Hello, We have configured PacketFence DPSK on our Fortinet equipment. I created a provisioner for DPSK and assigned it to a new connection profile. Unfortunately, we are unable to authenticate using the PSK that we configured in the user account. We receive the following error:
2026-03-27T16:14:13.737687+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) WARN: [mac:ea:5c:63:0a:b4:92] Trying to match IP address with an invalid MAC address 'undef' (pf::ip4log::mac2ip) 2026-03-27T16:14:13.737951+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] Instantiate profile PROFILE_IoT_DPSK (pf::Connection::ProfileFactory::_from_profile) 2026-03-27T16:14:13.738791+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] Found authentication source(s) : 'local,file1,EAP-TLS-PROFILE' for realm 'null' (pf::config::util::filter_authentication_sources) 2026-03-27T16:14:13.738954+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] MFA Pre Authentication (pf::radius::mfa_pre_auth) 2026-03-27T16:14:13.739479+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] Instantiate profile PROFILE_IoT_DPSK (pf::Connection::ProfileFactory::_from_profile) 2026-03-27T16:14:13.740137+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] Found authentication source(s) : 'local,file1,EAP-TLS-PROFILE' for realm 'null' (pf::config::util::filter_authentication_sources) 2026-03-27T16:14:13.740517+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] Using sources local, file1, EAP-TLS-PROFILE for matching (pf::authentication::match2) 2026-03-27T16:14:13.762864+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] Password validation failed for 60-45-2E-75-BD-D1: passwords don't match (pf::password::validate_password) 2026-03-27T16:14:13.763145+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) ERROR: [mac:ea:5c:63:0a:b4:92] unable to read password file '/usr/local/pf/conf/admin.conf' (pf::Authentication::Source::HtpasswdSource::authenticate) 2026-03-27T16:14:13.763480+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] User 60-45-2E-75-BD-D1 tried to login in 10.237.51.254 but authentication failed (pf::radius::authenticate) 2026-03-27T16:14:15.255941+01:00 SERVER httpd.aaa-docker-wrapper[3375]: httpd.aaa(7) INFO: [mac:ea:5c:63:0a:b4:92] handling radius autz request: from switch_ip => (10.237.51.254), connection_type => Ethernet-NoEAP,switch_mac => (Unknown), mac => [0], port => (Unknown), username => "60-45-2E-75-BD-D1" (pf::radius::switch_access) Additionally, should the DPSK be generated automatically? The documentation is not very clear on this point. Does anyone have experience with this setup? Bedrijfsvertrouwelijk (BVT1)
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
