Re: [PacketFence-users] gaming device situation
Could you get PF to put the registered gaming devices into their own vlan, which goes directly to the internet rather than through the NetEnforcer? I’m fairly sure that would be pretty easy to configure using the Roles within Packetfence, as long as the wireless controller had an interface within the gaming subnet, and you have AAA override selected for the main SSID (Cisco based speak, I’m not sure what the equivalent would be for other vendors). Cheers, Andi From: J Nelson [mailto:jnel...@augie.edu] Sent: 05 May 2015 17:57 To: packetfence-users@lists.sourceforge.net Subject: [PacketFence-users] gaming device situation Ok, So this is what I currently do: Student gets a game that is constantly flagged by our Allot NetEnforcer as filesharing. So, I put the consoles into their own subnet, I then set that subnet as bypass - apply no rules in the Netenforcer for that subnet so I dont have to keep dealing with it. Actually, I like the solution just fine, but it requires the user to call and manual configuration on my part. I am wondering, is there anyway on packetfence for the user to be able to register their console in packetfence via the gaming-device registration portal, Then, once registered only those gaming consoles can join an SSID like 'Campus-Gaming' which uses my gaming bypass subnet? so, i want the users to be able to self register their consoles, and then be able to join the open Campus-Gaming SSID, all the while keeping all other devices off that SSID - just registered game consoles. I hope that makes sense. Any ideas? -- Justin Nelson Network Engineer Augustana College [Cardiff Metropolitan University - 150 years of nurturing talent]http://www.cardiffmet.ac.uk/cardiffmet150 -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Pfconfig Error - Unknown key
Hello, I run ./pf-maint.pl and update PacketFence on 5.0.2 but i have these same errors... And now, i have the errors : Caught exception in captiveportal::Controller::CaptivePortal-webNodeRegister Can't call method supportsWebFormRegistration without a package or object reference at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/CaptivePortal.pm line 472. Can you help me, please? Thanks in advance Hello, I am running PacketFence 5.0.1 on CentOS 6.6, with inline enforcement and when i started my services (service packetfence start), i have few errors on logs/pfconfig.log : Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 (main::get_array_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;facebook Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;facebook (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;github Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;github (main::get_hash_element) Apr 30 14:21:34 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 Apr 30 14:21:34 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 (main::get_hash_element) Apr 30 14:21:42 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 Apr 30 14:21:42 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 (main::get_hash_element) 192.168.188.2 is my laptop used for testing captive portal. I realize successfull authentification with local account but after that, the Your network should be enabled within a minute or two. If it is not reboot your computer page appears. Thanks in advance Fabian -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Packetfence In Active/Passive mode
Hello Louis, Which the mode is better? Active/Passive or Active/Active. Would you please send me email document to implement in each case Vlan enforce or Inline? Any help is appreciated, Thank a lot. On 5 May 2015 at 22:23, Louis Munro lmu...@inverse.ca wrote: On May 5, 2015, at 11:06 , Andy A andthereitg...@hotmail.com wrote: How should I configure packetfence in active/passive mode? I am using PF 5.0.1, CentOS 6.6 in inline mode. I have read through Administration Guide and Inline-mode setup, but I couldn't find anything related to *active/passive *mode for PacketFence ( *not *the MySQL servers). Hi Andy, Active/Passive mode is not really a PacketFence mode per se. What it is is two PacketFence servers configured as if they each were standalone. You need to set-up some kind of replication for the configuration (a cron job with rsync can do) and configure either heartbeat or pacemaker to start/stop services on each server when the other one fails. It is a larger job than I feel I can document in a email, but nothing extraordinary if you have already used linux clustering tools such as heartbeat, corosync and pacemaker. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence ( www.packetfence.org) -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] VendorMac violation not working with 5.0.2
Hi, i've created this violation to autoregister some notebooks, but it does not seem to work [152] priority=1 trigger=mac_vendor::7932 actions=autoreg,role desc=expertLenovo enabled=Y template=p2p auto_enable=N whitelisted_categories= target_category=mitarbeiter This is from the packetfence.log == packetfence.log == May 06 11:47:42 httpd.aaa(2090) INFO: [00:1f:16:13:1e:3d] handling radius autz request: from switch_ip = (172.16.4.19), connection_type = WIRED_MAC_AUTH,switch_mac = (14:58:d0:a5:85:3f), mac = [00:1f:16:13:1e:3d], port = 1, username = 001f16131e3d (pf::radius::authorize) May 06 11:47:42 httpd.aaa(2090) INFO: [00:1f:16:13:1e:3d] does not yet exist in database. Adding it now (pf::radius::authorize) May 06 11:47:42 httpd.aaa(2090) INFO: Could not find any IP phones through discovery protocols for ifIndex 1 (pf::Switch::getPhonesDPAtIfIndex) May 06 11:47:42 httpd.aaa(2090) INFO: [00:1f:16:13:1e:3d] is of status unreg; belongs into registration VLAN (pf::vlan::getRegistrationVlan) May 06 11:47:42 httpd.aaa(2090) INFO: [00:1f:16:13:1e:3d] (172.16.4.19) Returning ACCEPT with VLAN 127 and role (pf::Switch::returnRadiusAccessAccept) May 06 11:48:28 httpd.aaa(2090) INFO: Update of the locationlog based on accounting data is not supported on network device type pf::Switch::HP::Procurve_2920. (pf::Switch::supportsRoamingAccounting) May 06 11:55:25 httpd.aaa(2090) INFO: [00:20:6b:8d:86:85] handling radius autz request: from switch_ip = (172.16.4.19), connection_type = WIRED_MAC_AUTH,switch_mac = (14:58:d0:a5:85:3b), mac = [00:20:6b:8d:86:85], port = 5, username = 00206b8d8685 (pf::radius::authorize) I've been using violations to register devices with 4.6.1 without any problems Any idea what im missing ? regards Dennis -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Apply to Vlan
Hello Juan, I showed and it empty. *mysql use pf;Database changedmysql show procedure status;Empty set (0.00 sec)* Now, i using PF v5.0.5 and i saw many procedures just after the radius tables at docs in db's PF directory. Would you please point me the exact command to insert them? Thank a lot. Regards, On 29 April 2015 at 20:40, Juan Camilo Valencia juan.valen...@seguratec.com.co wrote: Hi minh, Probably you are missing the storage procedures that radius needs for the accounting, login into your db and execute show procedures status; If does not appear any information you are missing that, probably because you made a backup of your info without the procedures next time use the modifiers --procedures in mysqldump command. To fix this open your sql schema for your pf version in db packetfence directory and look for the procedures just after the radius tables and start insert those ones manually. I hope that this can help you. Best regards El mar, abr 28, 2015 08:08, Minh Trung mvtrun...@gmail.com escribió: Hello Fabrice, I was successful in configured the vmware machine in tag the vlan as above we discussed (it take long time to figure out [?]) and i also see the portal on device which is plugged in the port testing. But on radius log still show the error: *Tue Apr 28 16:53:57 2015 : Auth: Login OK: [c80aa930b31f] (from client 10.126.123.10 port 50001 cli C8-0A-A9-30-B3-1F)Tue Apr 28 16:53:58 2015 : Auth: rlm_perl: Returning vlan 210 to request from c8:0a:a9:30:b3:1f port 50001Tue Apr 28 16:53:58 2015 : Error: [sql] Couldn't insert SQL accounting START record - PROCEDURE pf.acct_start does not existTue Apr 28 16:54:00 2015 : Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE pf.acct_stop does not existTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql: Cannot store resultTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql: MySQL error 'PROCEDURE pf.acct_stop does not exist'Tue Apr 28 16:54:05 2015 : Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE pf.acct_stop does not existTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql: Cannot store resultTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql: MySQL error 'PROCEDURE pf.acct_stop does not exist'* Do i miss configured any on database? I have DHCP(windows OS) existed with DHCP range 10.126.123.x how to make clients will retrieved DHCP from Windows OS after clients finished register? Should i need change all ports on switch L2 to default(Vlan1)? Any help is appreciated, Thanks regards, On 2 April 2015 at 00:46, Durand fabrice fdur...@inverse.ca wrote: Hello Minh, you have to tag the vlan 210 and 220 on the switch port where packetfence has been plugged on the vswitch. I don't have the exact way to do it but it look like there is documentation on internet to do that. Regards Fabrice Le 2015-03-31 23:11, Minh Trung a écrit : Hello Fabrice, You are right, my VMware connected 4500 via gi7/6, here is the spaning-tree command: *VLAN0210 Spanning tree enabled protocol ieee Root IDPriority 32978 Address 5475.d0c3.e100 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority32978 (priority 32768 sys-id-ext 210) Address 5475.d0c3.e100 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type --- --- - Gi2/4 Desg FWD 4 128.68 P2p Gi7/3 Desg FWD 4 128.387 P2p Gi7/6 Desg FWD 4 128.390 P2p Po1 Desg FWD 3 128.641 P2p VLAN0220 Spanning tree enabled protocol ieee Root IDPriority 32988 Address 5475.d0c3.e100 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority32988 (priority 32768 sys-id-ext 220) Address 5475.d0c3.e100 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type --- --- - Gi2/4 Desg FWD 4 128.68 P2p Gi7/3 Desg FWD 4 128.387 P2p Gi7/6 Desg FWD 4 128.390 P2p Po1 Desg FWD 3 128.641 P2p * Also, Vlan122 is native, new Vlan210,220 is created for PF. The picture will show where is the PF connection(Serverfarm_A is one of Vlan122.). Do i need reconfigure vmware? How it look like? Thanks and Best regards, On 31 March 2015 at 20:48, Durand fabrice fdur...@inverse.ca wrote: Hello Minh, based on what i can see and suppose packetfence has been plugged on Gi7/6 (vmware). So check
[PacketFence-users] Register/Unregister through web services?
Any way to manipulate devices directly through the web services API? -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Packetfence In Active/Passive mode
I don't have any experience with inline, but don't think Active/Active can work properly that way without some real thought. Vlan enforcement in active/active works for RADIUS supported switches/APs, but I don't think it will work right with SNMP supported Switches/APs. It comes down to your need.. .Our need for active/active isn't really out of load on the PF box, but to minimize downtime if there is a failure or issue on one of the systems. On Tue, May 5, 2015 at 10:50 PM, Minh Trung mvtrun...@gmail.com wrote: Hello Louis, Which the mode is better? Active/Passive or Active/Active. Would you please send me email document to implement in each case Vlan enforce or Inline? Any help is appreciated, Thank a lot. On 5 May 2015 at 22:23, Louis Munro lmu...@inverse.ca wrote: On May 5, 2015, at 11:06 , Andy A andthereitg...@hotmail.com wrote: How should I configure packetfence in active/passive mode? I am using PF 5.0.1, CentOS 6.6 in inline mode. I have read through Administration Guide and Inline-mode setup, but I couldn't find anything related to *active/passive *mode for PacketFence ( *not *the MySQL servers). Hi Andy, Active/Passive mode is not really a PacketFence mode per se. What it is is two PacketFence servers configured as if they each were standalone. You need to set-up some kind of replication for the configuration (a cron job with rsync can do) and configure either heartbeat or pacemaker to start/stop services on each server when the other one fails. It is a larger job than I feel I can document in a email, but nothing extraordinary if you have already used linux clustering tools such as heartbeat, corosync and pacemaker. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence ( www.packetfence.org) -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Packetfence In Active/Passive mode
On May 6, 2015, at 6:53 , Andy A andthereitg...@hotmail.com wrote: Hi Louis. Can I email you privately regarding some of the suggestions you've made about heartbeat and using rsync? Hi Andy, Please don’t. While I am happy to contribute my knowledge to the community on this mailing list, that would be crossing a line. Inverse would be more than happy to provide consulting services about that. I just can’t do that without billing you. In general though, building an active/passive setup consists of the following: Replicate the database, either with built-in mysql replication or DRBD. I like DRBD for it’s simplicity but it’s not mandatory, as long as you have some replication. Then setup heartbeat or pacemaker to start and stop services when either node goes down. Pacemaker can also add and remove IPs from interfaces, which would allow you to have shared IPs between the servers. Finally setup rsync to replicate the /usr/local/pf files, excluding logs and var/ directory. Both DRBD and corosync/pacemaker are well documented. See here http://drbd.linbit.com/ and here: http://clusterlabs.org/doc/ That should get you most of the way. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Pfconfig Error - Unknown key
Do the following. service packetfence stop service packetfence-config restart /usr/local/pf/bin/pfcmd configreload restart service packetfence start James Rouzier jrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-05-06 3:52 AM, Fabian Lumy wrote: Hello, I run ./pf-maint.pl http://pf-maint.pl and update PacketFence on 5.0.2 but i have these same errors... And now, i have the errors : Caught exception in captiveportal::Controller::CaptivePortal-webNodeRegister Can't call method supportsWebFormRegistration without a package or object reference at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/CaptivePortal.pm line 472. Can you help me, please? Thanks in advance Hello, I am running PacketFence 5.0.1 on CentOS 6.6, with inline enforcement and when i started my services (service packetfence start), i have few errors on logs/pfconfig.log : Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 (main::get_array_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;facebook Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;facebook (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;github Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;github (main::get_hash_element) Apr 30 14:21:34 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 Apr 30 14:21:34 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 (main::get_hash_element) Apr 30 14:21:42 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 Apr 30 14:21:42 pfconfig(8524) ERROR: Unknown key config::Switch;192.168.188.2 (main::get_hash_element) 192.168.188.2 is my laptop used for testing captive portal. I realize successfull authentification with local account but after that, the Your network should be enabled within a minute or two. If it is not reboot your computer page appears. Thanks in advance Fabian -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics,
Re: [PacketFence-users] Packetfence In Active/Passive mode
Hi Louis. Can I email you privately regarding some of the suggestions you've made about heartbeat and using rsync? Thanks From: lmu...@inverse.ca Date: Tue, 5 May 2015 11:23:00 -0400 To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Packetfence In Active/Passive mode On May 5, 2015, at 11:06 , Andy A andthereitg...@hotmail.com wrote:How should I configure packetfence in active/passive mode? I am using PF 5.0.1, CentOS 6.6 in inline mode. I have read through Administration Guide and Inline-mode setup, but I couldn't find anything related to active/passive mode for PacketFence (not the MySQL servers). Hi Andy, Active/Passive mode is not really a PacketFence mode per se. What it is is two PacketFence servers configured as if they each were standalone.You need to set-up some kind of replication for the configuration (a cron job with rsync can do) and configure either heartbeat or pacemaker to start/stop services on each server when the other one fails. It is a larger job than I feel I can document in a email, but nothing extraordinary if you have already used linux clustering tools such as heartbeat, corosync and pacemaker. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] Meraki and PF
Is anybody out there using PF with Meraki? Thanks! Max -- Max McGrath Network Administrator Carthage College 262-552-5512 mmcgr...@carthage.edu -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Meraki and PF
Hi Max, I tried it last year and there were (at the time) some serious limitations. There was no way to reauthenticate, disconnect or otherwise change the state of a connected device from PacketFence (or any other NAC for that matter) after the initial authentication/authorization. There was no API of any kind to provide that functionality. No SNMP, RADIUS, SSH, Telnet, carrier pigeon or anything to send information from PF to the Meraki asynchronously. That meant that you could only set the authorization at the time of the initial authentication and you could not affect it thereafter. So no violations, no change of VLAN after the fact, no captive portal in a registration VLAN etc. I spoke with some people both at Meraki and Cisco and they acknowledged the issue. They said it would be remediated at some point in the future without committing on a date. Perhaps things have changed since, but that was the case in spring 2014. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On May 6, 2015, at 15:30 , Max McGrath mmcgr...@carthage.edu wrote: Is anybody out there using PF with Meraki? Thanks! Max -- Max McGrath Network Administrator Carthage College 262-552-5512 mmcgr...@carthage.edu -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Meraki and PF
Thanks Louis! -- Max McGrath Network Administrator Carthage College 262-552-5512 mmcgr...@carthage.edu On Wed, May 6, 2015 at 2:39 PM, Louis Munro lmu...@inverse.ca wrote: Hi Max, I tried it last year and there were (at the time) some serious limitations. There was no way to reauthenticate, disconnect or otherwise change the state of a connected device from PacketFence (or any other NAC for that matter) after the initial authentication/authorization. There was no API of any kind to provide that functionality. No SNMP, RADIUS, SSH, Telnet, carrier pigeon or anything to send information from PF to the Meraki asynchronously. That meant that you could only set the authorization at the time of the initial authentication and you could not affect it thereafter. So no violations, no change of VLAN after the fact, no captive portal in a registration VLAN etc. I spoke with some people both at Meraki and Cisco and they acknowledged the issue. They said it would be remediated at some point in the future without committing on a date. Perhaps things have changed since, but that was the case in spring 2014. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence ( www.packetfence.org) On May 6, 2015, at 15:30 , Max McGrath mmcgr...@carthage.edu wrote: Is anybody out there using PF with Meraki? Thanks! Max -- Max McGrath Network Administrator Carthage College 262-552-5512 mmcgr...@carthage.edu -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] pf shows: Error!! An Error condition has occurred...
Hi, I am trying to set up pf 5.02 on a blank ubuntu 12.4 (wish it could be 14.4., but that's another...) like it is said in the documentation. After initial setup (and whatever I do) I get the nice red bar on the Dashbord and some other pages stating the message like stated in subject, that some error condition has occurred. Using the Perform checkup Button, I get the message (white this time): FATAL : Apache will fail to start! /usr/local/pf/lib/pf/web/captiveportal_modperl_require.pl doesn't compile Any hints how I do get rid of these? BTW: the portal_error_log throws: mod_qos(007) could not determine MaxClients You must set this ... and so on. But it seems this might be a mistake, because in the module is enabled... maybe the pf config is missing something? Regards, Holger -- Holger Patzelt E-Mail: holger.patz...@t-systems.com -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] Can't re-evaluate access because no open locationlog entry was found
PacketFence v5.0.1 using inline mode only. I see a lot of this in my log since the upgrade. Guest users register but never get inserted in ipset. The error is sporadic and usually clears after a restart but not always. May 05 08:50:08 httpd.portal(32014) INFO: [5c:97:f3:c4:75:83] shouldn't reach here. Calling access re-evaluation. Make sure your network device configuration is correct. (captiveportal::PacketFence::Controller::CaptivePortal::unknownState) May 05 08:50:08 httpd.portal(32014) INFO: [5c:97:f3:c4:75:83] re-evaluating access (redir.cgi called) (pf::enforcement::reevaluate_access) May 05 08:50:08 httpd.portal(32014) WARN: [5c:97:f3:c4:75:83] Can't re-evaluate access because no open locationlog entry was found (pf::enforcement::reevaluate_access) The error message came in between this in the system log. May 5 08:50:06 larry dhcpd: DHCPREQUEST for 172.20.10.3 from 5c:97:f3:c4:75:83 via vlan6: wrong network. May 5 08:50:06 larry dhcpd: DHCPNAK on 172.20.10.3 to 5c:97:f3:c4:75:83 via vlan6 May 5 08:50:09 larry dhcpd: DHCPREQUEST for 172.16.2.222 from 5c:97:f3:c4:75:83 (Barrys-iPad) via vlan6 May 5 08:50:09 larry dhcpd: DHCPACK on 172.16.2.222 to 5c:97:f3:c4:75:83 (Barrys-iPad) via vlan6 -- John Baker Network Administrator Marlboro College Phone: 451-7551 Cell: 490-0066 -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Packetfence In Active/Passive mode
Minh, Firstly, I think it's best to start a separate thread if you are asking for help.For your question you can read through Administration / Installation guide available on the website. Active/Active only works in Out Of Band. Thanks. From: mvtrun...@gmail.com Date: Wed, 6 May 2015 09:50:01 +0700 To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Packetfence In Active/Passive mode Hello Louis, Which the mode is better? Active/Passive or Active/Active. Would you please send me email document to implement in each case Vlan enforce or Inline? Any help is appreciated, Thank a lot. On 5 May 2015 at 22:23, Louis Munro lmu...@inverse.ca wrote: On May 5, 2015, at 11:06 , Andy A andthereitg...@hotmail.com wrote: How should I configure packetfence in active/passive mode? I am using PF 5.0.1, CentOS 6.6 in inline mode. I have read through Administration Guide and Inline-mode setup, but I couldn't find anything related to active/passive mode for PacketFence (not the MySQL servers). Hi Andy, Active/Passive mode is not really a PacketFence mode per se. What it is is two PacketFence servers configured as if they each were standalone.You need to set-up some kind of replication for the configuration (a cron job with rsync can do) and configure either heartbeat or pacemaker to start/stop services on each server when the other one fails. It is a larger job than I feel I can document in a email, but nothing extraordinary if you have already used linux clustering tools such as heartbeat, corosync and pacemaker. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Auto-register based on SSID
Worked perfectly. Thank you very much! On Wed, May 6, 2015 at 12:03 PM, Fabrice DURAND fdur...@inverse.ca wrote: Hello Chris, try that: [wireless] filter = ssid operator = is value = Internal [1:wireless] scope = AutoRegister role = Staff [2:wireless] scope = NormalVlan role = Staff action = modify_node action_param = mac = $mac, category = Staff Regards Fabrice Le 2015-05-06 10:58, Chris Abel a écrit : My vlan_filters.conf parameters don't seem to be working. I am always put into the registration vlan when joining the SSID. Could someone look into my rules and see if there are any problems? [wireless] filter = ssid operator = is value = Internal [1:wireless] scope = AutoRegistration role = Staff Thanks! On Mon, May 4, 2015 at 5:49 PM, Durand fabrice fdur...@inverse.ca mailto:fdur...@inverse.ca wrote: Hi Chris, have a look at the vlan_filters.conf. Regards Fabrice Le 2015-05-04 14:56, Chris Abel a écrit : Hello all, I have a few devices that I am configuring a new SSID with. I would like these devices to auto-register with PF since they are shared devices and used by multiple people. The SSID and WPA-PSK password would be configured during deployment or through our MDM solution. My goal is to have these devices auto register and put in a selected role without any user interaction (no captive portal). What ways can I use to achieve this? I've looked at the Advanced Features page here: http://www.packetfence.org/about/advanced_features.html. It doesn't sound like configuring an access point in registration mode will work since these Access Points will also be delivering another Guest SSID that I will want the captive portal page for. The other options I can't seem to find in packetfence. Any help is greatly appreciated. Thanks! -Chris IMPORTANT NOTICE: This message and any attachments are solely for the intended recipient and may contain confidential information, which is, or may be, legally privileged or otherwise protected by law from further disclosure. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this email and any attachments is prohibited. If you have received this communication in error, please notify the sender by reply email and immediately and permanently delete this email and any attachments. -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto: PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Chris Abel Systems and Network Administrator Wildwood Programs 2995 Curry Road Extension Schenectady, NY 12303 518-836-2341 IMPORTANT NOTICE: This message and any attachments are solely for the intended recipient and may contain confidential information, which is, or may be, legally privileged or otherwise protected by law from further disclosure. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this email and any attachments is prohibited. If you have received this communication in error, please notify the sender by reply email and immediately and permanently delete this email and any attachments. -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give
[PacketFence-users] Storing extra information in the database from a guest portal page
Hi, I'm a bit stuck. For a openday here on campus for prospective students, (using packetfence 4.7.0) marketing wants visting students to have wifi internet access on the day in return for some extra data gathered via a custom portal page. -- this might be important? I'm not using the default portal, but a custom one specific for the day. This is fine. Portal submit + dynamic vlan switch on valid auth + dhcp + dynamic deregister in the gui for bad clients works brilliantly. So brilliantly in fact, I'm going to replace our other radius + eduroam connection handling and NPS wired switch auth backend with it. Where I'm stuck: I'm trying to store extra data from the portal page into the database so that we can give it to marketing to do after-the-event marketing to students. If I add something like this to Portal Profiles and Pages/openday/Files/guest.html: (a contrived example, cough) spanSchool/span input class=field name=custom_field_1 type=custom_field_1 value= /br/ The field pops up on the portal page, I can add data, and mash the register button, and then the custom_field_1 data goes into a black hole somewhere. I can see the page submitting the data via the post request. If I cause the page to not submit by not having all the mandatory fields filled, the custom_field_1 field doesn't include the submitted data in the result page, but the firstname field does. If I extend the mandatory field list to include custom_field_1, then it will show a warning if it does not contain data, but still won't send the submitted data back on the Missing mandatory parameter(s) result page. I see the other data in the form being added to the database, (after enabling TRACE) in the logging files: == logs/packetfence.log == attempt #0 to run query person_add_sql from module person SQL statement (person_add_sql): INSERT INTO person (pid, firstname, lastname, email, telephone, company, address, notes, sponsor, anniversary, birthday, gender, lang, nickname, cell_phone, work_phone, title, building_number, apartment_number, room_number, custom_field_1, custom_field_2, custom_field_3, custom_field_4, custom_field_5, custom_field_6, custom_field_7, custom_field_8, custom_field_9, portal, source) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?) SQL params (person_add_sql): emailaddr...@gmail.com, first3, last3, emailaddr...@gmail.com, 0, org3, null, email activation. Date of arrival: 2015-05-07 12:45:41, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, openday, email person emailaddr...@gmail.com added This is using the email source as it appears to captures more data, not the null provisioner. - it also causes the guest.html section of the portal to be used, rather than the login.html pages. I don't quite understand that mapping, either. Any help would be much appreciated, Thanks in advance. Cheers, David Murrell Systems Engineer - Linux ITS Infrastructure University of Waikato, NZ Other files that may be of use: [root@pktfence-guest pf]# cat conf/provisioning.conf [accept] type=accept description=accept provisioner oses= category=guest [openday] filter=ssid:Open Day mandatory_fields=email,firstname,lastname,organization,phone,custom_field_1 provisioners=accept always_use_redirecturl=enabled redirecturl=http://www.waikato.ac.nz sources=email logo=/content/images/coat-of-arms.png dot1x_recompute_role_from_portal=0 filter_match_style=all reuse_dot1x_credentials=0 -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Pfconfig Error - Unknown key
I do that but it doesn't work for pfconfig errors. :/ May 06 16:59:54 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;sponsoremail May 06 16:59:54 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) May 06 17:00:07 pfconfig(7688) ERROR: Unknown index in resource::cluster_servers;1 May 06 17:00:07 pfconfig(7688) ERROR: Unknown index in resource::cluster_servers;1 (main::get_array_element) May 06 17:00:07 pfconfig(7688) ERROR: Unknown key config::Cluster;packetfence May 06 17:00:07 pfconfig(7688) ERROR: Unknown key config::Cluster;packetfence (main::get_hash_element) May 06 17:00:11 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;sponsoremail May 06 17:00:11 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) May 06 17:00:13 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;sponsoremail May 06 17:00:13 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) May 06 17:00:16 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;google May 06 17:00:16 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;google (main::get_hash_element) May 06 17:00:16 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;facebook May 06 17:00:16 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;facebook (main::get_hash_element) May 06 17:00:16 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;github May 06 17:00:16 pfconfig(7688) ERROR: Unknown key resource::guest_self_registration;github (main::get_hash_element) By the way, i don't have Caught exception... error anymore. 2015-05-06 16:28 GMT+02:00 James Rouzier jrouz...@inverse.ca: Do the following. service packetfence stop service packetfence-config restart /usr/local/pf/bin/pfcmd configreload restart service packetfence start James rouzierjrouz...@inverse.ca :: +1.514.755.3630 :: http://www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://www.packetfence.org) On 2015-05-06 3:52 AM, Fabian Lumy wrote: Hello, I run ./pf-maint.pl and update PacketFence on 5.0.2 but i have these same errors... And now, i have the errors : Caught exception in captiveportal::Controller::CaptivePortal-webNodeRegister Can't call method supportsWebFormRegistration without a package or object reference at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Controller/CaptivePortal.pm line 472. Can you help me, please? Thanks in advance Hello, I am running PacketFence 5.0.1 on CentOS 6.6, with inline enforcement and when i started my services (service packetfence start), i have few errors on logs/pfconfig.log : Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sms (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown index in resource::cluster_servers;1 (main::get_array_element) Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence Apr 30 14:20:06 pfconfig(8524) ERROR: Unknown key config::Cluster;packetfence (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:10 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;email (main::get_hash_element) Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail Apr 30 14:20:12 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;sponsoremail (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key resource::guest_self_registration;google (main::get_hash_element) Apr 30 14:20:15 pfconfig(8524) ERROR: Unknown key
Re: [PacketFence-users] Apply to Vlan
Hi Minh, I don´t have the excatly procedure write it, however is very simple. 1. Open up in a text editor, nedit is my preference, the schema of the database that match your version of pf. 2. At the same time connect to pf database, mysql -u pf -p pf. 3. Search in the schema for the keyword procedure, the first match is in a comment that says -- Adding RADIUS Updates Stored Procedure. 4. Copy and paste in the mysql command the entire code that start with DROP... until says DELIMITER ; ... 5. Yo need to do this as many times as procedures you find in the schema, I tried to cp and paste all at once and for some reason failed, so do it step by step with each procedure. I hope that this help you, Best Regards, On Tue, May 5, 2015 at 10:14 PM, Minh Trung mvtrun...@gmail.com wrote: Hello Juan, I showed and it empty. *mysql use pf;Database changedmysql show procedure status;Empty set (0.00 sec)* Now, i using PF v5.0.5 and i saw many procedures just after the radius tables at docs in db's PF directory. Would you please point me the exact command to insert them? Thank a lot. Regards, On 29 April 2015 at 20:40, Juan Camilo Valencia juan.valen...@seguratec.com.co wrote: Hi minh, Probably you are missing the storage procedures that radius needs for the accounting, login into your db and execute show procedures status; If does not appear any information you are missing that, probably because you made a backup of your info without the procedures next time use the modifiers --procedures in mysqldump command. To fix this open your sql schema for your pf version in db packetfence directory and look for the procedures just after the radius tables and start insert those ones manually. I hope that this can help you. Best regards El mar, abr 28, 2015 08:08, Minh Trung mvtrun...@gmail.com escribió: Hello Fabrice, I was successful in configured the vmware machine in tag the vlan as above we discussed (it take long time to figure out [?]) and i also see the portal on device which is plugged in the port testing. But on radius log still show the error: *Tue Apr 28 16:53:57 2015 : Auth: Login OK: [c80aa930b31f] (from client 10.126.123.10 port 50001 cli C8-0A-A9-30-B3-1F)Tue Apr 28 16:53:58 2015 : Auth: rlm_perl: Returning vlan 210 to request from c8:0a:a9:30:b3:1f port 50001Tue Apr 28 16:53:58 2015 : Error: [sql] Couldn't insert SQL accounting START record - PROCEDURE pf.acct_start does not existTue Apr 28 16:54:00 2015 : Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE pf.acct_stop does not existTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql: Cannot store resultTue Apr 28 16:54:00 2015 : Error: rlm_sql_mysql: MySQL error 'PROCEDURE pf.acct_stop does not exist'Tue Apr 28 16:54:05 2015 : Error: [sql] Couldn't update SQL accounting STOP record - PROCEDURE pf.acct_stop does not existTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql: Cannot store resultTue Apr 28 16:54:05 2015 : Error: rlm_sql_mysql: MySQL error 'PROCEDURE pf.acct_stop does not exist'* Do i miss configured any on database? I have DHCP(windows OS) existed with DHCP range 10.126.123.x how to make clients will retrieved DHCP from Windows OS after clients finished register? Should i need change all ports on switch L2 to default(Vlan1)? Any help is appreciated, Thanks regards, On 2 April 2015 at 00:46, Durand fabrice fdur...@inverse.ca wrote: Hello Minh, you have to tag the vlan 210 and 220 on the switch port where packetfence has been plugged on the vswitch. I don't have the exact way to do it but it look like there is documentation on internet to do that. Regards Fabrice Le 2015-03-31 23:11, Minh Trung a écrit : Hello Fabrice, You are right, my VMware connected 4500 via gi7/6, here is the spaning-tree command: *VLAN0210 Spanning tree enabled protocol ieee Root ID Priority32978 Address 5475.d0c3.e100 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority32978 (priority 32768 sys-id-ext 210) Address 5475.d0c3.e100 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300 Interface Role Sts Cost Prio.Nbr Type --- --- - Gi2/4 Desg FWD 4 128.68 P2p Gi7/3 Desg FWD 4 128.387 P2p Gi7/6 Desg FWD 4 128.390 P2p Po1 Desg FWD 3 128.641 P2p VLAN0220 Spanning tree enabled protocol ieee Root IDPriority 32988 Address 5475.d0c3.e100 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority32988 (priority 32768 sys-id-ext 220) Address 5475.d0c3.e100 Hello Time
Re: [PacketFence-users] Auto-register based on SSID
Hello Chris, try that: [wireless] filter = ssid operator = is value = Internal [1:wireless] scope = AutoRegister role = Staff [2:wireless] scope = NormalVlan role = Staff action = modify_node action_param = mac = $mac, category = Staff Regards Fabrice Le 2015-05-06 10:58, Chris Abel a écrit : My vlan_filters.conf parameters don't seem to be working. I am always put into the registration vlan when joining the SSID. Could someone look into my rules and see if there are any problems? [wireless] filter = ssid operator = is value = Internal [1:wireless] scope = AutoRegistration role = Staff Thanks! On Mon, May 4, 2015 at 5:49 PM, Durand fabrice fdur...@inverse.ca mailto:fdur...@inverse.ca wrote: Hi Chris, have a look at the vlan_filters.conf. Regards Fabrice Le 2015-05-04 14:56, Chris Abel a écrit : Hello all, I have a few devices that I am configuring a new SSID with. I would like these devices to auto-register with PF since they are shared devices and used by multiple people. The SSID and WPA-PSK password would be configured during deployment or through our MDM solution. My goal is to have these devices auto register and put in a selected role without any user interaction (no captive portal). What ways can I use to achieve this? I've looked at the Advanced Features page here: http://www.packetfence.org/about/advanced_features.html. It doesn't sound like configuring an access point in registration mode will work since these Access Points will also be delivering another Guest SSID that I will want the captive portal page for. The other options I can't seem to find in packetfence. Any help is greatly appreciated. Thanks! -Chris IMPORTANT NOTICE: This message and any attachments are solely for the intended recipient and may contain confidential information, which is, or may be, legally privileged or otherwise protected by law from further disclosure. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this email and any attachments is prohibited. If you have received this communication in error, please notify the sender by reply email and immediately and permanently delete this email and any attachments. -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net mailto:PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Chris Abel Systems and Network Administrator Wildwood Programs 2995 Curry Road Extension Schenectady, NY 12303 518-836-2341 IMPORTANT NOTICE: This message and any attachments are solely for the intended recipient and may contain confidential information, which is, or may be, legally privileged or otherwise protected by law from further disclosure. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this email and any attachments is prohibited. If you have received this communication in error, please notify the sender by reply email and immediately and permanently delete this email and any attachments. -- One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y ___ PacketFence-users mailing list