Re: [PacketFence-users] PALO ALTO SSO and multiple VSYS

2016-12-16 Thread Tim DeNike 
I'll get it to you. I have some other modifications to it that I'll have to
eliminate first.

Sent from my iPhone

On Dec 16, 2016, at 8:25 AM, Tomasz Karczewski 
wrote:

Tnx for your reply.



I’ve made what you wrote but when I wanted to add firewall in webgui I’ve
got logs like this:



Dec 16 09:48:40 httpd.admin(23967) INFO:
Config::Firewall_SSO::PaloAltoVsys3
(pfappserver::Base::Controller::Crud::view)

Dec 16 09:48:40 httpd.admin(23967) ERROR: Caught exception in
pfappserver::Controller::Config::Firewall_SSO->view "Can't call method
"process" on an undefined value at
/usr/local/pf/html/pfappserver/lib/pfappserver/Base/Controller/Crud.pm line
206." (pfappserver::PacketFence::Controller::Root::end)



And in webgui I see:



*Error!* An error occured while contacting the server. Please try again
later.



Could you tell me what exactly do I have to change at .pm file (package
name and description)?



*From:* Tim DeNike [mailto:tim.den...@mcc.edu ]
*Sent:* Thursday, December 15, 2016 4:32 PM
*To:* packetfence-users@lists.sourceforge.net
*Subject:* Re: [PacketFence-users] PALO ALTO SSO and multiple VSYS



copy /usr/local/pf/lib/pf/firewallsso/PaloAlto.pm to PaloAlto_Vsys1.pm



edit the file and add =vsys1 into the $webpage definition after
$action=set



Also change the package name and description.



restart PF and the new option should be available.



On Thu, Dec 15, 2016 at 6:51 AM, Tomasz Karczewski <
tkarczew...@man.olsztyn.pl> wrote:

Hi,



My PA SSO Works fine. I’ve got one question is there any way  to set user
on another vsys than vsys1?

I’ve got multi vsys environment and i tried to put user in another vsys but
maybe I’m doing something wrong?

User is putting always in vsys1.



Tnx for reply.



Tomasz Karczewski


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Freeradius Telnet 1812 and 1813 fails

2016-12-16 Thread Grant Hathaway 
Hello,

Thanks for the response, I assume I need to download and install TCPDUMP on 
packetfence as its not in  /usr/sbin ?

The command fails with tcpdump : command not found

Thanks

Grant


Grant Hathaway
Network and Infrastructure Analyst

Certas Energy UK Limited
The Switch
1-7 The Grove - Slough - SL1 1QP
Phone : 01753756965 - Mobile : 07920075818
grant.hatha...@certasenergy.co.uk

[cid:certas_76080deb-6dcc-42fd-a96d-7a823f6a7a45.gif][cid:safetyf1rst_50886216-b7ea-4c50-abc3-78998a1b9b88.gif]
  [cid:finalist-logo_c2180ca4-c389-40e0-a9d4-ca51ef41c8ff.gif]
From: Antoine Amacher [mailto:aamac...@inverse.ca]
Sent: Friday, December 16, 2016 3:07 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Freeradius Telnet 1812 and 1813 fails


Hello Grant,

If your switch has the proper RADIUS secret and he is able to talk to the 
management interface, then you should be all set.

You could try the following,

1. Ensure that communication is working (ping between mgmt interface and switch 
IP)

2. ensure that RADIUS receive requests from the switch, (tcpdump -i 
mgmt.interface port 1812)

2. verify /usr/local/pf/logs/radius.log for error,

3. launch a raddebug and try to log for error. (raddebug -f 
/usr/local/pf/var/run/radiusd.socks -t 3600)

Let us know if that's help

Thanks
On 12/16/2016 09:29 AM, Grant Hathaway wrote:
Hello,

The Packetfence server is up and running with AD bind and we can see devices 
checking in via DHCP but not via the test switch, the test switch is a Cisco 
3750 and I can see it in packetfence in Configuration/switches. We have 3 VLANS 
configured on the switch and packetfence however we are not sure whether the 
switch and server are communicating with each other and are unsure where the 
logs are in packetfence in order to troubleshoot the connection issue?

The plan is to test packetfence by plugging a device into a network port on the 
switch, and see how the roles work in each VLAN.

We can telnet and SSH to the server succesfully on normal ports (22 and 23) 
from the switch but when we telnet to ports 1812/1813 it rejects the connection
No response from (10.25.3.122:1812,1813) for id 1645/16

Ports 1812 and 1813 udp are definitely listening on the packetfence server but 
telnet fails. Is there something we need to configure in freeradius to accept 
incoming connections?

Thanks
G



Grant Hathaway
Network and Infrastructure Analyst

Certas Energy UK Limited
The Switch
1-7 The Grove - Slough - SL1 1QP
Phone : 01753756965 - Mobile : 07920075818
grant.hatha...@certasenergy.co.uk

[cid:image001.gif@01D257B1.C94DE940][cid:image002.gif@01D257B1.C94DE940]  
[cid:image003.gif@01D257B1.C94DE940]

  



--

Check out the vibrant tech community on one of the world's most

engaging tech sites, SlashDot.org! http://sdm.link/slashdot




___

PacketFence-users mailing list

PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users



--

Antoine Amacher

aamac...@inverse.ca  ::  
www.inverse.ca

+1.514.447.4918 x130  :: +1 (866) 353-6153 x130

Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and 
PacketFence (www.packetfence.org)

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Freeradius Telnet 1812 and 1813 fails

2016-12-16 Thread Antoine Amacher 

Hello Grant,

If your switch has the proper RADIUS secret and he is able to talk to 
the management interface, then you should be all set.


You could try the following,

1. Ensure that communication is working (ping between mgmt interface and 
switch IP)


2. ensure that RADIUS receive requests from the switch, (tcpdump -i 
mgmt.interface port 1812)


2. verify /usr/local/pf/logs/radius.log for error,

3. launch a raddebug and try to log for error. (raddebug -f 
/usr/local/pf/var/run/radiusd.socks -t 3600)


Let us know if that's help

Thanks

On 12/16/2016 09:29 AM, Grant Hathaway wrote:


Hello,

The Packetfence server is up and running with AD bind and we can see 
devices checking in via DHCP but not via the test switch, the test 
switch is a Cisco 3750 and I can see it in packetfence in 
Configuration/switches. We have 3 VLANS configured on the switch and 
packetfence however we are not sure whether the switch and server are 
communicating with each other and are unsure where the logs are in 
packetfence in order to troubleshoot the connection issue?


The plan is to test packetfence by plugging a device into a network 
port on the switch, and see how the roles work in each VLAN.


We can telnet and SSH to the server succesfully on normal ports (22 
and 23) from the switch but when we telnet to ports 1812/1813 it 
rejects the connection


*No response from (10.25.3.122:1812,1813) for id 1645/16*

**

Ports 1812 and 1813 udp are definitely listening on the packetfence 
server but telnet fails*. *Is there something we need to configure in 
freeradius to accept incoming connections?


Thanks

G

**

Grant Hathaway
Network and Infrastructure Analyst

Certas Energy UK Limited
The Switch
1-7 The Grove - Slough - SL1 1QP
Phone : 01753756965 - Mobile : 07920075818
grant.hatha...@certasenergy.co.uk 




  ­­


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Antoine Amacher
aamac...@inverse.ca  ::  www.inverse.ca
+1.514.447.4918 x130  :: +1 (866) 353-6153 x130
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Freeradius Telnet 1812 and 1813 fails

2016-12-16 Thread Grant Hathaway 
Hello,

The Packetfence server is up and running with AD bind and we can see devices 
checking in via DHCP but not via the test switch, the test switch is a Cisco 
3750 and I can see it in packetfence in Configuration/switches. We have 3 VLANS 
configured on the switch and packetfence however we are not sure whether the 
switch and server are communicating with each other and are unsure where the 
logs are in packetfence in order to troubleshoot the connection issue?

The plan is to test packetfence by plugging a device into a network port on the 
switch, and see how the roles work in each VLAN.

We can telnet and SSH to the server succesfully on normal ports (22 and 23) 
from the switch but when we telnet to ports 1812/1813 it rejects the connection
No response from (10.25.3.122:1812,1813) for id 1645/16

Ports 1812 and 1813 udp are definitely listening on the packetfence server but 
telnet fails. Is there something we need to configure in freeradius to accept 
incoming connections?

Thanks
G



Grant Hathaway
Network and Infrastructure Analyst

Certas Energy UK Limited
The Switch
1-7 The Grove - Slough - SL1 1QP
Phone : 01753756965 - Mobile : 07920075818
grant.hatha...@certasenergy.co.uk

[cid:certas_76080deb-6dcc-42fd-a96d-7a823f6a7a45.gif][cid:safetyf1rst_50886216-b7ea-4c50-abc3-78998a1b9b88.gif]
  [cid:finalist-logo_c2180ca4-c389-40e0-a9d4-ca51ef41c8ff.gif]

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Error in saving new billing source

2016-12-16 Thread Julien Semaan 

Hi Rolando,

What is a Pms source ?

That looks like you started creating your own billing module.

If so, then I can't know what you are doing wrong.

Just as a warning, if you start coding your own stuff in PacketFence, I 
suggest you have strong programming skills and a good understanding of Perl.


Regards,

--
Julien Semaan
jsem...@inverse.ca   ::  +1 (866) 353-6153 *155  ::www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)



On 12/15/2016 10:53 PM, Rolando Palencia wrote:

Hi,

I got this from log httpd.admin.error when saving.

ERROR: Caught exception in
pfappserver::Controller::Config::Authentication::Source->update
"Attribute (local_account_logins) does not pass the type constraint
because: Validation failed for 'Str' with value undef at accessor
pf::Authentication::Source::PmsSource::local_account_logins (defined at
/usr/local/pf/lib/pf/Authentication/CreateLocalAccountRole.pm line 17)
line 4.
pf::Authentication::Source::PmsSource::local_account_logins('pf::Authentication::Source::PmsSource=HASH(0x7f49cb33c458)',
undef) called at
/usr/local/pf/html/pfappserver/lib/pfappserver/Model/Authentication/Source.pm
line 57

I hope you can help me.

Regards,

Roland

--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] PALO ALTO SSO and multiple VSYS

2016-12-16 Thread Tomasz Karczewski 
Tnx for your reply.

 

I’ve made what you wrote but when I wanted to add firewall in webgui I’ve got 
logs like this:

 

Dec 16 09:48:40 httpd.admin(23967) INFO: Config::Firewall_SSO::PaloAltoVsys3 
(pfappserver::Base::Controller::Crud::view)

Dec 16 09:48:40 httpd.admin(23967) ERROR: Caught exception in 
pfappserver::Controller::Config::Firewall_SSO->view "Can't call method 
"process" on an undefined value at 
/usr/local/pf/html/pfappserver/lib/pfappserver/Base/Controller/Crud.pm line 
206." (pfappserver::PacketFence::Controller::Root::end)

 

And in webgui I see:

 

Error! An error occured while contacting the server. Please try again later.

 

Could you tell me what exactly do I have to change at .pm file (package name 
and description)?

 

From: Tim DeNike [mailto:tim.den...@mcc.edu] 
Sent: Thursday, December 15, 2016 4:32 PM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] PALO ALTO SSO and multiple VSYS

 

copy /usr/local/pf/lib/pf/firewallsso/PaloAlto.pm to PaloAlto_Vsys1.pm

 

edit the file and add =vsys1 into the $webpage definition after 
$action=set 

 

Also change the package name and description.

 

restart PF and the new option should be available.

 

On Thu, Dec 15, 2016 at 6:51 AM, Tomasz Karczewski  
wrote:

Hi,

 

My PA SSO Works fine. I’ve got one question is there any way  to set user on 
another vsys than vsys1?

I’ve got multi vsys environment and i tried to put user in another vsys but 
maybe I’m doing something wrong?

User is putting always in vsys1.

 

Tnx for reply.

 

Tomasz Karczewski


--
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

 



smime.p7s
Description: S/MIME cryptographic signature
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Error in saving new billing source

2016-12-16 Thread Rolando Palencia 
Hi,

I got this from log httpd.admin.error when saving.

ERROR: Caught exception in 
pfappserver::Controller::Config::Authentication::Source->update 
"Attribute (local_account_logins) does not pass the type constraint 
because: Validation failed for 'Str' with value undef at accessor 
pf::Authentication::Source::PmsSource::local_account_logins (defined at 
/usr/local/pf/lib/pf/Authentication/CreateLocalAccountRole.pm line 17) 
line 4.
pf::Authentication::Source::PmsSource::local_account_logins('pf::Authentication::Source::PmsSource=HASH(0x7f49cb33c458)',
 
undef) called at 
/usr/local/pf/html/pfappserver/lib/pfappserver/Model/Authentication/Source.pm 
line 57

I hope you can help me.

Regards,

Roland

--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Fresh install of pf on debian 8

2016-12-16 Thread Rolando Palencia 
Please try to use debian 7 instead of 8.

Regards,

Roland


--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Preregistration email

2016-12-16 Thread Enrico Pala 
Hi, is there a way to send again the preregistration email that can be sent
at the creation of a user?
--
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users