[PacketFence-users] PF cluster.conf addresses
Hello, This is for packetfence-9.0.1-1.el7.noarch. We have the following lines in "var/conf/mariadb.conf" (amongst others): bind-address=192.168.0.37 wsrep_cluster_name=pfcluster wsrep_cluster_address="gcomm://192.168.0.28,192.168.0.37" wsrep_node_name=net-pf1 wsrep_node_address="192.168.0.37" (We will be adding a third server eventually.) This is presumably generated from our "conf/cluster.conf": [net-pf1] management_ip=192.168.0.37 [net-pf1 interface eth0] ip=192.168.0.37 [net-pf2] management_ip=192.168.0.28 [net-pf2 interface eth0] ip=192.168.0.28 However, because we are using OpenStack (OS) and the way its networking is architected, our instances/VMs have internal-to-OS addresses (192.168/24) that are actually live on the ethX interfaces, as well as external-to-OS addresses (10/8) that are handled by OS 'ports' and tunnelled into OS. Is there a way that I can have the "wsrep_cluster_address" and "wsrep_node_address" entries be a 10.x address, while the "bind-address" is the 192.168.x address? I'd like the 'wsrep' items to have 10.x because some of our HA stuff will be in a different part of the network, and won't be able to use the internal-to-OS 192.x addresses. I would think that the 'interface eth0' stanza would control the "bind-address" value, but the "management_ip" would be for what other nodes talk to. What is the difference between "ip" and "management_ip"? -- DM ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] R: How to configure vlan VMware esxi - web auth Captive porta
Hi Fabrice, Varela and Eran, thanks a lot. Ok for Vlans, but Fabrice send to me that I don't need the vlan for captive portal (web auth). Now to guest user assign the ip address in lan 22 (correct lan because the lan 20 is management )but not redirect to packetfance url Below the debug of the radius form switch : *Mar 7 10:38:03.442 UTC: AAA/BIND(00E1): Bind i/f *Mar 7 10:38:03.442 UTC: AAA/AUTHEN/LOGIN (00E1): Pick method list 'default' *Mar 7 10:38:08.056 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down *Mar 7 10:38:08.727 UTC: AAA/BIND(00E2): Bind i/f *Mar 7 10:38:09.155 UTC: %AUTHMGR-5-START: Starting 'mab' for client (f092.1c8a.a954) on Interface Fa0/7 AuditSessionID 0A141535009A20F7F6CA *Mar 7 10:38:09.155 UTC: AAA/AUTHEN/8021X (00E2): Pick method list 'default' *Mar 7 10:38:09.155 UTC: RADIUS/ENCODE(00E2):Orig. component type = DOT1X *Mar 7 10:38:09.155 UTC: RADIUS(00E2): Config NAS IP: 0.0.0.0 *Mar 7 10:38:09.155 UTC: RADIUS/ENCODE(00E2): acct_session_id: 226 *Mar 7 10:38:09.155 UTC: RADIUS(00E2): sending *Mar 7 10:38:09.155 UTC: RADIUS/ENCODE: Best Local IP-Address 10.20.21.53 for Radius-Server 10.20.21.47 *Mar 7 10:38:09.155 UTC: RADIUS(00E2): Send Access-Request to 10.20.21.47:1812 id 1645/175, len 206 *Mar 7 10:38:09.155 UTC: RADIUS: authenticator 41 8E CB C0 68 C9 E3 1B - DE 81 C4 EB 82 83 D9 33 *Mar 7 10:38:09.155 UTC: RADIUS: User-Name [1] 14 "f0921c8aa954" *Mar 7 10:38:09.155 UTC: RADIUS: User-Password [2] 18 * *Mar 7 10:38:09.155 UTC: RADIUS: Service-Type[6] 6 Call Check [10] *Mar 7 10:38:09.155 UTC: RADIUS: Framed-MTU [12] 6 1500 *Mar 7 10:38:09.155 UTC: RADIUS: Called-Station-Id [30] 19 "24-01-C7-30-C0-07" *Mar 7 10:38:09.155 UTC: RADIUS: Calling-Station-Id [31] 19 "F0-92-1C-8A-A9-54" *Mar 7 10:38:09.155 UTC: RADIUS: Message-Authenticato[80] 18 *Mar 7 10:38:09.163 UTC: RADIUS: 5B 1B A3 AB 8B 1F 81 32 F9 B1 21 C0 BA 45 E5 26 [ [2!E&] *Mar 7 10:38:09.163 UTC: RADIUS: EAP-Key-Name[102] 2 * *Mar 7 10:38:09.163 UTC: RADIUS: Vendor, Cisco [26] 49 *Mar 7 10:38:09.163 UTC: RADIUS: Cisco AVpair [1] 43 "audit-session-id=0A141535009A20F7F6CA" *Mar 7 10:38:09.163 UTC: RADIUS: NAS-Port-Type [61] 6 Ethernet [15] *Mar 7 10:38:09.163 UTC: RADIUS: NAS-Port[5] 6 50007 *Mar 7 10:38:09.163 UTC: RADIUS: NAS-Port-Id [87] 17 "FastEthernet0/7" *Mar 7 10:38:09.163 UTC: RADIUS: NAS-IP-Address [4] 6 10.20.21.53 *Mar 7 10:38:09.163 UTC: RADIUS(00E2): Started 5 sec timeout *Mar 7 10:38:09.255 UTC: RADIUS: Received from id 1645/175 10.20.21.47:1812, Access-Accept, len 20 *Mar 7 10:38:09.255 UTC: RADIUS: authenticator 8C 5F AC B6 C2 7F 24 86 - 95 1A C2 E7 3D 3B CF EA *Mar 7 10:38:09.264 UTC: RADIUS(00E2): Received from id 1645/175 *Mar 7 10:38:09.264 UTC: %MAB-5-SUCCESS: Authentication successful for client (f092.1c8a.a954) on Interface Fa0/7 AuditSessionID 0A141535009A20F7F6CA *Mar 7 10:38:09.264 UTC: %AUTHMGR-7-RESULT: Authentication result 'success' from 'mab' for client (f092.1c8a.a954) on Interface Fa0/7 AuditSessionID 0A141535009A20F7F6CA *Mar 7 10:38:10.060 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up *Mar 7 10:38:10.287 UTC: %AUTHMGR-5-SUCCESS: Authorization succeeded for client (f092.1c8a.a954) on Interface Fa0/7 AuditSessionID 0A141535009A20F7F6CA I see who the PF not send the ACL and URL redirection. What can I do? Thanks a lot Roberto -Messaggio originale- Da: Casagrande Roberto, SEDE CENTRALE - GUBBIO, Colacem S.p.A. Inviato: giovedì 13 giugno 2019 16:35 A: packetfence-users@lists.sourceforge.net Cc: Fabrice Durand Oggetto: R: [PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta Thanks Fabrice, So, for only web auth I need only one eth0 for management and no other interface. Is it correct ? I try PF for authenticate Guest User (GU) that when GU have a user and password, connect the laptop in wired network, the laptop redirect to web page for autenticate. If the GU have credential done and surf to internet else not work. Thanks a lot for support Roberto -Messaggio originale- Da: Fabrice Durand via PacketFence-users Inviato: giovedì 13 giugno 2019 14:46 A: packetfence-users@lists.sourceforge.net Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta Hello Roberto, Le 19-06-12 à 23 h 53, Casagrande Roberto, SEDE CENTRALE - GUBBIO, Colacem S.p.A. via PacketFence-users a écrit : > Sorry but I don’t find how to create a trunk port to VMware or I don’t know > if I configured well the server PF for work with vlan. >
[PacketFence-users] Android and Windows agent xml
Hello, I'm having trouble reaching http://wireless-profiles.packetfence.org/profile.xml to get android or windows provisioning working. Unable to retrieve profile in all my testing. New packetfence setup from zen Thanks, Cory -- Message Sent from PCS GMail ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] R: How to configure vlan VMware esxi - web auth Captive porta
Thanks Fabrice, So, for only web auth I need only one eth0 for management and no other interface. Is it correct ? I try PF for authenticate Guest User (GU) that when GU have a user and password, connect the laptop in wired network, the laptop redirect to web page for autenticate. If the GU have credential done and surf to internet else not work. Thanks a lot for support Roberto -Messaggio originale- Da: Fabrice Durand via PacketFence-users Inviato: giovedì 13 giugno 2019 14:46 A: packetfence-users@lists.sourceforge.net Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta Hello Roberto, Le 19-06-12 à 23 h 53, Casagrande Roberto, SEDE CENTRALE - GUBBIO, Colacem S.p.A. via PacketFence-users a écrit : > Sorry but I don’t find how to create a trunk port to VMware or I don’t know > if I configured well the server PF for work with vlan. > Please can I have a support? There is so many example on internet about that. btw create the number of interface you need on the server and assign the vlan directly in the esx. > Other question, I would like use PF for authenticate the guest user with > wired connection (web auth Captive portal). > The PF management is vlan 20 and the guest user when they work after the > authentication I would like to leading to other vlan examples 212. > Is it necessary to have the PF with vlan sub interface? No you don't need to have an interface in the vlan 212. Regards Fabrice > Thanks a lot for support > Roberto > > Inviato da iPhone > > = > Le informazioni contenute in questa comunicazione e gli eventuali documenti > allegati hanno carattere confidenziale e sono a uso esclusivo del > destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi > informiamo che la sua diffusione e riproduzione è contraria alla legge e > preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. > Grazie. > This e-mail message and any files transmitted with it contain confidential > information intended only for the person(s) to whom it is addressed. If you > are not the intended recipient, you are hereby notified that any use or > distribution of this e-mail is strictly prohibited: please notify the sender > and delete the original message. > Thank you. > == > > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users = Le informazioni contenute in questa comunicazione e gli eventuali documenti allegati hanno carattere confidenziale e sono a uso esclusivo del destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi informiamo che la sua diffusione e riproduzione è contraria alla legge e preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. Grazie. This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use or distribution of this e-mail is strictly prohibited: please notify the sender and delete the original message. Thank you. == ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta
Hi Roberto, Add as port group via the VMWare Networking section. Use VLAN ID 4095 to set is as VLAN Trunk. Then make sure you use the "Network Adapter" use made when creating the PacketFence server. If you use Cisco Switch, here is the configuration on the interface side. interface GigabitEthernetX/Y/Z description Trunk_PacketFence_VM switchport trunk encapsulation dot1q switchport mode trunk spanning-tree portfast trunk spanning-tree bpduguard enable Hope this helps. Brgds, Eran. -Original Message- From: Casagrande Roberto, SEDE CENTRALE - GUBBIO, Colacem S.p.A. via PacketFence-users [mailto:packetfence-users@lists.sourceforge.net] Sent: Thursday, June 13, 2019 6:54 AM To: packetfence-users@lists.sourceforge.net Cc: Casagrande Roberto, SEDE CENTRALE - GUBBIO, Colacem S.p.A. Subject: [PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta Sorry but I don’t find how to create a trunk port to VMware or I don’t know if I configured well the server PF for work with vlan. Please can I have a support? Other question, I would like use PF for authenticate the guest user with wired connection (web auth Captive portal). The PF management is vlan 20 and the guest user when they work after the authentication I would like to leading to other vlan examples 212. Is it necessary to have the PF with vlan sub interface? Thanks a lot for support Roberto Inviato da iPhone = Le informazioni contenute in questa comunicazione e gli eventuali documenti allegati hanno carattere confidenziale e sono a uso esclusivo del destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi informiamo che la sua diffusione e riproduzione è contraria alla legge e preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. Grazie. This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use or distribution of this e-mail is strictly prohibited: please notify the sender and delete the original message. Thank you. == ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] [packetfence 8.3] Active/Passive cluster
HI Fabrice, yes, i have created the resource using the packetfence-mariadb service and disabled (for now) the automatic restart after boot so that pcs can start it like mentionned in the documentation but somehow even though a netstat shows the 3306 listening, impossible to connect via mysql -u user -p another weird thing that i've noticed is that after a reboot pcs starts the packetfence-mariadb service but the files in '/var/lib/mysql/ have user : mysql and group : netdata instead of mysql.mysql (user.group) and of course no mysql.socket is created when it's like that. Thanks in advance, Regards On Thu, 13 Jun 2019 at 14:49, Fabrice Durand via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > Hello Pro, > > are you using packetfence-mariadb service in pcs or just mariadb ? > > Regards > > Fabrice > > > Le 19-06-13 à 05 h 23, pro fence via PacketFence-users a écrit : > > Hello, > > does somebody know why when mariadb is started with pcs cluster it becomes > impossible to connect to mysql directly on the server here is the error > message : > > after checking, the socket is well present in /var/lib/mysql > > ERROR 2002 (HY000): Can't connect to local MySQL server through socket > '/var/lib/mysql/mysql.sock' (2 "No such file or directory") > > but when mariadb is started without pcs, th connection works just fine. > > any help would be appreciated > regards > > > ___ > PacketFence-users mailing > listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users > > -- > Fabrice durandfdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence > (http://packetfence.org) > > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta
Hi, for vmware trunking https://kb.vmware.com/s/article/1004252 for vlan in pf interface, you can do it by gui or cmd line, eth0, eth0.100, eth0.200 A quinta, 13/06/2019, 12:38, Casagrande Roberto, SEDE CENTRALE - GUBBIO, Colacem S.p.A. via PacketFence-users < packetfence-users@lists.sourceforge.net> escreveu: > Sorry but I don’t find how to create a trunk port to VMware or I don’t > know if I configured well the server PF for work with vlan. > Please can I have a support? > > Other question, I would like use PF for authenticate the guest user with > wired connection (web auth Captive portal). > The PF management is vlan 20 and the guest user when they work after the > authentication I would like to leading to other vlan examples 212. > Is it necessary to have the PF with vlan sub interface? > > Thanks a lot for support > Roberto > > Inviato da iPhone > > = > Le informazioni contenute in questa comunicazione e gli eventuali > documenti allegati hanno carattere confidenziale e sono a uso esclusivo del > destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi > informiamo che la sua diffusione e riproduzione è contraria alla legge e > preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. > Grazie. > This e-mail message and any files transmitted with it contain confidential > information intended only for the person(s) to whom it is addressed. If you > are not the intended recipient, you are hereby notified that any use or > distribution of this e-mail is strictly prohibited: please notify the > sender and delete the original message. > Thank you. > == > > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] [packetfence 8.3] Active/Passive cluster
Hello Pro, are you using packetfence-mariadb service in pcs or just mariadb ? Regards Fabrice Le 19-06-13 à 05 h 23, pro fence via PacketFence-users a écrit : Hello, does somebody know why when mariadb is started with pcs cluster it becomes impossible to connect to mysql directly on the server here is the error message : after checking, the socket is well present in /var/lib/mysql ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2 "No such file or directory") but when mariadb is started without pcs, th connection works just fine. any help would be appreciated regards ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta
Hello Roberto, Le 19-06-12 à 23 h 53, Casagrande Roberto, SEDE CENTRALE - GUBBIO, Colacem S.p.A. via PacketFence-users a écrit : Sorry but I don’t find how to create a trunk port to VMware or I don’t know if I configured well the server PF for work with vlan. Please can I have a support? There is so many example on internet about that. btw create the number of interface you need on the server and assign the vlan directly in the esx. Other question, I would like use PF for authenticate the guest user with wired connection (web auth Captive portal). The PF management is vlan 20 and the guest user when they work after the authentication I would like to leading to other vlan examples 212. Is it necessary to have the PF with vlan sub interface? No you don't need to have an interface in the vlan 212. Regards Fabrice Thanks a lot for support Roberto Inviato da iPhone = Le informazioni contenute in questa comunicazione e gli eventuali documenti allegati hanno carattere confidenziale e sono a uso esclusivo del destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi informiamo che la sua diffusione e riproduzione è contraria alla legge e preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. Grazie. This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use or distribution of this e-mail is strictly prohibited: please notify the sender and delete the original message. Thank you. == ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Device not terminated after email registration failed.
Hello Scott, what i can notice is when you register on the portal then packetfence deauth your device on 10.20.21.22 but you reconnect on 10.20.21.51 but after that packetfence is not able to deauth your device: RADIUS Disconnect-Request: No answer from 10.20.21.51 on port 3799 It looks that you have 2 networks equipment, one is correctly configured and the other one no. Regards Fabrice Le 19-06-12 à 15 h 35, Lu, Scott a écrit : Hi Fabrice, here is the packetfence.log thank you, Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:unknown] locale from the URL is not supported (pf::Portal::Session::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:unknown] External captive portal detected ! (captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:unknown] Detected external portal client. Using the IP 10.20.224.217 address in it's session. (captiveportal::PacketFence::Model::Portal::Session::_build_clientIP) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:b8:c1:11:37:68:40] locale from the URL is not supported (pf::Portal::Session::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] External captive portal detected ! (captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] Detected external portal client. Using the IP 10.20.224.217 address in it's session. (captiveportal::PacketFence::Model::Portal::Session::_build_clientIP) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] Instantiate profile WiFi_onBoard (pf::Connection::ProfileFactory::_from_profile) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:b8:c1:11:37:68:40] locale from the URL is not supported (captiveportal::PacketFence::Controller::Root::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] Releasing device (captiveportal::PacketFence::DynamicRouting::Module::Root::release) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] User default has authenticated on the portal. (Class::MOP::Class:::after) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:b8:c1:11:37:68:40] locale from the URL is not supported (pf::Portal::Session::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] re-evaluating access (manage_register called) (pf::enforcement::reevaluate_access) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] VLAN reassignment is forced. (pf::enforcement::_should_we_reassign_vlan) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] switch port is (10.20.21.22) ifIndex unknown connection type: Wifi Web Auth (pf::enforcement::_vlan_reevaluation) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2647) INFO: [mac:[undef]] URI '/RuckusSmartZone' is detected as an external captive portal URI (pf::web::externalportal::handle) Jun 12 11:40:28 pfz9 pfqueue: pfqueue(3978) INFO: [mac:b8:c1:11:37:68:40] [b8:c1:11:37:68:40] DesAssociating mac on switch (10.20.21.22) (pf::api::desAssociate) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] handling radius autz request: from switch_ip => (10.20.21.51), connection_type => Wireless-802.11-NoEAP,switch_mac => (54:3d:37:2c:a7:9c), mac => [b8:c1:11:37:68:40], port => 0, username => "B8:C1:11:37:68:40", ssid => VUSD-Guest (pf::radius::authorize) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] Instantiate profile WiFi_onBoard (pf::Connection::ProfileFactory::_from_profile) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] Connection type is Wireless-802.11-NoEAP. Getting role from node_info (pf::role::getRegisteredRole) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] Username was defined "B8:C1:11:37:68:40" - returning role 'pf_onBoard' (pf::role::getRegisteredRole) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] PID: "s...@hhh.aaa", Status: reg Returned VLAN: (undefined), Role: pf_onBoard (pf::role::fetchRoleForNode) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) WARN: [mac:b8:c1:11:37:68:40] No parameter pf_onBoardVlan found in conf/switches.conf for the switch 10.20.21.51 (pf::Switch::getVlanByName) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:[undef]] Updating locationlog from accounting
Re: [PacketFence-users] Device not terminated after email registration failed.
Hi Fabrice, here is the packetfence.log thank you, Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:unknown] locale from the URL is not supported (pf::Portal::Session::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:unknown] External captive portal detected ! (captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:unknown] Detected external portal client. Using the IP 10.20.224.217 address in it's session. (captiveportal::PacketFence::Model::Portal::Session::_build_clientIP) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:b8:c1:11:37:68:40] locale from the URL is not supported (pf::Portal::Session::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] External captive portal detected ! (captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] Detected external portal client. Using the IP 10.20.224.217 address in it's session. (captiveportal::PacketFence::Model::Portal::Session::_build_clientIP) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] Instantiate profile WiFi_onBoard (pf::Connection::ProfileFactory::_from_profile) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:b8:c1:11:37:68:40] locale from the URL is not supported (captiveportal::PacketFence::Controller::Root::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] Releasing device (captiveportal::PacketFence::DynamicRouting::Module::Root::release) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] User default has authenticated on the portal. (Class::MOP::Class:::after) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) WARN: [mac:b8:c1:11:37:68:40] locale from the URL is not supported (pf::Portal::Session::getLanguages) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] re-evaluating access (manage_register called) (pf::enforcement::reevaluate_access) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] VLAN reassignment is forced. (pf::enforcement::_should_we_reassign_vlan) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2646) INFO: [mac:b8:c1:11:37:68:40] switch port is (10.20.21.22) ifIndex unknown connection type: Wifi Web Auth (pf::enforcement::_vlan_reevaluation) Jun 12 11:40:27 pfz9 packetfence_httpd.portal: httpd.portal(2647) INFO: [mac:[undef]] URI '/RuckusSmartZone' is detected as an external captive portal URI (pf::web::externalportal::handle) Jun 12 11:40:28 pfz9 pfqueue: pfqueue(3978) INFO: [mac:b8:c1:11:37:68:40] [b8:c1:11:37:68:40] DesAssociating mac on switch (10.20.21.22) (pf::api::desAssociate) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] handling radius autz request: from switch_ip => (10.20.21.51), connection_type => Wireless-802.11-NoEAP,switch_mac => (54:3d:37:2c:a7:9c), mac => [b8:c1:11:37:68:40], port => 0, username => "B8:C1:11:37:68:40", ssid => VUSD-Guest (pf::radius::authorize) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] Instantiate profile WiFi_onBoard (pf::Connection::ProfileFactory::_from_profile) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] Connection type is Wireless-802.11-NoEAP. Getting role from node_info (pf::role::getRegisteredRole) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] Username was defined "B8:C1:11:37:68:40" - returning role 'pf_onBoard' (pf::role::getRegisteredRole) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] PID: "s...@hhh.aaa", Status: reg Returned VLAN: (undefined), Role: pf_onBoard (pf::role::fetchRoleForNode) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) WARN: [mac:b8:c1:11:37:68:40] No parameter pf_onBoardVlan found in conf/switches.conf for the switch 10.20.21.51 (pf::Switch::getVlanByName) Jun 12 11:40:28 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:[undef]] Updating locationlog from accounting request (pf::api::handle_accounting_metadata) Jun 12 11:40:28 pfz9 pfqueue: pfqueue(3978) INFO: [mac:b8:c1:11:37:68:40] Contacted Ruckus to perform deauthentication (pf::Switch::Ruckus::SmartZone::deauthenticateMacWebservices) Jun 12 11:41:25 pfz9 packetfence_httpd.aaa: httpd.aaa(1754) INFO: [mac:b8:c1:11:37:68:40] Instantiate profile WiFi_onBoard (pf::Connection::ProfileFactory::_from_profile) Jun 12 11:45:08 pfz9 pfipset[2432]: t=2019-06-12T11:45:08-0700 lvl=info msg="No Inline Network bypass
[PacketFence-users] [packetfence 8.3] Active/Passive cluster
Hello, does somebody know why when mariadb is started with pcs cluster it becomes impossible to connect to mysql directly on the server here is the error message : after checking, the socket is well present in /var/lib/mysql ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2 "No such file or directory") but when mariadb is started without pcs, th connection works just fine. any help would be appreciated regards ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] How to configure vlan VMware esxi - web auth Captive porta
Sorry but I don’t find how to create a trunk port to VMware or I don’t know if I configured well the server PF for work with vlan. Please can I have a support? Other question, I would like use PF for authenticate the guest user with wired connection (web auth Captive portal). The PF management is vlan 20 and the guest user when they work after the authentication I would like to leading to other vlan examples 212. Is it necessary to have the PF with vlan sub interface? Thanks a lot for support Roberto Inviato da iPhone = Le informazioni contenute in questa comunicazione e gli eventuali documenti allegati hanno carattere confidenziale e sono a uso esclusivo del destinatario. Nel caso questa comunicazione Vi sia pervenuta per errore, Vi informiamo che la sua diffusione e riproduzione è contraria alla legge e preghiamo di darci prontamente avviso e di cancellare quanto ricevuto. Grazie. This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom it is addressed. If you are not the intended recipient, you are hereby notified that any use or distribution of this e-mail is strictly prohibited: please notify the sender and delete the original message. Thank you. == ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users