date:20201016

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

2020-10-16 Thread Goodspeed, William via PacketFence-users

Ludovic,

Thank you for the assistance, that fixed it! I think the suggestion of making 
the LAN Packetfence IP the network detection IP made me think I had to have 
that in there.

Thank you again for the assistance, I plan on upgrading to 10.2 before doing 
any other changes.

William

From: Ludovic Zammit 
Sent: Friday, October 16, 2020 10:46 AM
To: Goodspeed, William 
Cc: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting 
Portal

Hello,

Set your interface enp0s29u1u5 at “none” because it looks like it’s your trunk 
interface,

Then, set correct ip addresses on your interface:

[interface enp0s29u1u5.18]
enforcement=vlan
ip=10.0.18.0
type=internal
mask=255.255.255.0

[interface enp0s29u1u5.16]
ip=10.0.16.0
type=other
mask=255.255.255.0

You can put whatever your want like .1 but not .0

[captive_portal]
#
# captive_portal.network_detection_ip
#
# This IP is used as the webserver who hosts the 
common/network-access-detection.gif which is used to detect if network
# access was enabled.
# It cannot be a domain name since it is used in registration or quarantine 
where DNS is blackholed.
# It is recommended that you allow your users to reach your packetfence server 
and put your LAN's PacketFence IP.
# By default we will make this reach PacketFence's website as an easy solution.
#
network_detection_ip=10.0.0.3

Remove the 10.0.0.3 and keep the default 192.95.20.194 ip address. It will 
break your network detection during the registration process.

I will advice you to do those changes in the admin web interface and then 
restart all service using the cli:

/usr/local/pf/bin/pfcmd service pf restart

Thanks,

Ludovic Zammit

lzam...@inverse.ca ::  +1.514.447.4918 (x145) ::  
www.inverse.ca

Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)





On Oct 16, 2020, at 10:20 AM, Goodspeed, William 
mailto:william.goodsp...@g3ti.net>> wrote:

Hey Ludovic,

I’m Running 10.1 and yes I see that pf-main.pl is present.

Attached are the conf and screenshot of ipconfig /all for the ethernet 
interface of the laptop I am testing with.

Thank you,

William



From: Ludovic Zammit mailto:lzam...@inverse.ca>>
Sent: Friday, October 16, 2020 8:33 AM
To: 
packetfence-users@lists.sourceforge.net
Cc: Goodspeed, William 
mailto:william.goodsp...@g3ti.net>>
Subject: Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting 
Portal

Hello,

Which PacketFence version are you running ? Is your server patched with 
addons/pf-maint.pl ?

Share the conf/pf.conf

Share a screenshot of the ipconfig /all of the testing device.

Thanks,

Ludovic Zammit

lzam...@inverse.ca ::  +1.514.447.4918 (x145) ::  
www.inverse.ca

Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) 
and PacketFence (http://packetfence.org)







On Oct 15, 2020, at 9:56 AM, Goodspeed, William via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 wrote:

Good Morning,

I am trying to get PF set up and I’ve gotten to the point where I can connect a 
laptop, PF correctly assigns the switch port the registration VLAN, and it gets 
a dhcp address from the registration VLAN I created in PF. When I try to open a 
browser and get to the registration page I get a “err_connection_refused” error 
and it doesn’t forward me to anything. Any pointers on where to start looking? 
I’m running on CentOS 7 and have checked that firewalld and selinux are 
disabled. I’m pretty sure that I have followed the configuration steps 
correctly but maybe there is something I missed.

Thank you,

William G.
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Cannot Synchronize MariaDB in Distributed Cluster

2020-10-16 Thread Jeff Linden via PacketFence-users

Ludovic,

Yes, sorry, I did that along the way as a troubleshooting measure.  I came 
across the idea that MariaDB or MySQL once had a bug that caused a bad behavior 
when loading a defaults file with an extension different than .cnf.

The .cnf file is a duplicate of .conf.  I modified the Perl programs to 
generate and call the .cnf instead of the .conf.  It made no difference.  I did 
not mean to leave that in there when sharing my troubles with you.  I will take 
it out.

You should be able to safely ignore the filename difference in your 
consideration of what might be going wrong.

Thanks,

Jeff


From: Ludovic Zammit 
Sent: Friday, October 16, 2020 1:51 PM
To: packetfence-users@lists.sourceforge.net
Cc: Jeff Linden 
Subject: Re: [PacketFence-users] Cannot Synchronize MariaDB in Distributed 
Cluster

Hello Jeff,

Did you alter the mariadb configuration ?

Because I don’t know why it’s loading the wrong config

My status:

[root@pf pf]# systemctl status packetfence-mariadb
● packetfence-mariadb.service - PacketFence MariaDB instance
   Loaded: loaded (/usr/lib/systemd/system/packetfence-mariadb.service; 
enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-09-15 10:59:02 EDT; 1 months 0 days 
ago
 Main PID: 3999 (pf-mariadb)
   Status: "Taking your SQL requests now..."
   CGroup: /packetfence.slice/packetfence-base.slice/packetfence-mariadb.service
   ├─3999 pf-mariadb
   ├─6871 /bin/sh /usr/bin/mysqld_safe 
--defaults-file=/usr/local/pf/var/conf/mariadb.conf
   ├─7073 /usr/sbin/mysqld 
--defaults-file=/usr/local/pf/var/conf/mariadb.conf --basedir=/usr 
--datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --pid-...
   └─7074 logger -t mysqld -p daemon.error

Yours:

● packetfence-mariadb.service - PacketFence MariaDB instance
   Loaded: loaded (/lib/systemd/system/packetfence-mariadb.service; enabled; 
vendor preset: enabled)
   Active: activating (start) since Fri 2020-10-16 12:26:23 EDT; 34s ago
  Process: 215522 ExecStartPre=/usr/local/pf/bin/pfcmd generatemariadbconfig 
(code=exited, status=0/SUCCESS)
Main PID: 215534 (pf-mariadb)
   Status: "Free innodb buffer pool"
Tasks: 4 (limit: 36864)
   CGroup: /packetfence.slice/packetfence-base.slice/packetfence-mariadb.service
   ├─215534 pf-mariadb
   ├─218833 /bin/bash /usr/bin/mysqld_safe 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf
   ├─218981 /usr/sbin/mysqld 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf --basedir=/usr 
--datadir=/var/lib/mysql --plugin-dir=/usr/lib/x86_64-linux-gnu/mari
   └─218982 logger -t mysqld -p daemon error

[root@pf pf]# yum list intalled mariadb\*
Loaded plugins: fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
Loading mirror speeds from cached hostfile
 * base: centos.mirror.globo.tech
 * extras: centos.mirror.globo.tech
 * updates: centos.mirror.netelligent.ca
Installed Packages
MariaDB-client.x86_64   
  10.1.21-1.el7.centos 
@packetfence
MariaDB-common.x86_64   
  10.1.21-1.el7.centos 
@packetfence
MariaDB-server.x86_64   
  10.1.21-1.el7.centos 
@packetfence
MariaDB-shared.x86_64   
  10.1.21-1.el7.centos 
@packetfence
Available Packages
mariadb.x86_64  
  1:5.5.65-1.el7   base
mariadb-bench.x86_64
  1:5.5.65-1.el7   base
mariadb-devel.i686  
  1:5.5.65-1.el7   base
mariadb-devel.x86_64
  1:5.5.65-1.el7   base
mariadb-embedded.i686   
  1:5.5.65-1.el7   base
mariadb-embedded.x86_64 
  1:5.5.65-1.el7   base
mariadb-embedded-devel.i686 
  1:5.5.65-1.el7   base
mariadb-embedded-devel.x86_64   
  1:5.5.65-1.el7

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

2020-10-16 Thread Ludovic Zammit via PacketFence-users

What are you trying to achieve there ?

Give a bit of context.

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 16, 2020, at 1:54 PM, rahim damji  wrote:
> 
> Thank U here u go
> 
> root@packetfence ~]# raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000
> (703) Thu Oct 15 10:35:30 2020: Debug: Received Status-Server Id 172 from 
> 127.0.0.1:56048 to 127.0.0.1:18121 length 50
> (703) Thu Oct 15 10:35:30 2020: Debug:   Message-Authenticator = 
> 0x29f77e107025d985d90537b9c9854276
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Statistics-Type = 15
> (703) Thu Oct 15 10:35:30 2020: Debug: # Executing group from file 
> /usr/local/pf/raddb/sites-enabled/status
> (703) Thu Oct 15 10:35:30 2020: Debug:   Autz-Type Status-Server {
> (703) Thu Oct 15 10:35:30 2020: Debug: [ok] = ok
> (703) Thu Oct 15 10:35:30 2020: Debug:   } # Autz-Type Status-Server = ok
> (703) Thu Oct 15 10:35:30 2020: Debug: Sent Access-Accept Id 172 from 
> 127.0.0.1:18121 to 127.0.0.1:56048 length 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Access-Requests = 
> 707
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Access-Accepts = 15
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Access-Rejects = 4
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Access-Challenges = 
> 112
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Auth-Responses = 131
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Auth-Duplicate-Requests = 3
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Auth-Malformed-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Auth-Invalid-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Auth-Dropped-Requests = 3
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Auth-Unknown-Types 
> = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Accounting-Requests 
> = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Accounting-Responses = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Acct-Duplicate-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Acct-Malformed-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Acct-Invalid-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Acct-Dropped-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Acct-Unknown-Types 
> = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Access-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Access-Accepts = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Access-Rejects = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Access-Challenges = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Auth-Responses = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Auth-Duplicate-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Auth-Malformed-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Auth-Invalid-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Auth-Dropped-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Auth-Unknown-Types = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Accounting-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Accounting-Responses = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Acct-Duplicate-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Acct-Malformed-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Acct-Invalid-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Acct-Dropped-Requests = 0
> (703) Thu Oct 15 10:35:30 2020: Debug:   
> FreeRADIUS-Total-Proxy-Acct-Unknown-Types = 0
> (703) Thu Oct 15 10:35:30 2020: Debug: Finished request
> (704) Thu Oct 15 10:35:31 2020: Debug: Received Access-Request Id 3 from 
> 10.0.0.229:3495 to 10.0.0.234:1812 length 220
> (704) Thu Oct 15 10:35:31 2020: Debug:   NAS-Identifier = "damji60E"
> (704) Thu Oct 15 10:35:31 2020: Debug:   User-Name = "b0:35:b5:b9:fb:aa"
> (704) Thu Oct 15 10:35:31 2020: Debug:   User-Password = "b0:35:b5:b9:fb:aa"
> (704) Thu Oct 15 10:35:31 2020: Debug:   NAS-IP-Address = 10.0.0.229
> (704) Thu Oct 15 10:35:31 2020: Debug:   NAS-Port-Type = Virtual
> (704) Thu Oct 15 10:35:31 2020: Debug:   Called-Station-Id = 
> "08-5B-0E-0E-35-C4:FDTUNNEL"
> (704) Thu Oct 15 10:35:31 2020: Debug:

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

2020-10-16 Thread rahim damji via PacketFence-users

 Thank U here u go
root@packetfence ~]# raddebug -f /usr/local/pf/var/run/radiusd.sock -t 
3000(703) Thu Oct 15 10:35:30 2020: Debug: Received Status-Server Id 172 from 
127.0.0.1:56048 to 127.0.0.1:18121 length 50(703) Thu Oct 15 10:35:30 2020: 
Debug:   Message-Authenticator = 0x29f77e107025d985d90537b9c9854276(703) Thu 
Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Statistics-Type = 15(703) Thu Oct 15 
10:35:30 2020: Debug: # Executing group from file 
/usr/local/pf/raddb/sites-enabled/status(703) Thu Oct 15 10:35:30 2020: Debug:  
 Autz-Type Status-Server {(703) Thu Oct 15 10:35:30 2020: Debug:     [ok] = 
ok(703) Thu Oct 15 10:35:30 2020: Debug:   } # Autz-Type Status-Server = 
ok(703) Thu Oct 15 10:35:30 2020: Debug: Sent Access-Accept Id 172 from 
127.0.0.1:18121 to 127.0.0.1:56048 length 0(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Access-Requests = 707(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Access-Accepts = 15(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Access-Rejects = 4(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Access-Challenges = 112(703) Thu Oct 15 10:35:30 
2020: Debug:   FreeRADIUS-Total-Auth-Responses = 131(703) Thu Oct 15 10:35:30 
2020: Debug:   FreeRADIUS-Total-Auth-Duplicate-Requests = 3(703) Thu Oct 15 
10:35:30 2020: Debug:   FreeRADIUS-Total-Auth-Malformed-Requests = 0(703) Thu 
Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Auth-Invalid-Requests = 0(703) 
Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Auth-Dropped-Requests = 
3(703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Auth-Unknown-Types = 
0(703) Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Accounting-Requests 
= 0(703) Thu Oct 15 10:35:30 2020: Debug:   
FreeRADIUS-Total-Accounting-Responses = 0(703) Thu Oct 15 10:35:30 2020: Debug: 
  FreeRADIUS-Total-Acct-Duplicate-Requests = 0(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Acct-Malformed-Requests = 0(703) Thu Oct 15 10:35:30 
2020: Debug:   FreeRADIUS-Total-Acct-Invalid-Requests = 0(703) Thu Oct 15 
10:35:30 2020: Debug:   FreeRADIUS-Total-Acct-Dropped-Requests = 0(703) Thu Oct 
15 10:35:30 2020: Debug:   FreeRADIUS-Total-Acct-Unknown-Types = 0(703) Thu Oct 
15 10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Access-Requests = 0(703) Thu 
Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Access-Accepts = 0(703) 
Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Access-Rejects = 
0(703) Thu Oct 15 10:35:30 2020: Debug:   
FreeRADIUS-Total-Proxy-Access-Challenges = 0(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Proxy-Auth-Responses = 0(703) Thu Oct 15 10:35:30 
2020: Debug:   FreeRADIUS-Total-Proxy-Auth-Duplicate-Requests = 0(703) Thu Oct 
15 10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Auth-Malformed-Requests = 
0(703) Thu Oct 15 10:35:30 2020: Debug:   
FreeRADIUS-Total-Proxy-Auth-Invalid-Requests = 0(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Proxy-Auth-Dropped-Requests = 0(703) Thu Oct 15 
10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Auth-Unknown-Types = 0(703) Thu 
Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Accounting-Requests = 
0(703) Thu Oct 15 10:35:30 2020: Debug:   
FreeRADIUS-Total-Proxy-Accounting-Responses = 0(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Proxy-Acct-Duplicate-Requests = 0(703) Thu Oct 15 
10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Acct-Malformed-Requests = 0(703) 
Thu Oct 15 10:35:30 2020: Debug:   FreeRADIUS-Total-Proxy-Acct-Invalid-Requests 
= 0(703) Thu Oct 15 10:35:30 2020: Debug:   
FreeRADIUS-Total-Proxy-Acct-Dropped-Requests = 0(703) Thu Oct 15 10:35:30 2020: 
Debug:   FreeRADIUS-Total-Proxy-Acct-Unknown-Types = 0(703) Thu Oct 15 10:35:30 
2020: Debug: Finished request(704) Thu Oct 15 10:35:31 2020: Debug: Received 
Access-Request Id 3 from 10.0.0.229:3495 to 10.0.0.234:1812 length 220(704) Thu 
Oct 15 10:35:31 2020: Debug:   NAS-Identifier = "damji60E"(704) Thu Oct 15 
10:35:31 2020: Debug:   User-Name = "b0:35:b5:b9:fb:aa"(704) Thu Oct 15 
10:35:31 2020: Debug:   User-Password = "b0:35:b5:b9:fb:aa"(704) Thu Oct 15 
10:35:31 2020: Debug:   NAS-IP-Address = 10.0.0.229(704) Thu Oct 15 10:35:31 
2020: Debug:   NAS-Port-Type = Virtual(704) Thu Oct 15 10:35:31 2020: Debug:   
Called-Station-Id = "08-5B-0E-0E-35-C4:FDTUNNEL"(704) Thu Oct 15 10:35:31 2020: 
Debug:   Calling-Station-Id = "B0-35-B5-B9-FB-AA"(704) Thu Oct 15 10:35:31 
2020: Debug:   Fortinet-SSID = "FDTUNNEL"(704) Thu Oct 15 10:35:31 2020: Debug: 
  Fortinet-AP-Name = "FAP11C3X13002176"(704) Thu Oct 15 10:35:31 2020: Debug:   
Acct-Session-Id = "5c191ef8"(704) Thu Oct 15 10:35:31 2020: Debug:   
Connect-Info = "web-auth"(704) Thu Oct 15 10:35:31 2020: Debug:   
Fortinet-Vdom-Name = "root"(704) Thu Oct 15 10:35:31 2020: Debug:   
Service-Type = Login-User(704) Thu Oct 15 10:35:31 2020: Debug: # Executing 
section authorize from file /usr/local/pf/raddb/sites-enabled/packetfence(704) 
Thu Oct 15 10:35:31 2020: Debug:

Re: [PacketFence-users] Cannot Synchronize MariaDB in Distributed Cluster

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello Jeff,

Did you alter the mariadb configuration ?

Because I don’t know why it’s loading the wrong config

My status:

[root@pf pf]# systemctl status packetfence-mariadb
● packetfence-mariadb.service - PacketFence MariaDB instance
   Loaded: loaded (/usr/lib/systemd/system/packetfence-mariadb.service; 
enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-09-15 10:59:02 EDT; 1 months 0 days 
ago
 Main PID: 3999 (pf-mariadb)
   Status: "Taking your SQL requests now..."
   CGroup: /packetfence.slice/packetfence-base.slice/packetfence-mariadb.service
   ├─3999 pf-mariadb
   ├─6871 /bin/sh /usr/bin/mysqld_safe 
--defaults-file=/usr/local/pf/var/conf/mariadb.conf
   ├─7073 /usr/sbin/mysqld 
--defaults-file=/usr/local/pf/var/conf/mariadb.conf --basedir=/usr 
--datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --pid-...
   └─7074 logger -t mysqld -p daemon.error

Yours:

● packetfence-mariadb.service - PacketFence MariaDB instance
   Loaded: loaded (/lib/systemd/system/packetfence-mariadb.service; enabled; 
vendor preset: enabled)
   Active: activating (start) since Fri 2020-10-16 12:26:23 EDT; 34s ago
  Process: 215522 ExecStartPre=/usr/local/pf/bin/pfcmd generatemariadbconfig 
(code=exited, status=0/SUCCESS)
Main PID: 215534 (pf-mariadb)
   Status: "Free innodb buffer pool"
Tasks: 4 (limit: 36864)
   CGroup: /packetfence.slice/packetfence-base.slice/packetfence-mariadb.service
   ├─215534 pf-mariadb
   ├─218833 /bin/bash /usr/bin/mysqld_safe 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf
   ├─218981 /usr/sbin/mysqld 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf --basedir=/usr 
--datadir=/var/lib/mysql --plugin-dir=/usr/lib/x86_64-linux-gnu/mari
   └─218982 logger -t mysqld -p daemon error

[root@pf pf]# yum list intalled mariadb\*
Loaded plugins: fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
Loading mirror speeds from cached hostfile
 * base: centos.mirror.globo.tech
 * extras: centos.mirror.globo.tech
 * updates: centos.mirror.netelligent.ca
Installed Packages
MariaDB-client.x86_64   
  10.1.21-1.el7.centos 
@packetfence
MariaDB-common.x86_64   
  10.1.21-1.el7.centos 
@packetfence
MariaDB-server.x86_64   
  10.1.21-1.el7.centos 
@packetfence
MariaDB-shared.x86_64   
  10.1.21-1.el7.centos 
@packetfence
Available Packages
mariadb.x86_64  
  1:5.5.65-1.el7   base
mariadb-bench.x86_64
  1:5.5.65-1.el7   base
mariadb-devel.i686  
  1:5.5.65-1.el7   base
mariadb-devel.x86_64
  1:5.5.65-1.el7   base
mariadb-embedded.i686   
  1:5.5.65-1.el7   base
mariadb-embedded.x86_64 
  1:5.5.65-1.el7   base
mariadb-embedded-devel.i686 
  1:5.5.65-1.el7   base
mariadb-embedded-devel.x86_64   
  1:5.5.65-1.el7   base
mariadb-libs.i686   
  1:5.5.65-1.el7   base
mariadb-libs.x86_64 
  1:5.5.65-1.el7   base
mariadb-server.x86_64   
  1:5.5.65-1.el7   base
mariadb-test.x86_64 
  1:5.5.65-1.el7   base


Could you run: yum list intalled mariadb\*

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello,

Yes please, could you send the output of the command:

raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3600 | tee raddebug.log

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 15, 2020, at 11:23 AM, rahim damji via PacketFence-users 
>  wrote:
> 
> I can post my debug if needed
> 
> Thanks
> 
> Rahim
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello,

I think, the Network device does not support this mode of operation.

Thank,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 16, 2020, at 9:20 AM, rahim damji via PacketFence-users 
>  wrote:
> 
> The error I am recieving in the logs is
> 
> Reply-Message":"Network device does not support this mode of
> > operation","control:PacketFence-Eap-Type":0,
> 
> 
> On Friday, October 16, 2020, 08:26:05 AM EDT, rahim damji via 
> PacketFence-users  wrote:
> 
> 
> I can post my debug if needed
> 
> Thanks
> 
> Rahim
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net 
> 
> https://lists.sourceforge.net/lists/listinfo/packetfence-users 
> 
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

2020-10-16 Thread rahim damji via PacketFence-users

 The error I am recieving in the logs is
Reply-Message":"Network device does not support this mode of
> operation","control:PacketFence-Eap-Type":0,

On Friday, October 16, 2020, 08:26:05 AM EDT, rahim damji via 
PacketFence-users  wrote:  
 
 I can post my debug if needed
Thanks
Rahim___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
  ___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

2020-10-16 Thread Goodspeed, William via PacketFence-users

Hey Ludovic,

I’m Running 10.1 and yes I see that pf-main.pl is present.

Attached are the conf and screenshot of ipconfig /all for the ethernet 
interface of the laptop I am testing with.

Thank you,

William



From: Ludovic Zammit 
Sent: Friday, October 16, 2020 8:33 AM
To: packetfence-users@lists.sourceforge.net
Cc: Goodspeed, William 
Subject: Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting 
Portal

Hello,

Which PacketFence version are you running ? Is your server patched with 
addons/pf-maint.pl ?

Share the conf/pf.conf

Share a screenshot of the ipconfig /all of the testing device.

Thanks,

Ludovic Zammit

lzam...@inverse.ca ::  +1.514.447.4918 (x145) ::  
www.inverse.ca

Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence 
(http://packetfence.org)





On Oct 15, 2020, at 9:56 AM, Goodspeed, William via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 wrote:

Good Morning,

I am trying to get PF set up and I’ve gotten to the point where I can connect a 
laptop, PF correctly assigns the switch port the registration VLAN, and it gets 
a dhcp address from the registration VLAN I created in PF. When I try to open a 
browser and get to the registration page I get a “err_connection_refused” error 
and it doesn’t forward me to anything. Any pointers on where to start looking? 
I’m running on CentOS 7 and have checked that firewalld and selinux are 
disabled. I’m pretty sure that I have followed the configuration steps 
correctly but maybe there is something I missed.

Thank you,

William G.
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



pf.conf
Description: pf.conf
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Cannot Synchronize MariaDB in Distributed Cluster

2020-10-16 Thread Jeff Linden via PacketFence-users

Hello,

I have now moved on to creating a cluster.  I’m following the instructions 
here: https://packetfence.org/doc/PacketFence_Clustering_Guide.html

The cluster is distributed; each of the 3 nodes are in different layer 3 
networks.

I’ve reached section 3.5.3 MariaDB sync in the instructions and it is not 
succeeding.

On the master node, I have executed /usr/local/pf/sbin/pf-mariadb 
-force-new-cluster.  The mysqld process is running and the following errors 
occur in /usr/local/pf/logs/packetfence.log:

Oct 16 12:12:27 nadc1-pfence-01 packetfence: -e(23457) FATAL: unable to connect 
to database: Can't connect to MySQL server on '127.0.0.1' (111 "Connection 
refused") at /usr/local/pf/lib/pf/dal.pm line 70.

I find the database is running on the master node.  I can successfully connect 
using the command ‘mysql -u root -p’.  I can also connect using the command 
‘mysql -h localhost -u root -p’.  And, from the secondary node, I can connect 
to the database on the master node using the command ‘mysql -h  
-u root -p’.  I’m confident the database is running and listening.


On the other node, the configuration is synced, haproxy-db and 
httpd.webservices are running.  On all servers, iptables is stopped.  The 
MariaDB data is flushed using ‘rm -fr /var/lib/mysql/*’ and I can see the 
folder is empty.

I execute the command ‘systemctl restart packetfence-mariadb’ and see the 
following message repeating in /usr/local/pf/logs/packetfence.log:

Oct 16 12:01:46 novi-pfence-01 packetfence: pf-mariadb(59988) INFO: There is a 
peer with an alive DB. Will attempt to connect to the cluster 
(main::startup_clean_shutdown)

Using the command ‘systemctl status packetfence-mariadb’ a couple times in a 
row, the following errors occur showing that the process is crashing and 
restarting.

● packetfence-mariadb.service - PacketFence MariaDB instance
   Loaded: loaded (/lib/systemd/system/packetfence-mariadb.service; enabled; 
vendor preset: enabled)
   Active: activating (start) since Fri 2020-10-16 12:26:23 EDT; 34s ago
  Process: 215522 ExecStartPre=/usr/local/pf/bin/pfcmd generatemariadbconfig 
(code=exited, status=0/SUCCESS)
Main PID: 215534 (pf-mariadb)
   Status: "Free innodb buffer pool"
Tasks: 4 (limit: 36864)
   CGroup: /packetfence.slice/packetfence-base.slice/packetfence-mariadb.service
   ├─215534 pf-mariadb
   ├─218833 /bin/bash /usr/bin/mysqld_safe 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf
   ├─218981 /usr/sbin/mysqld 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf --basedir=/usr 
--datadir=/var/lib/mysql --plugin-dir=/usr/lib/x86_64-linux-gnu/mari
   └─218982 logger -t mysqld -p daemon error

Oct 16 12:26:54 novi-pfence-01 mysqld[218781]: 2020-10-16 12:26:54 
139773373455744 [Note] Recovering after a crash using tc.log
Oct 16 12:26:54 novi-pfence-01 mysqld[218781]: 2020-10-16 12:26:54 
139773373455744 [Note] Starting crash recovery...
Oct 16 12:26:54 novi-pfence-01 mysqld[218781]: 2020-10-16 12:26:54 
139773373455744 [Note] Crash recovery finished.
Oct 16 12:26:54 novi-pfence-01 mysqld[218781]: 2020-10-16 12:26:54 
139773373455744 [ERROR] Can't open and lock privilege tables: Table 
'mysql.servers' doesn't exist
Oct 16 12:26:54 novi-pfence-01 mysqld[218781]: 2020-10-16 12:26:54 
139773373455744 [Note] Server socket created on IP: '10.22.0.82'.
Oct 16 12:26:54 novi-pfence-01 mysqld[218781]: 2020-10-16 12:26:54 
139773373455744 [Note] WSREP: disabled, skipping position recovery
Oct 16 12:26:57 novi-pfence-01 packetfence[215534]: pf-mariadb(215534) INFO: 
There is a peer with an alive DB. Will attempt to connect to the cluster 
(main::startup_clean_
Oct 16 12:26:57 novi-pfence-01 pf-mariadb[215534]: Starting MySQL with command: 
mysqld_safe --defaults-file=/usr/local/pf/var/conf/mariadb.cnf
Oct 16 12:26:57 novi-pfence-01 pf-mariadb[215534]: 201016 12:26:57 mysqld_safe 
Logging to syslog.
Oct 16 12:26:57 novi-pfence-01 pf-mariadb[215534]: 201016 12:26:57 mysqld_safe 
Starting mysqld daemon with databases from /var/lib/mysql
root@novi-pfence-01:/var/lib/mysql# systemctl -l --wait status 
packetfence-mariadb


● packetfence-mariadb.service - PacketFence MariaDB instance
   Loaded: loaded (/lib/systemd/system/packetfence-mariadb.service; enabled; 
vendor preset: enabled)
   Active: activating (start) since Fri 2020-10-16 12:26:23 EDT; 35s ago
  Process: 215522 ExecStartPre=/usr/local/pf/bin/pfcmd generatemariadbconfig 
(code=exited, status=0/SUCCESS)
Main PID: 215534 (pf-mariadb)
   Status: "Starting Innodb crash recovery"
Tasks: 23 (limit: 36864)
   CGroup: /packetfence.slice/packetfence-base.slice/packetfence-mariadb.service
   ├─215534 pf-mariadb
   ├─219013 /bin/bash /usr/bin/mysqld_safe 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf --wsrep-recover
   ├─219167 /usr/sbin/mysqld 
--defaults-file=/usr/local/pf/var/conf/mariadb.cnf --basedir=/usr 
--datadir=/var/lib/mysql --plugin-dir=/usr/lib/x86_64-linux-gnu/mari

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello,

Set your interface enp0s29u1u5 at “none” because it looks like it’s your trunk 
interface,

Then, set correct ip addresses on your interface:

[interface enp0s29u1u5.18]
enforcement=vlan
ip=10.0.18.0
type=internal
mask=255.255.255.0

[interface enp0s29u1u5.16]
ip=10.0.16.0
type=other
mask=255.255.255.0

You can put whatever your want like .1 but not .0

[captive_portal]
#
# captive_portal.network_detection_ip
#
# This IP is used as the webserver who hosts the 
common/network-access-detection.gif which is used to detect if network
# access was enabled. 
# It cannot be a domain name since it is used in registration or quarantine 
where DNS is blackholed.
# It is recommended that you allow your users to reach your packetfence server 
and put your LAN's PacketFence IP.
# By default we will make this reach PacketFence's website as an easy solution.
#
network_detection_ip=10.0.0.3

Remove the 10.0.0.3 and keep the default 192.95.20.194 ip address. It will 
break your network detection during the registration process.

I will advice you to do those changes in the admin web interface and then 
restart all service using the cli:

/usr/local/pf/bin/pfcmd service pf restart

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 16, 2020, at 10:20 AM, Goodspeed, William  
> wrote:
> 
> Hey Ludovic,
>  
> I’m Running 10.1 and yes I see that pf-main.pl is present.
>  
> Attached are the conf and screenshot of ipconfig /all for the ethernet 
> interface of the laptop I am testing with.
>  
> Thank you,
>  
> William
>  
>  
>  
> From: Ludovic Zammit mailto:lzam...@inverse.ca>> 
> Sent: Friday, October 16, 2020 8:33 AM
> To: packetfence-users@lists.sourceforge.net 
> 
> Cc: Goodspeed, William  >
> Subject: Re: [PacketFence-users] Getting Registration VLAN DHCP but not 
> getting Portal
>  
> Hello,
>  
> Which PacketFence version are you running ? Is your server patched with 
> addons/pf-maint.pl ?
>  
> Share the conf/pf.conf
>  
> Share a screenshot of the ipconfig /all of the testing device.
>  
> Thanks,
> 
> Ludovic Zammit
> lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
> www.inverse.ca 
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu 
> ) and PacketFence (http://packetfence.org 
> ) 
>  
> 
> 
> 
> 
> On Oct 15, 2020, at 9:56 AM, Goodspeed, William via PacketFence-users 
>  > wrote:
>  
> Good Morning, 
>  
> I am trying to get PF set up and I’ve gotten to the point where I can connect 
> a laptop, PF correctly assigns the switch port the registration VLAN, and it 
> gets a dhcp address from the registration VLAN I created in PF. When I try to 
> open a browser and get to the registration page I get a 
> “err_connection_refused” error and it doesn’t forward me to anything. Any 
> pointers on where to start looking? I’m running on CentOS 7 and have checked 
> that firewalld and selinux are disabled. I’m pretty sure that I have followed 
> the configuration steps correctly but maybe there is something I missed.
>  
> Thank you,
>  
> William G.
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net 
> 
> https://lists.sourceforge.net/lists/listinfo/packetfence-users 
> 
>  
> 

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] haproxy-admin unable to start in a cluster

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Please see inline email.

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 16, 2020, at 8:43 AM, Sonali Gulia  wrote:
> 
> [services]
> #
> # services.pfdhcp
> #
> # Should pfdhcp be managed by PacketFence?
> pfdhcp=disabled
> #
> # services.pfsso
> #
> # Should pfsso be managed by PacketFence?
> pfsso=disabled
> #
> # services.radiusd_acct
> #
> # Should freeradius handling accounting
> radiusd_acct=disabled
> #
> # services.httpd_admin
> #
> # Should httpd.admin be started?
> httpd_admin=disabled
> #
> # services.httpd_collector
> #
> # Should httpd.collector be started?
> httpd_collector=enabled
> #
> # services.snmptrapd
> #
> # Should snmptrapd be managed by PacketFence?
> snmptrapd=enabled
> #
> # services.pfdhcplistener
> #
> # Should pfdhcplistener be started?
> pfdhcplistener=disabled
> # services.pfacct
> #
> # Should pfacct be managed by PacketFence?
> pfacct=disabled
> 
> [advanced]
> #
> # advanced.hash_passwords
> #
> # The algorithm to use to hash the passwords in the local database.
> hash_passwords=plaintext
> # advanced.configurator
> #
> # Enable the Configurator and the Configurator API
> configurator=disabled

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Packetfence 10.2 installation error

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello,

Try that:

yum update --disablerepo=epel --enablerepo=packetfence

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 16, 2020, at 1:30 AM, Hubert Kupper via PacketFence-users 
>  wrote:
> 
> Hello again,
> 
> I deleted all python2 packets and tried to install Packetfence 10.2 but it's 
> still the same error and the installation breaks.
> 
> Best regards,
> 
> Hubert
> 
> Am 13.10.2020 um 07:10 schrieb Hubert Kupper via PacketFence-users:
>> Hello, I get a error while installing Packetfence 10.2 on CentOS 7: 
>> 
>> yum update --enablerepo=packetfence results in: 
>> 
>> -- 
>> ---> Paket libtommath.x86_64 0:0.42.0-6.el7 markiert, um installiert zu 
>> werden 
>> ---> Paket python2-impacket.noarch 0:0.9.21-5.el7 markiert, um installiert 
>> zu werden 
>> --> Abhängigkeit python2-flask wird für Paket 
>> python2-impacket-0.9.21-5.el7.noarch verarbeitet 
>> --> Abhängigkeit python2-pyOpenSSL wird für Paket 
>> python2-impacket-0.9.21-5.el7.noarch verarbeitet 
>> --> Abhängigkeitsauflösung beendet 
>> Fehler: Paket: python2-impacket-0.9.21-5.el7.noarch (epel) 
>> Benötigt: python2-flask 
>> Fehler: Paket: python2-impacket-0.9.21-5.el7.noarch (epel) 
>> Benötigt: python2-pyOpenSSL 
>>  Sie können versuchen, mit --skip-broken das Problem zu umgehen. 
>>  Sie könnten Folgendes versuchen: rpm -Va --nofiles --nodigest 
>> -- 
>> 
>> --skip_broken didn't help. 
>> 
>> Any ideas? 
>> 
>> Best regards, 
>> Hubert 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net 
>> 
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users 
>> 
> -- 
> Hubert Kupper
> Universitaetsrechenzentrum in Landau
> Fortstrasse 7, D-76829 Landau
> Tel: +49 6341/28031173 Fax: +49 6341/28031267
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello,

Which PacketFence version are you running ? Is your server patched with 
addons/pf-maint.pl ?

Share the conf/pf.conf

Share a screenshot of the ipconfig /all of the testing device.

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 15, 2020, at 9:56 AM, Goodspeed, William via PacketFence-users 
>  wrote:
> 
> Good Morning, 
>  
> I am trying to get PF set up and I’ve gotten to the point where I can connect 
> a laptop, PF correctly assigns the switch port the registration VLAN, and it 
> gets a dhcp address from the registration VLAN I created in PF. When I try to 
> open a browser and get to the registration page I get a 
> “err_connection_refused” error and it doesn’t forward me to anything. Any 
> pointers on where to start looking? I’m running on CentOS 7 and have checked 
> that firewalld and selinux are disabled. I’m pretty sure that I have followed 
> the configuration steps correctly but maybe there is something I missed.
>  
> Thank you,
>  
> William G.
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net 
> 
> https://lists.sourceforge.net/lists/listinfo/packetfence-users 
> 
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] haproxy-admin unable to start in a cluster

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello,

Could you provide your conf/pf.conf (remove personal infos if needed)

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 15, 2020, at 10:38 AM, Sonali Gulia via PacketFence-users 
>  wrote:
> 
> hi all ,
> my all services working fine but i am not able to sync because my 
> packetfence-haproxy-admin service not running
> its showing error like
> 
> Parsing [/usr/local/pf/var/conf/haproxy-admin.conf:106]: backend 
> '10.x.x.x-admin' has the same name as backend '10.x.x.x-admin' declared at 
> /usr/local/pf/var/conf/haproxy-admin.conf:80.
> [WARNING] (8872) : parsing [/usr/local/pf/var/conf/haproxy-admin.conf:193] : 
> a 'http-request' rule placed after a 'reqadd' rule will still be processed 
> before.
> [WARNING] (8872) : parsing [/usr/local/pf/var/conf/haproxy-admin.conf:194] : 
> a 'http-request' rule placed after a 'reqadd' rule will still be processed 
> before.
> [ALERT] (8872) : Error(s) found in configuration file : 
> /usr/local/pf/var/conf/haproxy-admin.conf
> [ALERT] (8872) : Fatal errors found in configuration.
> 
> should i create a new certificate or by default ssl certificate will work ?
> 
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Wired online/offline status not working

2020-10-16 Thread Ludovic Zammit via PacketFence-users

Hello Kenny,

PacketFence is looking for Accouting start / stop packet for the online offline.

It looks like the device does not send the Acct-Status-Type: Start or Stop.

Thanks,

Ludovic Zammit
lzam...@inverse.ca  ::  +1.514.447.4918 (x145) ::  
www.inverse.ca 
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) 
and PacketFence (http://packetfence.org ) 




> On Oct 15, 2020, at 5:52 AM, Kenny Wallrath via PacketFence-users 
>  wrote:
> 
> Hi everyone,
> 
> I am currently trying to get the online/offline state working. It
> seems that the state is working if requests are coming from Wireless
> AccessPoints (My device gets registered when online and unregistered
> when offline)
> But if I try the same with my Cisco 2960S switches the nodes remain "unknown".
> 
> From what I understood pfacct supersedes radiusd-acct. The service
> pfacct is running and there is no firewall in between. Switch is
> configured to send accounting to PF on port 1813.
> My switch debug tells me that there is no response from Server, which
> I also can verify on PF side. A TCPDUMP shows that Radius Accounting
> Requests arrive at the PF but no response is being generated.
> If I check the pfacct.log it is empty... I pasted a radsniff on port
> 1813 below...
> 
> Interestingly, if I disable pfacct and enable radiusd-acct a
> Accounting-Reply is generated to the switch but the online/offline
> state remains unknown.
> 
> 2020-10-15 11:42:21.448660 (5) Accounting-Request Id 49
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +10.924
>User-Name = "b8:27:eb:3f:01:c8"
>NAS-IP-Address = 10.0.20.253
>NAS-Port = 50102
>Service-Type = Framed-User
>Framed-IP-Address = 10.0.40.61
>Called-Station-Id = "3C-0E-23-5A-3E-02"
>Calling-Station-Id = "B8-27-EB-3F-01-C8"
>NAS-Port-Type = Ethernet
>Acct-Status-Type = Interim-Update
>Acct-Delay-Time = 10
>Acct-Input-Octets = 15178
>Acct-Output-Octets = 1620296
>Acct-Session-Id = "004B"
>Acct-Authentic = RADIUS
>Acct-Session-Time = 6229
>Acct-Input-Packets = 225
>Acct-Output-Packets = 9530
>NAS-Port-Id = "GigabitEthernet1/0/2"
>PMIP6-Home-HN-Prefix = 3831:3437:4232::/57
>Cisco-AVPair = "audit-session-id=0A0014FD002AC57E41EC"
>Cisco-AVPair = "connect-progress=Auth Open"
>Authenticator-Field = 0xe184ba9b392f14f26741c4f7c64c815a
> 2020-10-15 11:42:21.214706 (4) ** norsp ** Accounting-Request Id 48
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813
> 2020-10-15 11:42:21.214706 (4) Cleaning up request packet ID 48
> 2020-10-15 11:42:26.606010 (6) Accounting-Request Id 50
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +15.940
>User-Name = "b8:27:eb:3f:01:c8"
>NAS-IP-Address = 10.0.20.253
>NAS-Port = 50102
>Service-Type = Framed-User
>Framed-IP-Address = 10.0.40.61
>Called-Station-Id = "3C-0E-23-5A-3E-02"
>Calling-Station-Id = "B8-27-EB-3F-01-C8"
>NAS-Port-Type = Ethernet
>Acct-Status-Type = Interim-Update
>Acct-Delay-Time = 15
>Acct-Input-Octets = 15178
>Acct-Output-Octets = 1620296
>Acct-Session-Id = "004B"
>Acct-Authentic = RADIUS
>Acct-Session-Time = 6229
>Acct-Input-Packets = 225
>Acct-Output-Packets = 9530
>NAS-Port-Id = "GigabitEthernet1/0/2"
>PMIP6-Home-HN-Prefix = 3831:3437:4232::/57
>Cisco-AVPair = "audit-session-id=0A0014FD002AC57E41EC"
>Cisco-AVPair = "connect-progress=Auth Open"
>Authenticator-Field = 0xe77e42cc33f62dcd1164461139b59e6d
> 2020-10-15 11:42:26.244866 (5) ** norsp ** Accounting-Request Id 49
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813
> 2020-10-15 11:42:26.244866 (5) Cleaning up request packet ID 49
> 2020-10-15 11:42:31.260601 (6) ** norsp ** Accounting-Request Id 50
> eth1:10.0.20.253:1646 -> 10.0.20.14:1813
> 2020-10-15 11:42:31.260601 (6) Cleaning up request packet ID 50
> 
> 
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Packetfence 10.2 installation error

2020-10-16 Thread Hubert Kupper via PacketFence-users


Hello again,

I deleted all python2 packets and tried to install Packetfence 10.2 but 
it's still the same error and the installation breaks.


Best regards,

Hubert

Am 13.10.2020 um 07:10 schrieb Hubert Kupper via PacketFence-users:

Hello, I get a error while installing Packetfence 10.2 on CentOS 7:

yum update --enablerepo=packetfence results in:

--
---> Paket libtommath.x86_64 0:0.42.0-6.el7 markiert, um installiert 
zu werden
---> Paket python2-impacket.noarch 0:0.9.21-5.el7 markiert, um 
installiert zu werden
--> Abhängigkeit python2-flask wird für Paket 
python2-impacket-0.9.21-5.el7.noarch verarbeitet
--> Abhängigkeit python2-pyOpenSSL wird für Paket 
python2-impacket-0.9.21-5.el7.noarch verarbeitet

--> Abhängigkeitsauflösung beendet
Fehler: Paket: python2-impacket-0.9.21-5.el7.noarch (epel)
    Benötigt: python2-flask
Fehler: Paket: python2-impacket-0.9.21-5.el7.noarch (epel)
    Benötigt: python2-pyOpenSSL
 Sie können versuchen, mit --skip-broken das Problem zu umgehen.
 Sie könnten Folgendes versuchen: rpm -Va --nofiles --nodigest
--

--skip_broken didn't help.

Any ideas?

Best regards,
Hubert






___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


--
Hubert Kupper
Universitaetsrechenzentrum in Landau
Fortstrasse 7, D-76829 Landau
Tel: +49 6341/28031173 Fax: +49 6341/28031267

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] haproxy-admin unable to start in a cluster

2020-10-16 Thread Sonali Gulia via PacketFence-users

hi all ,
my all services working fine but i am not able to sync because my
packetfence-haproxy-admin service not running
its showing error like

Parsing [/usr/local/pf/var/conf/haproxy-admin.conf:106]: backend
'10.x.x.x-admin' has the same name as backend '10.x.x.x-admin' declared at
/usr/local/pf/var/conf/haproxy-admin.conf:80.
[WARNING] (8872) : parsing [/usr/local/pf/var/conf/haproxy-admin.conf:193]
: a 'http-request' rule placed after a 'reqadd' rule will still be
processed before.
[WARNING] (8872) : parsing [/usr/local/pf/var/conf/haproxy-admin.conf:194]
: a 'http-request' rule placed after a 'reqadd' rule will still be
processed before.
[ALERT] (8872) : Error(s) found in configuration file :
/usr/local/pf/var/conf/haproxy-admin.conf
[ALERT] (8872) : Fatal errors found in configuration.

should i create a new certificate or by default ssl certificate will work ?
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Wired online/offline status not working

2020-10-16 Thread Kenny Wallrath via PacketFence-users

Hi everyone,

I am currently trying to get the online/offline state working. It
seems that the state is working if requests are coming from Wireless
AccessPoints (My device gets registered when online and unregistered
when offline)
But if I try the same with my Cisco 2960S switches the nodes remain "unknown".

>From what I understood pfacct supersedes radiusd-acct. The service
pfacct is running and there is no firewall in between. Switch is
configured to send accounting to PF on port 1813.
My switch debug tells me that there is no response from Server, which
I also can verify on PF side. A TCPDUMP shows that Radius Accounting
Requests arrive at the PF but no response is being generated.
If I check the pfacct.log it is empty... I pasted a radsniff on port
1813 below...

Interestingly, if I disable pfacct and enable radiusd-acct a
Accounting-Reply is generated to the switch but the online/offline
state remains unknown.

2020-10-15 11:42:21.448660 (5) Accounting-Request Id 49
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +10.924
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 10.0.40.61
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Interim-Update
Acct-Delay-Time = 10
Acct-Input-Octets = 15178
Acct-Output-Octets = 1620296
Acct-Session-Id = "004B"
Acct-Authentic = RADIUS
Acct-Session-Time = 6229
Acct-Input-Packets = 225
Acct-Output-Packets = 9530
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3831:3437:4232::/57
Cisco-AVPair = "audit-session-id=0A0014FD002AC57E41EC"
Cisco-AVPair = "connect-progress=Auth Open"
Authenticator-Field = 0xe184ba9b392f14f26741c4f7c64c815a
2020-10-15 11:42:21.214706 (4) ** norsp ** Accounting-Request Id 48
eth1:10.0.20.253:1646 -> 10.0.20.14:1813
2020-10-15 11:42:21.214706 (4) Cleaning up request packet ID 48
2020-10-15 11:42:26.606010 (6) Accounting-Request Id 50
eth1:10.0.20.253:1646 -> 10.0.20.14:1813 +15.940
User-Name = "b8:27:eb:3f:01:c8"
NAS-IP-Address = 10.0.20.253
NAS-Port = 50102
Service-Type = Framed-User
Framed-IP-Address = 10.0.40.61
Called-Station-Id = "3C-0E-23-5A-3E-02"
Calling-Station-Id = "B8-27-EB-3F-01-C8"
NAS-Port-Type = Ethernet
Acct-Status-Type = Interim-Update
Acct-Delay-Time = 15
Acct-Input-Octets = 15178
Acct-Output-Octets = 1620296
Acct-Session-Id = "004B"
Acct-Authentic = RADIUS
Acct-Session-Time = 6229
Acct-Input-Packets = 225
Acct-Output-Packets = 9530
NAS-Port-Id = "GigabitEthernet1/0/2"
PMIP6-Home-HN-Prefix = 3831:3437:4232::/57
Cisco-AVPair = "audit-session-id=0A0014FD002AC57E41EC"
Cisco-AVPair = "connect-progress=Auth Open"
Authenticator-Field = 0xe77e42cc33f62dcd1164461139b59e6d
2020-10-15 11:42:26.244866 (5) ** norsp ** Accounting-Request Id 49
eth1:10.0.20.253:1646 -> 10.0.20.14:1813
2020-10-15 11:42:26.244866 (5) Cleaning up request packet ID 49
2020-10-15 11:42:31.260601 (6) ** norsp ** Accounting-Request Id 50
eth1:10.0.20.253:1646 -> 10.0.20.14:1813
2020-10-15 11:42:31.260601 (6) Cleaning up request packet ID 50


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] FortiGate EAP Type Issue having similar issue at this

2020-10-16 Thread rahim damji via PacketFence-users

I can post my debug if needed
Thanks
Rahim___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

2020-10-16 Thread Goodspeed, William via PacketFence-users

Good Morning,

I am trying to get PF set up and I've gotten to the point where I can connect a 
laptop, PF correctly assigns the switch port the registration VLAN, and it gets 
a dhcp address from the registration VLAN I created in PF. When I try to open a 
browser and get to the registration page I get a "err_connection_refused" error 
and it doesn't forward me to anything. Any pointers on where to start looking? 
I'm running on CentOS 7 and have checked that firewalld and selinux are 
disabled. I'm pretty sure that I have followed the configuration steps 
correctly but maybe there is something I missed.

Thank you,

William G.
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

Re: [PacketFence-users] Cannot Synchronize MariaDB in Distributed Cluster

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

Re: [PacketFence-users] Cannot Synchronize MariaDB in Distributed Cluster

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

Re: [PacketFence-users] FortiGate EAP Type Issue having similar issue at this

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

[PacketFence-users] Cannot Synchronize MariaDB in Distributed Cluster

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

Re: [PacketFence-users] haproxy-admin unable to start in a cluster

Re: [PacketFence-users] Packetfence 10.2 installation error

Re: [PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

Re: [PacketFence-users] haproxy-admin unable to start in a cluster

Re: [PacketFence-users] Wired online/offline status not working

Re: [PacketFence-users] Packetfence 10.2 installation error

[PacketFence-users] haproxy-admin unable to start in a cluster

[PacketFence-users] Wired online/offline status not working

[PacketFence-users] FortiGate EAP Type Issue having similar issue at this

[PacketFence-users] Getting Registration VLAN DHCP but not getting Portal

21 matches

Site Navigation

Mail list logo

Footer information