[PacketFence-users] WiFi captive portal users get "Your computer was not found in the PacketFence database" error

[Ahiya Zadok via PacketFence-users]

Hello community


I'm still struggling to set up my PF captive portal with my Unifi
controller.
I have a PF server (ZEN v12.1.0) and an Unifi controller (V6.5.55).
Both servers are installed remotely from the actual site (APs and clients).
And, of course, this is an out-of-band wireless-web-auth setup.
All PF/Unifi controllers/WAPs/clients are behind NAT (I wonder if this
architecture is supported?).


All configurations are according to the online guides.
When a client tries to access the guest WLAN, its redirected to the portal
(my PF server) but gets the below error message:
"Your computer was not found in the PacketFence database. Please reboot to
solve this issue."

I did run the "/usr/local/pf/bin/pfcmd pfmon ubiquiti_ap_mac_to_ip" command,
but when running "/usr/local/pf/bin/pfcmd cache switch_distributed list" I
get no output.
when I run "/usr/local/pf/bin/pfcmd cache switch_distributed dump
Ubiquiti-68:d7:9a:16:07:2a"
i get this output “$VAR1 = undef;”

I notice that the "allowed_device_oui.txt" contain oui only of gaming
consoles, is this ok?

I've attached below some logs and configuration files.

Appreciate any help!
Thanks




pf.conf
==================

# Copyright (C) Inverse inc.
[general]
#
# general.domain
#
# Domain name of PacketFence system.
domain=my.domain
#
# general.hostname
#
# Hostname of PacketFence system. This is concatenated with the domain in
Apache rewriting rules and therefore must be resolvable by clients.
hostname=my.host
#
# general.timezone
#
# System's timezone in string format. List generated from Perl library
DateTime::TimeZone
# When left empty, it will use the timezone of the server
timezone=UTC

[database]
#
# database.db
#
# Name of the MySQL database used by PacketFence.
db=pf
#
# database.user
#
# Username of the account with access to the MySQL database used by
PacketFence. Changing this parameter after the initial configuration will
*not* change it in the database it self, only in the configuration.
user=pf
#
# database.pass
#
# Password for the mysql database used by PacketFence. Changing this
parameter after the initial configuration will *not* change it in the
database it self, only in the configuration.
pass=XXXXXXXXXXXX

[captive_portal]
#
# captive_portal.secure_redirect
#
# If secure_redirect is enabled, the captive portal uses HTTPS when
redirecting
# captured clients. This is the default behavior.
secure_redirect=disabled
#
# captive_portal.rate_limiting
#
# Temporarily deny access to a user that performs too many requests on the
captive portal on invalid URLs
rate_limiting=disabled

[advanced]
# advanced.configurator
#
# Enable the Configurator and the Configurator API
configurator=disabled
# advanced.openid_attributes
#
# List of known OpenID Attributes
openid_attributes=

[interface eth0]
ip=1x.x.x.x
type=management,portal
mask=255.255.252.0


roles.conf
===================================================
[guest]
inherit_web_auth_url=disabled
inherit_vlan=disabled
inherit_role=disabled






auth source
=====================

[null-source]
type=Null
description=null-source
set_access_durations_action=

[null-source rule catchall]
status=enabled
action1=set_access_duration=12h
match=all
action0=set_role=guest
class=authentication



switch.conf
================================================
[my unifi controller IP]
SNMPCommunityRead=XXXXXXXX
SNMPVersion=2c
wsUser=XXXXXXXXX
wsPwd=xxxxxxxxxxx
isolationVlan=1
guestVlan=1
registrationVlan=1
group=Unifi
ExternalPortalEnforcement=Y

# Copyright (C) Inverse inc.
#
#
#
# See the enclosed file COPYING for license information (GPL).
# If you did not receive this file, see
# http://www.fsf.org/licensing/licenses/gpl.html
[192.168.0.1]
description=Test Switch
type=Cisco::Catalyst_2960
mode=production
uplink=23,24
VoIPLLDPDetect=N

#SNMPVersion = 3
#SNMPEngineID = 0000000000000
#SNMPUserNameRead = readUser
#SNMPAuthProtocolRead = MD5
#SNMPAuthPasswordRead = authpwdread
#SNMPPrivProtocolRead = DES
#SNMPPrivPasswordRead = privpwdread
#SNMPUserNameWrite = writeUser
#SNMPAuthProtocolWrite = MD5
#SNMPAuthPasswordWrite = authpwdwrite
#SNMPPrivProtocolWrite = DES
#SNMPPrivPasswordWrite = privpwdwrite
#SNMPVersionTrap = 3
#SNMPUserNameTrap = readUser
#SNMPAuthProtocolTrap = MD5
#SNMPAuthPasswordTrap = authpwdread
#SNMPPrivProtocolTrap = DES
#SNMPPrivPasswordTrap = privpwdread
[192.168.1.0/24]
description=Test Range WLC
type=Cisco::WLC
mode=production
uplink_dynamic=0
VoIPLLDPDetect=N

[group Unifi]
type=Ubiquiti::Unifi
description=unifi
VoIPDHCPDetect=N
deauthMethod=HTTPS
VlanMap=N
wsTransport=https







haproxy_portal.log
======================================================
.aspx?replaceCurrent=1&url=https://x.x.x.x/ecp HTTP/1.1"
Dec 14 14:51:57 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51313 [14/Dec/2022:14:51:56.145] portal-http-1x.x.x.x proxy/proxy
0/0/1/933/934 200 1039 - - ---- 2/1/0/0/0 0/0 {x.x.x.x:80} "GET
/guest/s/6qca4zw5/?ap=68:d7:9a:16:07:2a&id=4a:7f:54:ab:28:f2&t=1671029515&url=http://captive.apple.com%2Fhotspot-detect.html&ssid=test
HTTP/1.0"
Dec 14 14:51:57 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51061 [14/Dec/2022:14:51:57.617] portal-http-1x.x.x.x proxy/proxy
0/0/0/2/2 200 1030 - - ---- 2/1/0/0/0 0/0 {x.x.x.x} "GET
/guest/s/6qca4zw5/?ap=68:d7:9a:16:07:2a&id=4a:7f:54:ab:28:f2&t=1671029517&url=http://captive.apple.com%2Fhotspot-detect.html&ssid=test
HTTP/1.1"
Dec 14 14:51:57 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51315 [14/Dec/2022:14:51:57.924] portal-http-1x.x.x.x proxy/proxy
0/0/0/3/3 200 1039 - - ---- 3/2/0/0/0 0/0 {x.x.x.x:80} "GET
/guest/s/6qca4zw5/?ap=68:d7:9a:16:07:2a&id=4a:7f:54:ab:28:f2&t=1671029517&url=http://captive.apple.com%2Fhotspot-detect.html&ssid=test
HTTP/1.0"
Dec 14 14:51:58 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51063 [14/Dec/2022:14:51:58.162] portal-http-1x.x.x.x
1x.x.x.x-backend/containers-gateway.internal:8080 0/0/0/40/40 200
4933 - - ---- 3/2/0/0/0 0/0 {my.fqdn} "GET
/captive-portal?destination_url=http://x.x.x.x/guest/s/6qca4zw5/?ap=68:d7:9a:16:07:2a&id=4a:7f:54:ab:28:f2&t=1671029517&url=http://captive.apple.com%2Fhotspot-detect.html&ssid=test
HTTP/1.1"
Dec 14 14:51:58 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51065 [14/Dec/2022:14:51:58.942] portal-http-1x.x.x.x static/static
0/0/0/1/1 200 6157 - - ---- 5/4/1/1/0 0/0 {my.fqdn} "GET /common/pf.js
HTTP/1.1"
Dec 14 14:51:58 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51064 [14/Dec/2022:14:51:58.942] portal-http-1x.x.x.x static/static
0/0/0/1/1 200 42006 - - ---- 5/4/0/0/0 0/0 {my.fqdn} "GET /common/styles.css
HTTP/1.1"
Dec 14 14:51:58 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51066 [14/Dec/2022:14:51:58.944] portal-http-1x.x.x.x static/static
0/0/0/0/0 200 8239 - - ---- 6/5/0/0/0 0/0 {my.fqdn} "GET
/content/captiveportal.js HTTP/1.1"
Dec 14 14:51:58 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51068 [14/Dec/2022:14:51:58.952] portal-http-1x.x.x.x static/static
0/0/0/1/1 200 1506 - - ---- 8/7/1/1/0 0/0 {my.fqdn} "GET
/common/jquery-shim.js HTTP/1.1"
Dec 14 14:51:58 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51067 [14/Dec/2022:14:51:58.952] portal-http-1x.x.x.x static/static
0/0/0/1/1 200 20248 - - ---- 8/7/0/0/0 0/0 {my.fqdn} "GET
/common/qrcode.min.js HTTP/1.1"
Dec 14 14:51:59 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51063 [14/Dec/2022:14:51:59.224] portal-http-1x.x.x.x static/static
0/0/0/0/0 200 4480 - - ---- 8/7/0/0/0 0/0 {my.fqdn} "GET
/common/packetfence-cp.png HTTP/1.1"
Dec 14 14:51:59 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51065 [14/Dec/2022:14:51:59.254] portal-http-1x.x.x.x static/static
0/0/0/0/0 200 39912 - - ---- 8/7/0/0/0 0/0 {my.fqdn} "GET
/common/img/sprite.svg HTTP/1.1"
Dec 14 14:51:59 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51064 [14/Dec/2022:14:51:59.252] portal-http-1x.x.x.x
1x.x.x.x-backend/containers-gateway.internal:8080 0/0/0/35/35 200
789 - - ---- 8/7/0/0/0 0/0 {my.fqdn} "POST /record_destination_url HTTP/1.1"
Dec 14 14:52:01 packetfence haproxy-portal-docker-wrapper[1466]:
x.x.x.x:51317 [14/Dec/2022:14:51:59.561] portal-http-1x.x.x.x proxy/proxy
0/0/0/1522/1522 200 1039 - - ---- 9/8/0/0/0 0/0 {x.x.x.x:80} "GET
/guest/s/6qca4zw5/?ap=68:d7:9a:16:07:2a&id=4a:7f:54:ab:28:f2&t=1671029519&url=http://captive.apple.com%2Fhotspot-detect.html&ssid=test
HTTP/1.0"


packetfence.log
=============================================================
Dec 14 14:54:33 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:54:33 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:54:34 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(87) WARN: [mac:unknown] Unable to match MAC address to IP
'x.x.x.x' (pf::ip4log::ip2mac)
Dec 14 14:54:34 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(87) WARN: [mac:0] Unable to match MAC address to IP 'x.x.x.x'
(pf::ip4log::ip2mac)
Dec 14 14:54:34 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:54:34 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(87) WARN: [mac:unknown] Unable to match MAC address to IP
'x.x.x.x' (pf::ip4log::ip2mac)
Dec 14 14:54:34 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(87) WARN: [mac:0] Unable to match MAC address to IP 'x.x.x.x'
(pf::ip4log::ip2mac)
Dec 14 14:54:37 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:54:42 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(89) INFO: [mac:00:11:22:33:44:55] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Dec 14 14:54:52 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(90) INFO: [mac:00:11:22:33:44:55] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Dec 14 14:55:03 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(89) INFO: [mac:00:11:22:33:44:55] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Dec 14 14:55:09 packetfence pfperl-api-docker-wrapper[1734]: pfperl-api(17)
INFO: [mac:[undef]] Using 300 resolution threshold
(pf::pfcron::task::cluster_check::run)
Dec 14 14:55:09 packetfence pfperl-api-docker-wrapper[1734]: pfperl-api(17)
INFO: [mac:[undef]] All cluster members are running the same configuration
version (pf::pfcron::task::cluster_check::run)
Dec 14 14:55:09 packetfence pfperl-api-docker-wrapper[1734]: pfperl-api(14)
INFO: [mac:[undef]] getting security_events triggers for accounting cleanup
(pf::accounting::acct_maintenance)
Dec 14 14:55:09 packetfence pfperl-api-docker-wrapper[1734]: pfperl-api(11)
INFO: [mac:[undef]] processed 0 security_events during security_event
maintenance (1671029709.13696 1671029709.14665)
(pf::security_event::security_event_maintenance)
Dec 14 14:55:09 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:55:09 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:55:10 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:55:10 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(88) WARN: [mac:unknown] Unable to match MAC address to IP
'x.x.x.x' (pf::ip4log::ip2mac)
Dec 14 14:55:10 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(88) WARN: [mac:0] Unable to match MAC address to IP 'x.x.x.x'
(pf::ip4log::ip2mac)
Dec 14 14:55:10 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(90) WARN: [mac:unknown] Unable to match MAC address to IP
'x.x.x.x' (pf::ip4log::ip2mac)
Dec 14 14:55:10 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(90) WARN: [mac:0] Unable to match MAC address to IP 'x.x.x.x'
(pf::ip4log::ip2mac)
Dec 14 14:55:13 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for x.x.x.x not found sql: no rows in result
set
Dec 14 14:55:13 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(90) INFO: [mac:00:11:22:33:44:55] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Dec 14 14:55:23 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(89) INFO: [mac:00:11:22:33:44:55] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Dec 14 14:55:33 packetfence httpd.portal-docker-wrapper[4130]:
httpd.portal(88) INFO: [mac:00:11:22:33:44:55] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Dec 14 14:55:41 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for 179.60.149.71 not found sql: no rows in
result set
Dec 14 14:55:41 packetfence httpd.dispatcher-docker-wrapper[2727]:
httpd.dispatcher: Ip2Mac mac for 179.60.149.71 not found sql: no rows in
result set


_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users