Hi Ludovic, That ip is not on my loopback. I added in /etc/sysconfig/network-scripts/ifcfg-lo as second ip. Is that right belongs it someware in pf?
Van: Ludovic Zammit <[email protected]> Verzonden: 02 March 2021 21:01 Aan: Martijn Langendoen <[email protected]> CC: [email protected] Onderwerp: Re: [PacketFence-users] Wifi Guest suddenly get no portal anymore The 66.70.255.147 IP is septic IP that we own to do portal redirection. You have to make sure that 66.70.255.147 IP is attached to the lo interface: [root@pf-testing pf]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 66.70.255.147/32 scope link lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever [root@pf-testing pf]# netstat -nlp | grep 66.70.255.147 tcp 0 0 66.70.255.147:80 0.0.0.0:* LISTEN 4296/haproxy tcp 0 0 66.70.255.147:443 0.0.0.0:* LISTEN 4296/haproxy Give me the output of that command: /usr/local/pf/bin/pfcmd service pf status Thanks, Ludovic Zammit [email protected]<mailto:[email protected]> :: +1.514.447.4918 (x145) :: www.inverse.ca<https://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu<http://www.sogo.nu/>) and PacketFence (http://packetfence.org<http://packetfence.org/>) On Mar 2, 2021, at 1:58 PM, Martijn Langendoen <[email protected]<mailto:[email protected]>> wrote: Hi Ludovic, The version is a ZEN version PacketFence 10.1.0 fully patched. I get an error: [root@PacketFence-ZEN ~]# /usr/local/pf/bin/pfcmd service haproxy-portal stop Service Status PID packetfence-haproxy-portal.service stopped 0 [root@PacketFence-ZEN ~]# /usr/local/pf/bin/pfcmd service haproxy-portal start Service Status PID Job for packetfence-haproxy-portal.service failed because the control process exited with error code. See "systemctl status packetfence-haproxy-portal.service" and "journalctl -xe" for details. packetfence-haproxy-portal.service stopped 0 [root@PacketFence-ZEN ~]# journalctl -xe Mar 02 19:54:34 PacketFence-ZEN pfdhcp[2537]: t=2021-03-02T19:54:34+0100 lvl=info msg="DHCPREQUEST for 10.8.16.50 from 04:91:62:e1:cd:21 ()" pid=2537 mac=04:91:62:e1:cd:21 Mar 02 19:54:34 PacketFence-ZEN pfdhcp[2537]: t=2021-03-02T19:54:34+0100 lvl=info msg="DHCPACK on 10.8.16.50 to 04:91:62:e1:cd:21 ()" pid=2537 mac=04:91:62:e1:cd:21 Mar 02 19:54:34 PacketFence-ZEN pfdhcplistener[10213]: pfqueue(10213) INFO: [mac:unknown] DHCPACK from 10.8.16.254 (00:50:56:8b:4e:c5) to host 04:91:62:e1:cd:21 (10.8.16.50) for 30 seconds (pf::dhcp::processor_v4::parse_dhcp_ack) Mar 02 19:54:34 PacketFence-ZEN pfdhcplistener[10213]: pfqueue(10213) INFO: [mac:unknown] The listener process is on the same server as the DHCP server. (pf::dhcp::processor_v4::pf_is_dhcp) Mar 02 19:54:34 PacketFence-ZEN fingerbank-collector[2737]: [GIN] 2021/03/02 - 19:54:34 | 200 | 93.487µs | 127.0.0.1 | GET /endpoint_data/04:91:62:e1:cd:21 Mar 02 19:54:35 PacketFence-ZEN pfqueue[11665]: pfqueue(11665) INFO: [mac:04:91:62:e1:cd:21] Instantiate profile Portsecurity-snmp (pf::Connection::ProfileFactory::_from_profile) Mar 02 19:54:35 PacketFence-ZEN pfdhcplistener[10389]: pfqueue(10389) INFO: [mac:unknown] DHCPACK from 145.116.199.25 (00:50:56:bb:0d:b0) to host 00:50:56:a2:2d:8c (145.116.205.1) for 3600 seconds (pf::dhcp::processor_v4::parse_dhcp_ack) Mar 02 19:54:35 PacketFence-ZEN pfdhcplistener[10389]: pfqueue(10389) INFO: [mac:unknown] The listener process is NOT on the same server as the DHCP server. (pf::dhcp::processor_v4::pf_is_dhcp) Mar 02 19:54:35 PacketFence-ZEN fingerbank-collector[2737]: [GIN] 2021/03/02 - 19:54:35 | 200 | 74.842µs | 127.0.0.1 | GET /endpoint_data/00:50:56:a2:2d:8c Mar 02 19:54:35 PacketFence-ZEN pfqueue[11666]: pfqueue(11666) INFO: [mac:00:50:56:a2:2d:8c] Instantiate profile default (pf::Connection::ProfileFactory::_from_profile) Mar 02 19:54:36 PacketFence-ZEN packetfence[11664]: -e(11664) WARN: requesting member ips for an undefined interface... (pf::cluster::members_ips) Mar 02 19:54:36 PacketFence-ZEN packetfence[11664]: -e(11664) WARN: requesting member ips for an undefined interface... (pf::cluster::members_ips) Mar 02 19:54:36 PacketFence-ZEN packetfence[11664]: -e(11664) WARN: requesting member ips for an undefined interface... (pf::cluster::members_ips) Mar 02 19:54:36 PacketFence-ZEN packetfence[11664]: -e(11664) WARN: requesting member ips for an undefined interface... (pf::cluster::members_ips) Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy proxy started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy static started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-http-10.8.15.254 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-https-10.8.15.254 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy 10.8.15.254-backend started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-http-10.8.16.254 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-https-10.8.16.254 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy 10.8.16.254-backend started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-http-145.116.199.36 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-https-145.116.199.36 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy 145.116.199.36-backend started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-http-2001:0610:02f0:0120:0000:0000:0000:0036 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: Proxy portal-https-2001:0610:02f0:0120:0000:0000:0000:0036 started. Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: [ALERT] 060/195436 (11667) : Starting frontend portal-http-66.70.255.147: cannot bind socket [66.70.255.147:80] Mar 02 19:54:36 PacketFence-ZEN haproxy[11667]: [ALERT] 060/195436 (11667) : Starting frontend portal-https-66.70.255.147: cannot bind socket [66.70.255.147:443] Mar 02 19:54:36 PacketFence-ZEN systemd[1]: packetfence-haproxy-portal.service: main process exited, code=exited, status=1/FAILURE Mar 02 19:54:36 PacketFence-ZEN systemd[1]: Failed to start PacketFence HAProxy Load Balancer for the captive portal. -- Subject: Unit packetfence-haproxy-portal.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit packetfence-haproxy-portal.service has failed. -- -- The result is failed. Mar 02 19:54:36 PacketFence-ZEN systemd[1]: Unit packetfence-haproxy-portal.service entered failed state. Mar 02 19:54:36 PacketFence-ZEN systemd[1]: packetfence-haproxy-portal.service failed. Mar 02 19:54:36 PacketFence-ZEN systemd[1]: packetfence-haproxy-portal.service holdoff time over, scheduling restart. Mar 02 19:54:36 PacketFence-ZEN systemd[1]: Stopped PacketFence HAProxy Load Balancer for the captive portal. -- Subject: Unit packetfence-haproxy-portal.service has finished shutting down -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit packetfence-haproxy-portal.service has finished shutting down. Mar 02 19:54:36 PacketFence-ZEN systemd[1]: start request repeated too quickly for packetfence-haproxy-portal.service Mar 02 19:54:36 PacketFence-ZEN systemd[1]: Failed to start PacketFence HAProxy Load Balancer for the captive portal. -- Subject: Unit packetfence-haproxy-portal.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit packetfence-haproxy-portal.service has failed. -- -- The result is failed. Mar 02 19:54:36 PacketFence-ZEN systemd[1]: Unit packetfence-haproxy-portal.service entered failed state. Mar 02 19:54:36 PacketFence-ZEN systemd[1]: packetfence-haproxy-portal.service failed. Mar 02 19:54:37 PacketFence-ZEN pfdns[2707]: 10.8.16.244 - [02/Mar/2021:19:54:37 +0100] "A IN gs-loc.apple.com<http://gs-loc.apple.com/>. udp 34 false 512" NOERROR qr,aa,rd 50 3.526486ms Mar 02 19:54:37 PacketFence-ZEN auth[3279]: Ignoring request to auth address 10.10.0.251 port 1812 bound to server packetfence from unknown client 10.10.0.2 port 1645 proto udp Mar 02 19:54:38 PacketFence-ZEN pfdns[2707]: 10.8.16.50 - [02/Mar/2021:19:54:38 +0100] "A IN ntp.nibeuplink.com<http://ntp.nibeuplink.com/>. udp 36 false 512" NOERROR qr,aa,rd 52 2.620797ms Mar 02 19:54:38 PacketFence-ZEN pfstats[2546]: t=2021-03-02T19:54:38+0100 lvl=info msg="Testing RADIUS source Radius-ZB" pid=2546 Mar 02 19:54:38 PacketFence-ZEN auth[3279]: Ignoring request to auth address 10.10.0.251 port 1812 bound to server packetfence from unknown client 10.10.0.251 port 37071 proto udp What is portal-https-66.70.255.147 ? Van: Ludovic Zammit via PacketFence-users <[email protected]<mailto:[email protected]>> Verzonden: 02 March 2021 16:31 Aan: [email protected]<mailto:[email protected]> CC: Ludovic Zammit <[email protected]<mailto:[email protected]>> Onderwerp: Re: [PacketFence-users] Wifi Guest suddenly get no portal anymore Hello Martijn, Which PF version are you running ? I would assume the latest one. Check if the httpd.dispatcher is answering properly with : [root@pf-testing pf]# curl 66.70.255.147 <html> <head> <meta http-equiv="refresh" content="0; url=https://pf.zam.org/captive-portal?destination_url=http://66.70.255.147/";> <script type="text/javascript"> window.location.replace('https:\/\/pf.zam.org<http://pf.zam.org/>\/captive-portal?destination_url=http:\/\/66.70.255.147\/'); </script> </head> If not: systemctl restart pakefence-httpd.dispatcher systemctl restart pakefence-httpd.portal systemctl restart pakefence-haproxy-portal Thanks, Ludovic Zammit [email protected]<mailto:[email protected]> :: +1.514.447.4918 (x145) :: www.inverse.ca<https://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu<http://www.sogo.nu/>) and PacketFence (http://packetfence.org<http://packetfence.org/>) On Mar 2, 2021, at 6:51 AM, Martijn Langendoen via PacketFence-users <[email protected]<mailto:[email protected]>> wrote: Hi, I hope that anyone get help with my problem: Suddenly the guest portal page is not coming op on the wifi devices. User get an ip in the registration vlan but the popup with the portal page is not coming. Nothing is changed on packetfence or my Cisco WLC controller. What info did you need for help? (logs, configs) Thanks! _______________________________________________ PacketFence-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
