Re: [PacketFence-users] Question about the Self Service Portal

2021-12-13 Thread Simon Sutcliffe via PacketFence-users 
Hi Team

Any chance of a yes or no answer to this one please?

Kind Regards

Simon



Sent from my Galaxy



 Original message 
From: Simon Sutcliffe 
Date: 10/12/2021 13:03 (GMT+00:00)
To: packetfence-users@lists.sourceforge.net
Cc: lmarc...@akamai.com
Subject: Question about the Self Service Portal

Hi Team

We are working on the topic of having our staff to manage their own personal 
devices using DPSK.  We have enabled the self service portal and we are looking 
into the authorisation of the user portal.

[Graphical user interface, application  Description automatically generated]

We would like to understand if this portal can be reached with OpenID (Auth2) 
sources.  We have one configured but it does not appear here as an option nor 
is it mentioned in the self service configuration area..

Kind Regards

Simon

Simon Sutcliffe
IT Architect, Workplace Solutions
T +44 1733 336600 | M +44 7775 823368 | E 
simon.sutcli...@rhdhv.com  | W 
www.royalhaskoningdhv.com
HaskoningDHV UK Ltd., a company of Royal HaskoningDHV

[cid:image001.jpg@01D7EDC5.486F4170]



Royal HaskoningDHV - Internal Use Only

This email and any attachments are intended solely for the use of the 
addressee(s); disclosure or copying by others than the intended person(s) is 
strictly prohibited. If you have received this email in error, please treat 
this email as confidential, notify the sender and delete all copies of the 
email immediately
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] PF 11 host index.xhtml "advertisement/announcement"...

2021-12-13 Thread John Gammon via PacketFence-users 
Good afternoon, everyone.

We have a very light install of packet fence.  We are using it as an isolation 
network for unpaid subscribers.

I want to host a simple webpage on the PF server to "advertise and announce" 
the reason the customer is unable to use the internet services at that time.  
Is there a direction or instruction set for getting this done?  I have already 
designed and created the webpage (e.g. default.html, default.xhtml, index.html, 
and index.xhtml) file to use and the redirect is already working for us.

Thanks,

John

John Gammon
Network Engineer
Forked Deer Electric Cooperative, Inc./Forked Deer Connect, LLC.
Halls, TN  38040
desk ph:  731-903-4282
cell ph:  317-213-9666
email:  john.gam...@forkeddeer.com


John Gammon

Network Engineer

Office   731-903-4282

john.gam...@forkeddeer.com

[fdec logo]

1135 North Church Street

PO Box 67

Halls, TN 38040

www.forkeddeer.com
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] PF 11 host index.xhtml "advertisement/announcement"...

2021-12-13 Thread John Gammon via PacketFence-users 
Good afternoon, everyone.

We have a very light install of packet fence.  We are using it as an isolation 
network for unpaid subscribers.

I want to host a simple webpage on the PF server to "advertise and announce" 
the reason the customer is unable to use the internet services at that time.  
Is there a direction or instruction set for getting this done?  I have already 
designed and created the webpage (e.g. default.html, default.xhtml, index.html, 
and index.xhtml) file to use and the redirect is already working for us.

Thanks,
John


John Gammon
Network Engineer
Forked Deer Electric Cooperative, Inc./Forked Deer Connect, LLC.
Halls, TN  38040
desk ph:  731-903-4282

John Gammon

Network Engineer

Office   731-903-4282

john.gam...@forkeddeer.com

[fdec logo]

1135 North Church Street

PO Box 67

Halls, TN 38040

www.forkeddeer.com


___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Apache Log4j Vulnerability

2021-12-13 Thread Fabrice Durand via PacketFence-users 
It´s NOT

Le lun. 13 déc. 2021 à 15:29, Erich Flynn via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :

> Can we confirm PacketFence is not subject to CVE-2021-44228?
> Chat
> Spaces1
> Meet
> New meetingMy meetings
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Apache Log4j Vulnerability

2021-12-13 Thread Erich Flynn via PacketFence-users 
Can we confirm PacketFence is not subject to CVE-2021-44228?
Chat
Spaces1
Meet
New meetingMy meetings
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Cisco 2960X - Unable to grant privileged CLI Access

2021-12-13 Thread Misbah Hussaini via PacketFence-users 
Hello,

I'm trying to configure CLI access for admins via PF. I'm so far able to
make the admins login to the switch CLI, however when they try to enter
enable mode they receive "% Error in Authentication" message.

I tried and checked the radius.log which shows a successful authentication.
I have also enabled the checkbox on the switch config to allow cli access.
I understand that I need to send Cisco-AVPair for privileged access to work
but dunno where it is set.

Can someone pls help to grant the enable mode access on the switch via PF
Freeradius.

Below is the log from raddebug.

(747) Mon Dec 13 19:08:16 2021: Debug: Received Access-Request Id 20 from
10.141.254.40:1645 to 192.168.197.90:1812 length 81
(747) Mon Dec 13 19:08:16 2021: Debug:   User-Name = "testuser123"
(747) Mon Dec 13 19:08:16 2021: Debug:   User-Password = "cleartextpassword"
(747) Mon Dec 13 19:08:16 2021: Debug:   NAS-Port = 2
(747) Mon Dec 13 19:08:16 2021: Debug:   NAS-Port-Id = "tty2"
(747) Mon Dec 13 19:08:16 2021: Debug:   NAS-Port-Type = Virtual
(747) Mon Dec 13 19:08:16 2021: Debug:   NAS-IP-Address = 192.168.254.40
(747) Mon Dec 13 19:08:16 2021: Debug: # Executing section authorize from
file /usr/local/pf/raddb/sites-enabled/packetfence
(747) Mon Dec 13 19:08:16 2021: Debug:   authorize {
(747) Mon Dec 13 19:08:16 2021: Debug: policy
packetfence-nas-ip-address {
(747) Mon Dec 13 19:08:16 2021: Debug:   if (!NAS-IP-Address ||
NAS-IP-Address == "0.0.0.0"){
(747) Mon Dec 13 19:08:16 2021: Debug:   if (!NAS-IP-Address ||
NAS-IP-Address == "0.0.0.0") -> FALSE
(747) Mon Dec 13 19:08:16 2021: Debug: } # policy
packetfence-nas-ip-address = notfound
(747) Mon Dec 13 19:08:16 2021: Debug: update {
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND %{Packet-Src-IP-Address}
(747) Mon Dec 13 19:08:16 2021: Debug:  --> 192.168.254.40
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND %{Packet-Dst-IP-Address}
(747) Mon Dec 13 19:08:16 2021: Debug:  --> 192.168.197.90
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND %l
(747) Mon Dec 13 19:08:16 2021: Debug:  --> 1639408096
(747) Mon Dec 13 19:08:16 2021: Debug: } # update = noop
(747) Mon Dec 13 19:08:16 2021: Debug: policy
packetfence-set-realm-if-machine {
(747) Mon Dec 13 19:08:16 2021: Debug:   if (User-Name =~
/host\/([a-z0-9_-]*)[\.](.*)/i) {
(747) Mon Dec 13 19:08:16 2021: Debug:   if (User-Name =~
/host\/([a-z0-9_-]*)[\.](.*)/i)  -> FALSE
(747) Mon Dec 13 19:08:16 2021: Debug: } # policy
packetfence-set-realm-if-machine = noop
(747) Mon Dec 13 19:08:16 2021: Debug: policy
packetfence-balanced-key-policy {
(747) Mon Dec 13 19:08:16 2021: Debug:   if (
&& ( =~ /^(.*)(.)$/i)) {
(747) Mon Dec 13 19:08:16 2021: Debug:   if (
&& ( =~ /^(.*)(.)$/i))  -> FALSE
(747) Mon Dec 13 19:08:16 2021: Debug:   else {
(747) Mon Dec 13 19:08:16 2021: Debug: update {
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND
%{md5:%{Calling-Station-Id}%{User-Name}}
(747) Mon Dec 13 19:08:16 2021: Debug:  -->
7674cdd55c6099b093d1b9dcdda01825
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND
%{md5:%{Calling-Station-Id}%{User-Name}}
(747) Mon Dec 13 19:08:16 2021: Debug:  -->
7674cdd55c6099b093d1b9dcdda01825
(747) Mon Dec 13 19:08:16 2021: Debug: } # update = noop
(747) Mon Dec 13 19:08:16 2021: Debug:   } # else = noop
(747) Mon Dec 13 19:08:16 2021: Debug: } # policy
packetfence-balanced-key-policy = noop
(747) Mon Dec 13 19:08:16 2021: Debug: policy packetfence-set-tenant-id
{
(747) Mon Dec 13 19:08:16 2021: Debug:   if (!NAS-IP-Address ||
NAS-IP-Address == "0.0.0.0"){
(747) Mon Dec 13 19:08:16 2021: Debug:   if (!NAS-IP-Address ||
NAS-IP-Address == "0.0.0.0") -> FALSE
(747) Mon Dec 13 19:08:16 2021: Debug:   if (
"%{%{control:PacketFence-Tenant-Id}:-0}" == "0") {
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND
%{%{control:PacketFence-Tenant-Id}:-0}
(747) Mon Dec 13 19:08:16 2021: Debug:  --> 0
(747) Mon Dec 13 19:08:16 2021: Debug:   if (
"%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  -> TRUE
(747) Mon Dec 13 19:08:16 2021: Debug:   if (
"%{%{control:PacketFence-Tenant-Id}:-0}" == "0")  {
(747) Mon Dec 13 19:08:16 2021: Debug: update control {
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND %{User-Name}
(747) Mon Dec 13 19:08:16 2021: Debug:  --> testuser123
(747) Mon Dec 13 19:08:16 2021: Debug:   SQL-User-Name set to
'testuser123'
(747) Mon Dec 13 19:08:16 2021: Debug:   Executing select query:
 SELECT IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname =
'192.168.254.40'), 0)
(747) Mon Dec 13 19:08:16 2021: Debug:   EXPAND %{sql: SELECT
IFNULL((SELECT tenant_id FROM radius_nas WHERE nasname =
'%{NAS-IP-Address}'), 0)}
(747) Mon Dec 13 19:08:16 2021: Debug:  --> 1
(747) Mon Dec 13 19:08:16 2021: Debug: } # update control = noop
(747) Mon Dec 13

Re: [PacketFence-users] unable to login after restarting services

2021-12-13 Thread IS AppSec (IT/Chennai) via PacketFence-users 
Dear Team,


Any update on the below query?


Regards

Arun
Information Security Analyst
Networks & Security - FT
Phone: +91 9750831454
P Please don't print this email unless you really need. Save Papers, Save 
Trees, Save Earth.
[cid:image011.png@01D54BB1.75016D20]

  [Description: Description: Description: Description: Description: 
Description: Description: C:\Users\5025785\Downloads\facebook.png] 
  [Description: Description: Description: 
Description: Description: Description: Description: 
C:\Users\5025785\Downloads\twitter (1).png]   
[Description: Description: Description: Description: Description: Description: 
Description: C:\Users\5025785\Downloads\linkedin.png] 
  [Description: 
Description: Description: Description: Description: Description: Description: 
C:\Users\5025785\Downloads\world-wide-web (1).png] 



From: IS AppSec (IT/Chennai) via PacketFence-users 

Sent: 10/12/2021 18:01
To: packetfence-users@lists.sourceforge.net
Cc: IS AppSec (IT/Chennai) 
Subject: [PacketFence-users] unable to login after restarting services
Importance: High


CAUTION: This email originated from outside of the organization. Do not click 
links or open attachments unless you recognize the sender and know the content 
is safe.
Dear Team,


I have clicked "restart all" option after a configuration change.

While doing so I got some error messages in the notifications tab.

After sometime when I am logging in to the web portal I am getting an error 
message "Wasn't able to authenticate those credentials" and I could not access 
web portal.

But I can able to get SSH access. Kindly help me on this to recover the console.


Regards

Arun
Information Security Analyst
Networks & Security
Phone: +91 9750831454
P Please don't print this email unless you really need. Save Papers, Save 
Trees, Save Earth.
[cid:image011.png@01D54BB1.75016D20]

  [Description: Description: Description: Description: Description: 
Description: Description: C:\Users\5025785\Downloads\facebook.png] 

  [Description: Description: Description: Description: Description: 
Description: Description: C:\Users\5025785\Downloads\twitter (1).png] 

  [Description: Description: Description: Description: Description: 
Description: Description: C:\Users\5025785\Downloads\linkedin.png] 

  [Description: Description: Description: Description: Description: 
Description: Description: C:\Users\5025785\Downloads\world-wide-web (1).png] 


This message (including any attachments) is intended only for the use of the 
individual or entity to which it is addressed and may contain Information that 
is non-public, proprietary, privileged, confidential, and exempt from 
disclosure under applicable law or may constitute as attorney work product. If 
you are not the intended recipient, you may please note that any use, 
dissemination, distribution, or copying of this communication is strictly 
prohibited. If you have received this communication in error, please notify us 
immediately by telephone and (i) destroy this message if a facsimile or (ii) 
delete this message immediately if this is an electronic communication
This message (including any attachments) is intended only for the use of the 
individual or entity to which it is addressed and may contain Information that 
is non-public, proprietary,