Hi Enrique: I followed the docs and added Unifi Controller as a switch and configured the web service credentials. PF automatically retrieves the APs managed by Unifi Controller (I checked with the command "/usr/local/pf/bin/pfcmd cache switch_distributed list".
I don't know if there is some difference in adding every AP as a switch. What do you mean by "valid certificate"? An HTTPS certificate for the captive portal? I don't know how to configure the roles tab for the Unifi Controller in PF. I don't know how to construct the URL that goes in "Registration" in "Role Mapping by WebAuth URL". Did you configure the roles tab in your setup? Thanks for your help El mar, 26 oct 2021 a las 10:10, Enrique Gross (<egr...@jcc-advance.com.ar>) escribió: > Hi Federico > > We don't use webauth with Unifi, but i remember there was a post about > this issue > > After adding the Unifi Controller to PF, have you tried to add the unifi > APs as a switch (by mac address)? Also, have you got a valid certificate on > PF? > > On the unifi side i use "use secure portal option" and dns redirect option > > I have done a quick test on this, I'm redirected to the pf portal. > > > Enrique > > > > El lun, 25 oct 2021 a las 2:33, Federico Alberto Sayd via > PacketFence-users (<packetfence-users@lists.sourceforge.net>) escribió: > >> Hello: >> >> I am trying to configure Packetfence as a captive portal for a guest wifi >> network managed with Unifi Controller (WebAuth Enforcement) >> >> I want to redirect my guest wifi users to the captive portal in >> PacketFence and authenticate them with Google Workspace LDAP. >> >> I followed the Network Device Configuration Guide and I added Unifi >> Controller as a switch in Packetfence config. The connection between Unifi >> Contoller and PF is working fine, I can retrieve the list of AP's managed >> by Unifi Controller with the command "/usr/local/pf/bin/pfcmd cache >> switch_distributed list" >> >> I added a second interface in PF and enabled the portal service on it. I >> configured the portal IP as an external guest portal on Unifi Controller. >> >> Also, I configured Google Workspace LDAP as auth source. I didn't specify >> any rules because I want the same auth source for all users. >> In "Standard Connections Profile" I changed the default profile to point >> to Google-LDAP as auth source. When I preview the portal I can confirm the >> Google LDAP authentication is working fine. >> >> But when I try to test the setup, the client's URL is rewritten to >> http://<PF-IP-PORTAL>/guest/s/default >> and PF shows a 501 error as follow: >> >> Not Implemented >> GET Nos supported for current URL >> >> I don't know if I have to configure the roles tab in the switch config >> and specify a webauth URL. What do I have to put in registration in "Role >> mapping by Web Auth URL?? >> Do I need to configure additional roles (by Vlan?? by switch role, etc.) >> ?? >> >> To be frank, I don't understand the roles config and I can't infer from >> the examples given in the installation guide. >> >> Can you help me o provide me with some hint? >> >> Thanks in advance. >> >> Federico. >> >> >> Additional info: >> PacketFence: 11.0 >> SO: Debian 11 >> Unifi Controller: 6.0.45 >> >> >> >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > > > -- > > [image: Imágenes integradas 1] >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
