SCTL-2D2SS0-P02-HVR-OS15-026 does not match any rule, you have an access accept because the identify is verified but that one does not match any rule into your AD.
You can verify if by: grep MAC_ADDRESS /usr/local/pf/logs/packetfence.log You will see what’s happening. Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Jan 31, 2022, at 2:20 PM, Leon Pinto <leon.pi...@ilanzme.com> wrote: > > Hello, > > Thanks a lot for your response… > > All our screenshots are in attached docs… logs etc… > > Also, as below… > > SCTL-2D2SS0-P02-HVR-OS15-026 à The case for which no vlan/role is assigned. > > SCTL-2D2SS0-G00-COCU02-INT-005 à The case for which correct vlan/role is > assigned. > > <image002.png> > > > SCTL-2D2SS0-P02-HVR-OS15-026 à The case for which no vlan/role is assigned > (Radius Response) > > <image004.png> > > <image011.png> > > SCTL-2D2SS0-G00-COCU02-INT-005 à The case for which correct vlan/role is > assigned (Radius Response) > > <image012.png> > <image013.png> > > <image014.png> > > From: Zammit, Ludovic <luza...@akamai.com> > Sent: Monday, January 31, 2022 10:45 PM > To: packetfence-users@lists.sourceforge.net > Cc: Leon Pinto <leon.pi...@ilanzme.com> > Subject: Re: [PacketFence-users] Roles not assigned to certain types of users > - EAP TLS > > Hello Leon, > > What’s the radius reply in the Auditing tab in Packetfence Web page for those > two authentications ? > > Thanks, > > Ludovic Zammit > Product Support Engineer Principal > > Cell: +1.613.670.8432 > Akamai Technologies - Inverse > 145 Broadway > Cambridge, MA 02142 > Connect with Us: > <https://community.akamai.com/> <http://blogs.akamai.com/> > <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!AsoywL4m_MPdKsJvhRSDWQxPSVylqK5olHRMmg600PRp3g9Wk0W07xRB-gY-kw$> > > <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!AsoywL4m_MPdKsJvhRSDWQxPSVylqK5olHRMmg600PRp3g9Wk0W07xSwAIKi9A$> > > <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!AsoywL4m_MPdKsJvhRSDWQxPSVylqK5olHRMmg600PRp3g9Wk0W07xTYcJHyCw$> > > <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!AsoywL4m_MPdKsJvhRSDWQxPSVylqK5olHRMmg600PRp3g9Wk0W07xReNhr77w$> > > > >> On Jan 31, 2022, at 10:33 AM, Leon Pinto via PacketFence-users >> <packetfence-users@lists.sourceforge.net >> <mailto:packetfence-users@lists.sourceforge.net>> wrote: >> >> Hello community, >> >> We have a packet-fence installation where the Authentication source is an >> Active Directory setup for Telephony 802.1x authentication based on EAP-TLS… >> >> Version is 11.1 with Alcatel 6450 switch for 802.1x… >> >> Problem description >> In our scenario, the Packet-fence is used to assign a proper VLAN to >> authenticated/registered phones and this works fine for one type of devices >> with certificates from the local PKI… Another type of devices from the same >> PKI are authenticated and registered but they don’t get the correct Role as >> expected… >> >> Refer the end result as below: - >> >> <image002.png> >> >> The 01/26 gets the correct VLAN (vlan 4) as configured in the Role. >> The 01/28 does not gets the correct VLAN (vlan 4) as configured in the Role. >> >> <image004.png> >> >> I tried using other attributes like SPN, UPN etc. but we still have the same >> issue as above… >> >> All configuration screenshots, logs, radius response etc. are in the >> attached file… Any help is welcome… >> >> <image005.png> >> >> <Packet Fence - Problem >> scenario.docx>_______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> <mailto:PacketFence-users@lists.sourceforge.net> >> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!D8zDtlI5jQ3y2JHK5aobEcrKViu5KSTg4CuTDP16zH3q1ySAjWpn4RwSGwto7NP6$ >> >> <https://urldefense.com/v3/__https:/lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!D8zDtlI5jQ3y2JHK5aobEcrKViu5KSTg4CuTDP16zH3q1ySAjWpn4RwSGwto7NP6$> > > <Packet Fence - Problem scenario.docx>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
