Hello Victor, mysql -p -upf pf -e "select nasname from radius_nas”
That command there, will connect to the 'pf' database with the user ‘pf’, if you don’t know your PF user password, you can use the root password with: mysql -p -uroot pf -e "select nasname from radius_nas” Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Jun 8, 2021, at 11:07 AM, Ezeh Victor <vickeyzed...@gmail.com> wrote: > > > Hi Ludovic, > > I am not sure I understand how this command is used. > > Kindly find what u tried below; > <image.png> > <image.png> > > Your guidance will be appreciated. > > On Mon, 7 Jun 2021 at 17:09, Zammit, Ludovic <luza...@akamai.com > <mailto:luza...@akamai.com>> wrote: > Did you re-add your switch without the /32? > > Give me the output of: > > mysql -p -upf pf -e "select nasname from radius_nas” > > Thanks, > > Ludovic Zammit > Product Support Engineer Principal > > Cell: +1.613.670.8432 > Akamai Technologies - Inverse > 145 Broadway > Cambridge, MA 02142 > Connect with Us: <https://community.akamai.com/> > <http://blogs.akamai.com/> > <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!E4mhT8AvPAver9AWppEii-xG_CsKVwOIwUtbiFdMgPJoOVzK4yv6wV0MzaY7ww$> > > <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!E4mhT8AvPAver9AWppEii-xG_CsKVwOIwUtbiFdMgPJoOVzK4yv6wV1dsWV4RA$> > > <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!E4mhT8AvPAver9AWppEii-xG_CsKVwOIwUtbiFdMgPJoOVzK4yv6wV0sdf_9Zw$> > > <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!E4mhT8AvPAver9AWppEii-xG_CsKVwOIwUtbiFdMgPJoOVzK4yv6wV14l9pHEA$> > >> On Jun 7, 2021, at 11:08 AM, Ezeh Victor <vickeyzed...@gmail.com >> <mailto:vickeyzed...@gmail.com>> wrote: >> >> Hi Ludovic, >> >> Is there something else I should check to verify what the issue might be? >> >> On Thu, 3 Jun 2021 at 23:50, Ezeh Victor <vickeyzed...@gmail.com >> <mailto:vickeyzed...@gmail.com>> wrote: >> Hi Ludovic, >> >> The switch was not added with /32 as seen below; >> <image.png> >> <image.png> >> >> Or what exactly is being referred to? >> >> On Thu, 3 Jun 2021 at 21:08, Zammit, Ludovic <luza...@akamai.com >> <mailto:luza...@akamai.com>> wrote: >> Don’t add your switch with /32, clone it and remove /32 and try again. >> >> Thanks, >> >> Ludovic Zammit >> Product Support Engineer Principal >> >> Cell: +1.613.670.8432 >> Akamai Technologies - Inverse >> 145 Broadway >> Cambridge, MA 02142 >> Connect with Us: <https://community.akamai.com/> >> <http://blogs.akamai.com/> >> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!Ab7bS5waU-yBD_81an-f5r1xInpdK81FU-On9Tk_uGVV_mSENMBXgZA4OAeoUg$> >> >> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!Ab7bS5waU-yBD_81an-f5r1xInpdK81FU-On9Tk_uGVV_mSENMBXgZCIgejhbw$> >> >> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!Ab7bS5waU-yBD_81an-f5r1xInpdK81FU-On9Tk_uGVV_mSENMBXgZBu520SBw$> >> >> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!Ab7bS5waU-yBD_81an-f5r1xInpdK81FU-On9Tk_uGVV_mSENMBXgZBlQ9xcPw$> >> >>> On Jun 3, 2021, at 12:16 PM, Ezeh Victor <vickeyzed...@gmail.com >>> <mailto:vickeyzed...@gmail.com>> wrote: >>> >>> Hi Ludovic, >>> >>> That feature is now turned on as seen below; >>> <image.png> >>> >>> httpd.aaa and radiusd-auth services were restarted after this >>> >>> But the error still persists but with a different log message: >>> Jun 3 17:10:55 IKJDC-PRD-PKF01 auth[12075]: [mac:] Rejected user: ciscopi >>> Jun 3 17:10:55 IKJDC-PRD-PKF01 auth[12075]: (1290157) Rejected in >>> post-auth: [ciscopi] (from client 172.29.1.16/32 >>> <https://urldefense.com/v3/__http://172.29.1.16/32__;!!GjvTz_vk!ABP6xJ_ORORRZQcQvDk11-8j2qlOKG3QFWJKt0PrunEwkdA2J6CnVWhKfD_IBw$> >>> port 1) >>> Jun 3 17:10:55 IKJDC-PRD-PKF01 auth[12075]: (1290157) Login incorrect >>> (rest: Server returned:): [ciscopi] (from client 172.29.1.16/32 >>> <https://urldefense.com/v3/__http://172.29.1.16/32__;!!GjvTz_vk!ABP6xJ_ORORRZQcQvDk11-8j2qlOKG3QFWJKt0PrunEwkdA2J6CnVWhKfD_IBw$> >>> port 1) >>> >>> >>> On Thu, 3 Jun 2021 at 17:03, Zammit, Ludovic <luza...@akamai.com >>> <mailto:luza...@akamai.com>> wrote: >>> It says that the CLI Radius login is not permitted, did you check the box >>> on the switch config in PF ? >>> >>> <PastedGraphic-4.tiff> >>> >>> Thanks, >>> >>> Ludovic Zammit >>> Product Support Engineer Principal >>> >>> Cell: +1.613.670.8432 >>> Akamai Technologies - Inverse >>> 145 Broadway >>> Cambridge, MA 02142 >>> Connect with Us: <https://community.akamai.com/> >>> <http://blogs.akamai.com/> >>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!ABP6xJ_ORORRZQcQvDk11-8j2qlOKG3QFWJKt0PrunEwkdA2J6CnVWhRP_okcg$> >>> >>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!ABP6xJ_ORORRZQcQvDk11-8j2qlOKG3QFWJKt0PrunEwkdA2J6CnVWgD_Sro-w$> >>> >>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!ABP6xJ_ORORRZQcQvDk11-8j2qlOKG3QFWJKt0PrunEwkdA2J6CnVWgkxfneBA$> >>> >>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!ABP6xJ_ORORRZQcQvDk11-8j2qlOKG3QFWJKt0PrunEwkdA2J6CnVWgMOOHD4w$> >>> >>>> On Jun 3, 2021, at 11:27 AM, Ezeh Victor <vickeyzed...@gmail.com >>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>> >>>> Hi Ludovic, >>>> >>>> Kindly find errors below; >>>> >>>> Packetfence.log: packetfence_httpd.aaa: httpd.aaa(10470) WARN: >>>> [mac:a8:51:5b:c8:3f:67] CLI Access is not permit on this switch >>>> 172.29.1.16 (pf::radius::switch_access) >>>> <image.png> >>>> >>>> Radius.log: >>>> Jun 3 16:11:56 IKJDC-PRD-PKF01 auth[12075]: (1286075) rest: ERROR: Server >>>> returned: >>>> Jun 3 16:11:56 IKJDC-PRD-PKF01 auth[12075]: (1286075) rest: ERROR: >>>> {"control:PacketFence-Authorization-Status":"allow","Reply-Message":"CLI >>>> or VPN Access is not allo >>>> wed by PacketFence on this switch"} >>>> Jun 3 16:11:56 IKJDC-PRD-PKF01 auth[12075]: [mac:] Rejected user: ciscopi >>>> Jun 3 16:11:56 IKJDC-PRD-PKF01 auth[12075]: (1286075) Rejected in >>>> post-auth: [ciscopi] (from client 172.29.1.16/32 >>>> <https://urldefense.com/v3/__http://172.29.1.16/32__;!!GjvTz_vk!GSKYmLR2pndwTcTNvoM4939F7-2D21WD6V-lOVsf2R1oqIU8cT7Qr3fWyaHsMg$> >>>> port 1) >>>> <image.png> >>>> >>>> >>>> From the radius logs, it seems the switch is not accepting access via CLI >>>> and it needs to be enabled from Packetfence. >>>> >>>> I have reviewed the configuration on the switch section in PacketFence and >>>> also added the credentials for login to the CLI tab and yet I receive the >>>> same error message. >>>> >>>> On Wed, 2 Jun 2021 at 19:07, Zammit, Ludovic <luza...@akamai.com >>>> <mailto:luza...@akamai.com>> wrote: >>>> Hello Victor, >>>> >>>> It’s probably an authentication issue, check in the radius.log and >>>> packetfence.log for errors. >>>> >>>> The password need to be sent in clear from the switch to PF. >>>> >>>> Thanks, >>>> >>>> Ludovic Zammit >>>> Product Support Engineer Principal >>>> >>>> Cell: +1.613.670.8432 >>>> Akamai Technologies - Inverse >>>> 145 Broadway >>>> Cambridge, MA 02142 >>>> Connect with Us: <https://community.akamai.com/> >>>> <http://blogs.akamai.com/> >>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!GSKYmLR2pndwTcTNvoM4939F7-2D21WD6V-lOVsf2R1oqIU8cT7Qr3cZeoA23A$> >>>> >>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!GSKYmLR2pndwTcTNvoM4939F7-2D21WD6V-lOVsf2R1oqIU8cT7Qr3dO9Maypw$> >>>> >>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!GSKYmLR2pndwTcTNvoM4939F7-2D21WD6V-lOVsf2R1oqIU8cT7Qr3dguSc2cg$> >>>> >>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!GSKYmLR2pndwTcTNvoM4939F7-2D21WD6V-lOVsf2R1oqIU8cT7Qr3dItV6Kog$> >>>> >>>>> On Jun 2, 2021, at 11:50 AM, Ezeh Victor <vickeyzed...@gmail.com >>>>> <mailto:vickeyzed...@gmail.com>> wrote: >>>>> >>>>> Hi, >>>>> >>>>> Thank you for your email. >>>>> >>>>> I tried out that command and retried access but this is the error I >>>>> received; >>>>> >>>>> <image.png> >>>>> >>>>> The ciscopi account is a locally created account on PacketFence with an >>>>> action set to Admin Role CLI Switches that was created within Admin >>>>> Access - (CLI Read and CLI Write). >>>>> >>>>> Does the software image running on the switch also affect this funtion? >>>>> >>>>> On Wed, 2 Jun 2021 at 11:46, Quiniou-Briand, Nicolas <nquin...@akamai.com >>>>> <mailto:nquin...@akamai.com>> wrote: >>>>> Hello, >>>>> >>>>> >>>>> >>>>> Could you try to add following commands in switch configuration: >>>>> >>>>> >>>>> >>>>> #v+ >>>>> >>>>> conf t >>>>> >>>>> aaa authorization exec default group packetfence local >>>>> >>>>> #v- >>>>> >>>>> >>>>> >>>>> I recently worked with Cisco IOS XE Software, Version 16.09.05 and this >>>>> step was mandatory. >>>>> >>>>> Without this line, it was possible to connect to switch but user get >>>>> privilege 1. If you try to use “enable”, it doesn’t work. >>>>> >>>>> >>>>> >>>>> Nicolas Quiniou-Briand >>>>> Product Support Engineer >>>>> >>>>> <image001.png> >>>>> >>>>> Office: +33156696210 >>>>> >>>>> Akamai Technologies >>>>> 145 Broadway >>>>> Cambridge, MA 02142 >>>>> >>>>> Connect with Us: >>>>> >>>>> <image002.jpg> <https://community.akamai.com/> <image003.png> >>>>> <http://blogs.akamai.com/> <image004.png> >>>>> <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!Gma_IAPl6qJeAvlr8GwY3vxTjN3I4UloaBaougPxCIcekFdN-OhAMsonEWpNFQ$> >>>>> <image005.png> >>>>> <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!Gma_IAPl6qJeAvlr8GwY3vxTjN3I4UloaBaougPxCIcekFdN-OhAMsoPTpAoDA$> >>>>> <image006.png> >>>>> <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!Gma_IAPl6qJeAvlr8GwY3vxTjN3I4UloaBaougPxCIcekFdN-OhAMsqZZ_gRXg$> >>>>> <image007.png> >>>>> <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!Gma_IAPl6qJeAvlr8GwY3vxTjN3I4UloaBaougPxCIcekFdN-OhAMsrplQlfuA$> >>>>> >>>>> >>>>> >>>> >>> >> >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
