ok easy. edit the rest.conf file in conf/radiusd and at this line add ( https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/rest.conf.example#L194 ): timeout = 60.000000
Then restart radius-auth Le jeu. 14 avr. 2022 à 21:49, Benjamin Shirley - Simplicity < b.shir...@simplicity.ag> a écrit : > Hi Fabrice, > > > > thanks for getting back to me. I have tried the settings but that does not > solve the problem. Raddebug shows following information: > > > > (8) Fri Apr 15 03:45:53 2022: Debug: Finished request > > (7) Fri Apr 15 03:45:56 2022: ERROR: rest: Request failed: 28 - Timeout > was reached > > (7) Fri Apr 15 03:45:56 2022: ERROR: rest: Server returned no data > > (7) Fri Apr 15 03:45:56 2022: Debug: [rest] = fail > > (7) Fri Apr 15 03:45:56 2022: Debug: } # if (! EAP-Type || (EAP-Type > != TTLS && EAP-Type != PEAP) ) = fail > > (7) Fri Apr 15 03:45:56 2022: Debug: } # post-auth = fail > > (7) Fri Apr 15 03:45:56 2022: Debug: Using Post-Auth-Type Reject > > (7) Fri Apr 15 03:45:56 2022: Debug: # Executing group from file > /usr/local/pf/raddb/sites-enabled/packetfence > > > > > > Hope this information is any good! > > > > Kind regards > > Benjamin > > > > > > > > > > Benjamin Shirley . simplicity networks GmbH > > > > Heinrich-Hertz-Straße 2 . 59302 Oelde . Phone: +49 2522 8330 3124 . > Mobile: +49 170 9496681 > > E-Mail: b.shir...@simplicity.ag . Web: www.simplicity.ag > > USt-IdNr DE 210993280 . HRB 14936 Münster . Managing Director: Stefan > Leewe > > We operate for *OPUS* and *someday* > > > Think before you print! > > > > > > > > *Von: *Fabrice Durand <oeufd...@gmail.com> > *Datum: *Freitag, 15. April 2022 um 03:18 > *An: *packetfence-users <packetfence-users@lists.sourceforge.net> > *Cc: *Benjamin Shirley <b.shir...@simplicity.ag> > *Betreff: *Re: [PacketFence-users] Radius Authentication Source Timeout > for 2FA > > > > Hello Benjamin, > > > > first you need to raise the timeout value of the radius-auth service. > > You should be able to do it there: > > > > > https://github.com/inverse-inc/packetfence/blob/devel/conf/radiusd/auth.conf.example#L23 > > > > and add that: > > > > ``` > > limit { > max_connections = 16 > lifetime = 0 > idle_timeout = 60 > } > > ``` > > > > you probably have to add an option to the duo radius source too, like: > > > > response_timeouts = 30 > > > > if it still not work then run raddebug to see where in freeradius it > timeout. > > > > raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000 > > > > Regards > > Fabrice > > > > Le jeu. 14 avr. 2022 à 14:22, Benjamin Shirley - Simplicity via > PacketFence-users <packetfence-users@lists.sourceforge.net> a écrit : > > Hi @all, > > trying to bypass an issue i'm having using 2 different radius server > (packetfence / duo authproxy) one for admin login purpose (DUO 2FA) and the > other beeing packetfence for MAB in our network environment - which is a > known bug in Dell OS6 Network Operating System - I had the idea to simply > add the Duo Authproxy as an Radius Authentication Source in Packetfence > meaning I only have to configure 1 radius authentication server on our > switches. > > > It works! I am able to proxy the authentication to the DUO Authproxy from > within PF but there is a tiny problem I am not able to overcome and kindly > ask for help. > > > > The problem is that RADIUS Authentication for the Shell-Access in PF times > out so quickly I am hardly able to tap the push notification, open the DUO > App and Confirm the Login Proccess, regardless to say that authentication > via Phone Call will be impossible. > > > > Is there a way to configure a higher value of lets say 15 seconds > somewhere maybe only for this one Authentication Source which is only used > for the purpose of 2FA to our switches?? > > Kind Regards > > Benjamin > > > > > > *Benjamin Shirley *. simplicity networks GmbH > > > > Heinrich-Hertz-Straße 2 . 59302 Oelde . Phone: +49 2522 8330 3124 . > Mobile: +49 170 9496681 > > E-Mail: b.shir...@simplicity.ag . Web: www.simplicity.ag > > USt-IdNr DE 210993280 . HRB 14936 Münster . Managing Director: Stefan > Leewe > > We operate for *OPUS* and * someday* > > > > Think before you print! > > > > > > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
