovic, >>>>>>>>>> >>>>>>>>>> Thank you soo much for the last mail. >>>>>>>>>> >>>>>>>>>> I have made some progress and the device can now connect and receive >>>>>>>>>> IP information. The directive on FlexConnect ACL I think did the >>>>>>>>>> trick. Also, it is seen as an online node. >>>>>>>>>> >>>>>>>>>> The challenge now is the captive portal does not pop up as the >>>>>>>>>> device remains in unregistered mode and is assigned a vlan 0 as >>>>>>>>>> against the guest vlan 300 >>>>>>>>>> <image.png> >>>>>>>>>> >>>>>>>>>> <image.png> >>>>>>>>>> >>>>>>>>>> How do I ensure that the captive portal comes up after connection? >>>>>>>>>> >>>>>>>>>> On Thu, 12 Nov 2020 at 14:50, Ludovic Zammit <lzam...@inverse.ca >>>>>>>>>> <mailto:lzam...@inverse.ca>> wrote: >>>>>>>>>> Hello Victor, >>>>>>>>>> >>>>>>>>>> Here’s few steps that you can validate before moving forward. >>>>>>>>>> >>>>>>>>>> SSID config: >>>>>>>>>> >>>>>>>>>> - AAA override checked, RADIUS NAC (or ISE) enabled >>>>>>>>>> - Interface set to the correct guest vlan >>>>>>>>>> - Since you are using flex connect, make sure your vlan / ACL are >>>>>>>>>> created on the flex connect config >>>>>>>>>> >>>>>>>>>> PacketFence: >>>>>>>>>> >>>>>>>>>> - receive the radius request on each connection >>>>>>>>>> - reply the portal URL + the ACL name for the captive portal >>>>>>>>>> - enable the external portal on the switch >>>>>>>>>> - getting the portal deamon listening to the management interface >>>>>>>>>> >>>>>>>>>> Do you have an IP address when you connect? >>>>>>>>>> >>>>>>>>>> You can do advanced debuting with the SSH Cisco CLI like: >>>>>>>>>> >>>>>>>>>> debug client mac aa:bb:cc:dd:ee:ff >>>>>>>>>> >>>>>>>>>> Look at the logs, they will tell you why you client can’t connect >>>>>>>>>> successfully. >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> Ludovic Zammit >>>>>>>>>> lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 >>>>>>>>>> (x145) :: www.inverse.ca <http://www.inverse.ca/> >>>>>>>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >>>>>>>>>> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >>>>>>>>>> <http://packetfence.org/>) >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> On Nov 12, 2020, at 3:02 AM, Ezeh Victor <vickeyzed...@gmail.com >>>>>>>>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>>>>>>>> >>>>>>>>>>> Hi, >>>>>>>>>>> >>>>>>>>>>> Thanks for all your responses but I have gone through the provided >>>>>>>>>>> links prior to making this request. >>>>>>>>>>> >>>>>>>>>>> A little bit of additional detail; >>>>>>>>>>> My SSID is Open and is a flex connect SSID to enable users to pick >>>>>>>>>>> IP addresses from local DHCP servers >>>>>>>>>>> I have my access-lists in place >>>>>>>>>>> I have configured the controller on packet fence following the >>>>>>>>>>> documentation >>>>>>>>>>> I have enabled the captive portal on the management interface >>>>>>>>>>> I have enabled self preregistration >>>>>>>>>>> My challenges however are; >>>>>>>>>>> I cannot connect to the SSID. I keep getting an authentication >>>>>>>>>>> error. >>>>>>>>>>> The captive portal does not show up >>>>>>>>>>> I cannot see the controller node online as it is recorded as >>>>>>>>>>> offline on packetfence >>>>>>>>>>> >>>>>>>>>>> I would appreciate a clear step on what to do based off of >>>>>>>>>>> successful implementations already done. >>>>>>>>>>> >>>>>>>>>>> The documentation has helped but I have not been successful. >>>>>>>>>>> >>>>>>>>>>> On Wed, 11 Nov 2020 at 20:14, Ludovic Zammit <lzam...@inverse.ca >>>>>>>>>>> <mailto:lzam...@inverse.ca>> wrote: >>>>>>>>>>> Hello, >>>>>>>>>>> >>>>>>>>>>> https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_cisco_2 >>>>>>>>>>> >>>>>>>>>>> <https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_cisco_2> >>>>>>>>>>> >>>>>>>>>>> Thanks, >>>>>>>>>>> Ludovic Zammit >>>>>>>>>>> lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 >>>>>>>>>>> (x145) :: www.inverse.ca <http://www.inverse.ca/> >>>>>>>>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu >>>>>>>>>>> <http://www.sogo.nu/>) and PacketFence (http://packetfence.org >>>>>>>>>>> <http://packetfence.org/>) >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> On Nov 10, 2020, at 8:24 AM, Ezeh Victor via PacketFence-users >>>>>>>>>>>> <packetfence-users@lists.sourceforge.net >>>>>>>>>>>> <mailto:packetfence-users@lists.sourceforge.net>> wrote: >>>>>>>>>>>> >>>>>>>>>>>> Hi, >>>>>>>>>>>> >>>>>>>>>>>> Please I need assistance with figuring how I can integrate >>>>>>>>>>>> PacketFence with Cisco WLC. >>>>>>>>>>>> >>>>>>>>>>>> Any assistance will be appreciated. >>>>>>>>>>>> >>>>>>>>>>>> Regards. >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> PacketFence-users mailing list >>>>>>>>>>>> PacketFence-users@lists.sourceforge.net >>>>>>>>>>>> <mailto:PacketFence-users@lists.sourceforge.net> >>>>>>>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>>>>>>>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> PacketFence-users mailing list >>>>>>>> PacketFence-users@lists.sourceforge.net >>>>>>>> <mailto:PacketFence-users@lists.sourceforge.net> >>>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>>>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users> >>>>>>> _______________________________________________ >>>>>>> PacketFence-users mailing list >>>>>>> PacketFence-users@lists.sourceforge.net >>>>>>> <mailto:PacketFence-users@lists.sourceforge.net> >>>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>>> <https://lists.sourceforge.net/lists/listinfo/packetfence-users> >>>> >>> >> >> <putty.log> > > <image.png><image.png>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
