Ludovic can you help with my question below. Also this is the entire output as you can see in the RADIUS reply I do not see where PacketFence is sending back the VLAN.
I am having an issue where I have a rule successfully match and is based on AD Group however even if the account used on the device is not on the correct AD Group it still successfully authenticate. I believe this is more of an AAA override issue is there anywhere on Packetfence where I can see if Packetfence is sending back the vlan assignment? All i see in the log is successful authentication nothing indicating it sent back a vlan override. Thank you in advance for your help. Request Time 0 RADIUS Request User-Name = "test" NAS-IP-Address = 172.16.99.99 NAS-Port = 5 Service-Type = Framed-User Framed-IP-Address = 172.16.100.174 Framed-MTU = 1485 State = 0x5ce103c05de81912a6fe102bc6c3d43e Called-Station-Id = "2c:21:21:9d:5f:60:Rdz-EWC Calling-Station-Id = "56:59:f8:36:e1:55" NAS-Identifier = "WLC2CF8.9B15.6E14" NAS-Port-Type = Wireless-802.11 Event-Timestamp = "Mar 16 2021 08:59:38 EDT" EAP-Message = 0x020900061a03 NAS-Port-Id = "capwap_90000004" Airespace-Wlan-Id = 1 Cisco-AVPair = "service-type=Framed" Cisco-AVPair = "audit-session-id=636310AC0000004094F18357" Cisco-AVPair = "method=dot1x" Cisco-AVPair = "addrv6=fe80::1ca6:189c:65f4:5770" Cisco-AVPair = "client-iif-id=469767067" Cisco-AVPair = "vlan-id=100" Cisco-AVPair = "cisco-wlan-ssid=Rdz-EWC" Cisco-AVPair = "wlan-profile-name=Rdz-EWC" FreeRADIUS-Proxied-To = 127.0.0.1 EAP-Type = MSCHAPv2 Stripped-User-Name = "test" Realm = "null" Called-Station-SSID = "Rdz-EWC" PacketFence-Domain = "NNGDomain" PacketFence-KeyBalanced = "6d5099cbb3bd042f6788696b2f8e2bfc" PacketFence-Radius-Ip = "172.16.100.95" PacketFence-NTLMv2-Only = "" PacketFence-Outer-User = "test" User-Password = "******" SQL-User-Name = "test" RADIUS Reply EAP-Message = 0x03090004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "test" ---------- Forwarded message --------- From: Joel Rodriguez <[email protected]> Date: Tue, Mar 16, 2021 at 10:13 AM Subject: VLAN Override Issue To: <[email protected]>
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
