Where do you want to authenticate your test user? Where did you create it?
Thanks, Ludovic Zammit [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: www.inverse.ca <https://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On Mar 24, 2021, at 4:19 PM, Joel Rodriguez <[email protected]> > wrote: > > Hi Ludovic, > > This is the output. > > <image.png> > > On Tue, Mar 23, 2021 at 1:40 PM Ludovic Zammit <[email protected] > <mailto:[email protected]>> wrote: > Hello Joel, > > That output tells me that your node / username did not match any rule in any > source. > > Do that and show me the result: > > grep -i MAC_ADDRESS /usr/local/pf/logs/packetfence.log > > Thanks, > > Ludovic Zammit > [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: > www.inverse.ca <https://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > > >> On Mar 23, 2021, at 1:33 PM, Joel Rodriguez <[email protected] >> <mailto:[email protected]>> wrote: >> >> Ludovic can you help with my question below. Also this is the entire output >> as you can see in the RADIUS reply I do not see where PacketFence is sending >> back the VLAN. >> >> I am having an issue where I have a rule successfully match and is based on >> AD Group however even if the account used on the device is not on the >> correct AD Group it still successfully authenticate. I believe this is more >> of an AAA override issue is there anywhere on Packetfence where I can see if >> Packetfence is sending back the vlan assignment? All i see in the log is >> successful authentication nothing indicating it sent back a vlan override. >> Thank you in advance for your help. >> >> Request Time >> 0 >> RADIUS Request >> User-Name = "test" >> NAS-IP-Address = 172.16.99.99 >> NAS-Port = 5 >> Service-Type = Framed-User >> Framed-IP-Address = 172.16.100.174 >> Framed-MTU = 1485 >> State = 0x5ce103c05de81912a6fe102bc6c3d43e >> Called-Station-Id = "2c:21:21:9d:5f:60:Rdz-EWC >> Calling-Station-Id = "56:59:f8:36:e1:55" >> NAS-Identifier = "WLC2CF8.9B15.6E14" >> NAS-Port-Type = Wireless-802.11 >> Event-Timestamp = "Mar 16 2021 08:59:38 EDT" >> EAP-Message = 0x020900061a03 >> NAS-Port-Id = "capwap_90000004" >> Airespace-Wlan-Id = 1 >> Cisco-AVPair = "service-type=Framed" >> Cisco-AVPair = "audit-session-id=636310AC0000004094F18357" >> Cisco-AVPair = "method=dot1x" >> Cisco-AVPair = "addrv6=fe80::1ca6:189c:65f4:5770" >> Cisco-AVPair = "client-iif-id=469767067" >> Cisco-AVPair = "vlan-id=100" >> Cisco-AVPair = "cisco-wlan-ssid=Rdz-EWC" >> Cisco-AVPair = "wlan-profile-name=Rdz-EWC" >> FreeRADIUS-Proxied-To = 127.0.0.1 >> EAP-Type = MSCHAPv2 >> Stripped-User-Name = "test" >> Realm = "null" >> Called-Station-SSID = "Rdz-EWC" >> PacketFence-Domain = "NNGDomain" >> PacketFence-KeyBalanced = "6d5099cbb3bd042f6788696b2f8e2bfc" >> PacketFence-Radius-Ip = "172.16.100.95" >> PacketFence-NTLMv2-Only = "" >> PacketFence-Outer-User = "test" >> User-Password = "******" >> SQL-User-Name = "test" >> RADIUS Reply >> EAP-Message = 0x03090004 >> Message-Authenticator = 0x00000000000000000000000000000000 >> User-Name = "test" >> >> ---------- Forwarded message --------- >> From: Joel Rodriguez <[email protected] >> <mailto:[email protected]>> >> Date: Tue, Mar 16, 2021 at 10:13 AM >> Subject: VLAN Override Issue >> To: <[email protected] >> <mailto:[email protected]>> >> >> >
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
