Hi Jeremy, I managed to get Aruba IAP working with packetfence CP.
I'm preparing a small tutorial (in Portuguese, but with many images showing the configs). I had to create roles in PF and roles in IAP, and mapping these roles. I've used role-based authentication and CoA. But the URL I use is not the same as yours. I've put /captive-portal in the field. Best regards, Fernando Pimenta On Wed, Aug 11, 2021 at 5:12 AM Jeremy Yoke via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > Hello All, > > > > I have searched through the archives and see I have a similar problem, but > none of the answers seem to help or they end in seemingly no conclusion. > > I have a new install of Packetfence 10.2 on Debian 9.13 (Stretch). > > I am struggling with getting the captive portal working in a solid manner > with my IAPs (Aruba IAP-225) v6.5.4 (has a Virtual Controller) > > > > The captive portal works when I use URL http://my.ip.add/Aruba , but it > shows Not Implemented when I use http://my.ip.add/Aruba::Instant_Access > > With the /Aruba URL I am able to register and login, it unfortunately does > not assign my role. In the auditing it says it gets no response - > Reply-Message = Error - Timeout > > If I disconnect and reconnect I am fully connected and the internet works > as it should. I believe however that having to disconnect and re-connect > is not an efficient method. > > I have tried with COA, without COA, With a controller IP and without. > Deauthentication method as Blank and as RADIUS as well as several of these > combinations. I maybe missing the right ones. > > > > Anyone have a full write up on the configuration or fields that need to be > filled on PF? Unfortunately the guide does not cover captive portal with > Instant Access. > > Also a config for the IAP? > > > > Switches.conf > > > > [10.1.145.100] > > group=Aruba_IAP > > description=Aruba VC > > > > [10.1.145.105] > > group=Aruba_IAP > > description=Operations > > > > [group Aruba_IAP] > > type=Aruba::Instant_Access > > radiusSecret=mysecret > > description=Aruba Wireless AP > > VoIPDHCPDetect=N > > defaultRole=Test > > registrationRole=registration > > RoleMap=Y > > registrationUrl=http://10.1.145.113/Aruba::Instant_Access > > guestRole=guest > > ExternalPortalEnforcement=Y > > guestAccessList=guest > > AccessListMap=Y > > registrationAccessList=registration > > defaultAccessList=Test > > VlanMap=N > > UrlMap=Y > > useCoA=N > > > > On IAP this is what I have: > > > > wlan access-rule registration > > Some settings/rules > > wlan access-rule guest > > Some Settings/rules > > > > wlan auth-server packetfencer > > ip 10.1.145.113 > > port 1812 > > acctport 1813 > > retry-count 5 > > key ***************** > > rfc3576 > > cppm-rfc3576-port 5999 > > > > wlan ssid-profile Test > > enable > > index 3 > > type guest > > essid Some-Guest > > opmode opensystem > > max-authentication-failures 0 > > vlan 159 > > auth-server packetfencer > > set-role-pre-auth registration > > rf-band all > > captive-portal external profile packetfencep > > mac-authentication > > dtim-period 1 > > broadcast-filter arp > > radius-accounting > > dmo-channel-utilization-threshold 90 > > local-probe-req-thresh 0 > > max-clients-threshold 64 > > > > wlan external-captive-portal packetfencep > > server 10.1.145.113 > > port 80 > > url "/Aruba" > > auth-text "" > > redirect-url https://www.myinternetpage.com/ > > auto-whitelist-disable > > server-offload > > > > > > *Jeremy Yoke* > > *Info Tech Manager* > > *TREALITY**®** Simulation Visual Systems* > > 600 Bellbrook Ave. > > Xenia, Ohio 45385 > > Direct Tel: +1 (937) 736 2215 > > Cell: +1 (937) 901 5684 > > jeremy.y...@trealitysvs.com <alessandra.na...@trealitysvs.com> > > www.TREALITYSVS.com <http://www.trealitysvs.com/> > > Follow us on <https://www.linkedin.com/company/esterline-svs> > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
