Hi Fabrice: I am running Unifi Controller 6.4.54
I reworked my setup from scratch following Enrique's directions and it worked ok, then I rebooted the server and it didn't work anymore. Now the packetfence.log shows this error when I want to authenticate clients using APs managed by Unifi Controller: Nov 1 13:39:33 srv-packetfence packetfence_httpd.portal[1512]: httpd.portal(1512) ERROR: [mac:XX:XX:XX:XX:XX:XX] Can not load perl module for switch f0:9f:c2:f0:07:42, type: Ubiquiti::Unifi . The type is unknown or the perl module has compilation errors. (pf::SwitchFactory::instantiate) Nov 1 13:39:33 srv-packetfence packetfence_httpd.portal[1512]: httpd.portal(1512) ERROR: [mac:XX:XX:XX:XX:XX:XX] Unable to instantiate switch object using switch_id 'f0:9f:c2:f0:07:42' (pf::web::externalportal::handle) Can you help me with this error? Thank you Federico El vie, 29 oct 2021 a las 9:31, Fabrice Durand (<oeufd...@gmail.com>) escribió: > Hello Frederico, > > what version of the ubiquiti controller are you running ? > Also did you define the switch in the packetfence configuration (like by > ip or mac ?) > > Last thing, can you try that http://<PF-IP-PORTAL>/guest/s/default/ > (notice the / at the end). > > Regards > Fabrice > > > Le mer. 27 oct. 2021 à 02:27, Federico Alberto Sayd via PacketFence-users < > packetfence-users@lists.sourceforge.net> a écrit : > >> Hi Enrique: >> >> I followed the docs and added Unifi Controller as a switch and configured >> the web service credentials. PF automatically retrieves the APs managed by >> Unifi Controller (I checked with the command "/usr/local/pf/bin/pfcmd >> cache switch_distributed list". >> >> I don't know if there is some difference in adding every AP as a switch. >> >> What do you mean by "valid certificate"? An HTTPS certificate for the >> captive portal? >> >> I don't know how to configure the roles tab for the Unifi Controller in >> PF. I don't know how to construct the URL that goes in "Registration" in >> "Role Mapping by WebAuth URL". >> >> Did you configure the roles tab in your setup? >> >> Thanks for your help >> >> >> El mar, 26 oct 2021 a las 10:10, Enrique Gross (< >> egr...@jcc-advance.com.ar>) escribió: >> >>> Hi Federico >>> >>> We don't use webauth with Unifi, but i remember there was a post about >>> this issue >>> >>> After adding the Unifi Controller to PF, have you tried to add the unifi >>> APs as a switch (by mac address)? Also, have you got a valid certificate on >>> PF? >>> >>> On the unifi side i use "use secure portal option" and dns redirect >>> option >>> >>> I have done a quick test on this, I'm redirected to the pf portal. >>> >>> >>> Enrique >>> >>> >>> >>> El lun, 25 oct 2021 a las 2:33, Federico Alberto Sayd via >>> PacketFence-users (<packetfence-users@lists.sourceforge.net>) escribió: >>> >>>> Hello: >>>> >>>> I am trying to configure Packetfence as a captive portal for a guest >>>> wifi network managed with Unifi Controller (WebAuth Enforcement) >>>> >>>> I want to redirect my guest wifi users to the captive portal in >>>> PacketFence and authenticate them with Google Workspace LDAP. >>>> >>>> I followed the Network Device Configuration Guide and I added Unifi >>>> Controller as a switch in Packetfence config. The connection between Unifi >>>> Contoller and PF is working fine, I can retrieve the list of AP's managed >>>> by Unifi Controller with the command "/usr/local/pf/bin/pfcmd cache >>>> switch_distributed list" >>>> >>>> I added a second interface in PF and enabled the portal service on it. >>>> I configured the portal IP as an external guest portal on Unifi Controller. >>>> >>>> Also, I configured Google Workspace LDAP as auth source. I didn't >>>> specify any rules because I want the same auth source for all users. >>>> In "Standard Connections Profile" I changed the default profile to >>>> point to Google-LDAP as auth source. When I preview the portal I can >>>> confirm the Google LDAP authentication is working fine. >>>> >>>> But when I try to test the setup, the client's URL is rewritten to >>>> http://<PF-IP-PORTAL>/guest/s/default and PF shows a 501 error as >>>> follow: >>>> >>>> Not Implemented >>>> GET Nos supported for current URL >>>> >>>> I don't know if I have to configure the roles tab in the switch config >>>> and specify a webauth URL. What do I have to put in registration in "Role >>>> mapping by Web Auth URL?? >>>> Do I need to configure additional roles (by Vlan?? by switch role, >>>> etc.) ?? >>>> >>>> To be frank, I don't understand the roles config and I can't infer from >>>> the examples given in the installation guide. >>>> >>>> Can you help me o provide me with some hint? >>>> >>>> Thanks in advance. >>>> >>>> Federico. >>>> >>>> >>>> Additional info: >>>> PacketFence: 11.0 >>>> SO: Debian 11 >>>> Unifi Controller: 6.0.45 >>>> >>>> >>>> >>>> _______________________________________________ >>>> PacketFence-users mailing list >>>> PacketFence-users@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>> >>> >>> >>> -- >>> >>> [image: Imágenes integradas 1] >>> >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
