Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA)

2024-01-05 Thread Ievgen Lepekha via PacketFence-users 
Hello,
Yes, of course.
File in attach

Device’s mac: a8:64:f1:d7:fa:e6



From: Fabrice Durand 
Sent: Friday, January 5, 2024 5:34 PM
To: packetfence-users@lists.sourceforge.net
Cc: Ievgen Lepekha 
Subject: Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA)

Hello Levgen,

can you provide the packetfence.log snippet when you register on the portal ?

Regards
Fabrice


Le ven. 5 janv. 2024 à 08:18, Ievgen Lepekha via PacketFence-users 
mailto:packetfence-users@lists.sourceforge.net>>
 a écrit :
Hi, all,
Need help.

I was integrate PacketFence 13 with Cisco WLC 3504, configured SSID with 
open+mac-filter (radius enabled), 2 ACL's.
Guest on first connection are redirected to captive-portal.
After registration PacketFence should return a new role, but this does not 
happen automatically, PF does not sent CoA packets to WLC, on Switch "Use CoA" 
enabled, CoA port is 1700(I've tried with port 3799 but nothing works - the 
same result).

If manualy reсonnect device to SSID (disconnect/connect) then everything works 
(WLC will send a new RADIUS request and PacketFence should return a new role 
and necessary ACL).

Help, please with Radius CoA for automatically change roles.

In PF use default template "WLC"
From TCPDUMP on PacketFence on ports 1700 and 3799 - nothing
Also with radclient
"radsniff -x -p 1700" - empty

(Cisco Controller) >show radius summary

Vendor Id Backward Compatibility. Disabled
Call Station Id Case. lower
Accounting Call Station Id Type.. Mac Address
Auth Call Station Id Type AP's Radio MAC Address:SSID
Extended Source Ports Support Enabled
Aggressive Failover.. Disabled
Keywrap.. Disabled
Fallback Test:
Test Mode Active
Probe User Name.. cisco-probe
Interval (in seconds) 300
MAC Delimiter for Authentication Messages hyphen
MAC Delimiter for Accounting Messages hyphen
RADIUS Authentication Framed-MTU. 1300 Bytes
AP Events Accounting. Disabled

Authentication Servers

Idx  Type  Server AddressPortState Tout  MgmtTout  RFC3576  IPSec - 
state/Profile Name/RadiusRegionString
---      --        ---  
---
6  * N  1812Enabled   5 5 Enabled   Disabled - /none

Accounting Servers

Idx  Type  Server AddressPortState Tout  MgmtTout  RFC3576  IPSec - 
state/Profile Name/RadiusRegionString
---      --        ---  
---
6  * N  1813Enabled   5 5 N/A   Disabled - /none


(Cisco Controller) >show radius rfc3576 statistics
RFC-3576 Servers:
Server Index. 6
Server Address... 
Disconnect-Requests.. 0
COA-Requests. 0
Retransmitted Requests... 0
Malformed Requests... 0
Bad Authenticator Requests... 0
Other Drops.. 0
Sent Disconnect-Ack.. 0
Sent Disconnect-Nak.. 0
Sent CoA-Ack. 0
Sent CoA-Nak. 0
Best Regards,
Yevgen Lepekha
Network engineer
ERC  Kyiv, Ukraine
tel office: +380 44 230 34 74 (1132)

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users


packetfence.log
Description: packetfence.log
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] CP Sponsor authentication module page configuration

2024-01-05 Thread Fabrice Durand via PacketFence-users 
Hello Mourtouza,

yes it's possible and can be done in the locale file.
edit this file
https://github.com/inverse-inc/packetfence/blob/devel/conf/locale/fr/LC_MESSAGES/packetfence.po#L1352
and remplace "Courriel du sponsor" by "Email du Responsable Invité" and
save the file.

Once done:
cd /usr/local/pf/
make translation

and restart packetfence.

Regards
Fabrice


Le ven. 5 janv. 2024 à 08:17, Mourtouza AKBARALY via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :

> Hello,
>
>
>
> I would like to know if there is a possibility to change fields name in
> the captive portal sponsor page login ?
>
> I have created a custom module for the sponsor login via the Advanced
> Access Configuration > Portal modules.
>
>
>
> I would like to change on the form, fields name that are showing :
>
>
>
> For “COURRIEL” I would like to show “Guest Email”
>
> &
>
> For “ COURRIEL DU SPONSOR” I would like to show “ Email du Responsable
> Invité”
>
>
>
>
>
> Thank you for your help 
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA)

2024-01-05 Thread Fabrice Durand via PacketFence-users 
Hello Levgen,

can you provide the packetfence.log snippet when you register on the portal
?

Regards
Fabrice


Le ven. 5 janv. 2024 à 08:18, Ievgen Lepekha via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :

> Hi, all,
>
> Need help.
>
>
>
> I was integrate PacketFence 13 with Cisco WLC 3504, configured SSID with
> open+mac-filter (radius enabled), 2 ACL's.
>
> Guest on first connection are redirected to captive-portal.
>
> After registration PacketFence should return a new role, but this does not
> happen automatically, PF does not sent CoA packets to WLC, on Switch "Use
> CoA" enabled, CoA port is 1700(I've tried with port 3799 but nothing works
> - the same result).
>
>
>
> If manualy reсonnect device to SSID (disconnect/connect) then everything
> works (WLC will send a new RADIUS request and PacketFence should return a
> new role and necessary ACL).
>
>
>
> Help, please with Radius CoA for automatically change roles.
>
>
>
> In PF use default template "WLC"
>
> From TCPDUMP on PacketFence on ports 1700 and 3799 - nothing
>
> Also with radclient
>
> "radsniff -x -p 1700" - empty
>
>
>
> (Cisco Controller) >show radius summary
>
>
>
> Vendor Id Backward Compatibility. Disabled
>
> Call Station Id Case. lower
>
> Accounting Call Station Id Type.. Mac Address
>
> Auth Call Station Id Type AP's Radio MAC
> Address:SSID
>
> Extended Source Ports Support Enabled
>
> Aggressive Failover.. Disabled
>
> Keywrap.. Disabled
>
> Fallback Test:
>
> Test Mode Active
>
> Probe User Name.. cisco-probe
>
> Interval (in seconds) 300
>
> MAC Delimiter for Authentication Messages hyphen
>
> MAC Delimiter for Accounting Messages hyphen
>
> RADIUS Authentication Framed-MTU. 1300 Bytes
>
> AP Events Accounting. Disabled
>
>
>
> Authentication Servers
>
>
>
> Idx  Type  Server AddressPortState Tout  MgmtTout  RFC3576
> IPSec - state/Profile Name/RadiusRegionString
>
> ---      --        ---
> ---
>
> 6  * N  1812Enabled   5 5 Enabled   Disabled -
> /none
>
>
>
> Accounting Servers
>
>
>
> Idx  Type  Server AddressPortState Tout  MgmtTout  RFC3576
> IPSec - state/Profile Name/RadiusRegionString
>
> ---      --        ---
> ---
>
> 6  * N  1813Enabled   5 5 N/A   Disabled -
> /none
>
>
>
>
>
> (Cisco Controller) >show radius rfc3576 statistics
>
> RFC-3576 Servers:
>
> Server Index. 6
>
> Server Address... 
>
> Disconnect-Requests.. 0
>
> COA-Requests. 0
>
> Retransmitted Requests... 0
>
> Malformed Requests... 0
>
> Bad Authenticator Requests... 0
>
> Other Drops.. 0
>
> Sent Disconnect-Ack.. 0
>
> Sent Disconnect-Nak.. 0
>
> Sent CoA-Ack. 0
>
> Sent CoA-Nak. 0
>
> Best Regards,
>
> Yevgen Lepekha
>
> Network engineer
>
> ERC  Kyiv, Ukraine
>
> tel office: +380 44 230 34 74 (1132)
>
>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] Cisco WLC and guest reconnect issue (CoA)

2024-01-05 Thread Ievgen Lepekha via PacketFence-users 
Hi, all,
Need help.

I was integrate PacketFence 13 with Cisco WLC 3504, configured SSID with 
open+mac-filter (radius enabled), 2 ACL's.
Guest on first connection are redirected to captive-portal.
After registration PacketFence should return a new role, but this does not 
happen automatically, PF does not sent CoA packets to WLC, on Switch "Use CoA" 
enabled, CoA port is 1700(I've tried with port 3799 but nothing works - the 
same result).

If manualy reсonnect device to SSID (disconnect/connect) then everything works 
(WLC will send a new RADIUS request and PacketFence should return a new role 
and necessary ACL).

Help, please with Radius CoA for automatically change roles.

In PF use default template "WLC"
>From TCPDUMP on PacketFence on ports 1700 and 3799 - nothing
Also with radclient
"radsniff -x -p 1700" - empty

(Cisco Controller) >show radius summary

Vendor Id Backward Compatibility. Disabled
Call Station Id Case. lower
Accounting Call Station Id Type.. Mac Address
Auth Call Station Id Type AP's Radio MAC Address:SSID
Extended Source Ports Support Enabled
Aggressive Failover.. Disabled
Keywrap.. Disabled
Fallback Test:
Test Mode Active
Probe User Name.. cisco-probe
Interval (in seconds) 300
MAC Delimiter for Authentication Messages hyphen
MAC Delimiter for Accounting Messages hyphen
RADIUS Authentication Framed-MTU. 1300 Bytes
AP Events Accounting. Disabled

Authentication Servers

Idx  Type  Server AddressPortState Tout  MgmtTout  RFC3576  IPSec - 
state/Profile Name/RadiusRegionString
---      --        ---  
---
6  * N  1812Enabled   5 5 Enabled   Disabled - /none

Accounting Servers

Idx  Type  Server AddressPortState Tout  MgmtTout  RFC3576  IPSec - 
state/Profile Name/RadiusRegionString
---      --        ---  
---
6  * N  1813Enabled   5 5 N/A   Disabled - /none


(Cisco Controller) >show radius rfc3576 statistics
RFC-3576 Servers:
Server Index. 6
Server Address... 
Disconnect-Requests.. 0
COA-Requests. 0
Retransmitted Requests... 0
Malformed Requests... 0
Bad Authenticator Requests... 0
Other Drops.. 0
Sent Disconnect-Ack.. 0
Sent Disconnect-Nak.. 0
Sent CoA-Ack. 0
Sent CoA-Nak. 0
Best Regards,
Yevgen Lepekha
Network engineer
ERC  Kyiv, Ukraine
tel office: +380 44 230 34 74 (1132)

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

[PacketFence-users] CP Sponsor authentication module page configuration

2024-01-05 Thread Mourtouza AKBARALY via PacketFence-users 
Hello,

I would like to know if there is a possibility to change fields name in the 
captive portal sponsor page login ?
I have created a custom module for the sponsor login via the Advanced Access 
Configuration > Portal modules.

I would like to change on the form, fields name that are showing :

For “COURRIEL” I would like to show “Guest Email”
&
For “ COURRIEL DU SPONSOR” I would like to show “ Email du Responsable Invité”


Thank you for your help 
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users