Re: [PacketFence-users] Unifi switch CoA support
::accounting_events_history::latest_mac_history) Thank you! -- Francis Le lun. 20 mars 2023 à 14:17, Francis a écrit : > I got it working by using Ubiquiti::EdgeSwitch switch type via SNMP (even > if I have Unifi switches, not EdgeSwitch). > > Thank you! > > -- > Francis > > > Le mer. 15 mars 2023 à 16:33, Fabrice Durand a > écrit : > >> Based on the code, it's not supported (i did it a long time ago) and you >> have to use the snmp method to reevaluate the access. >> Btw if you are able to configure it on the switch side then the >> packetfence switch module will need to be adapted. >> >> Regards >> Fabrice >> >> >> Le mer. 15 mars 2023 à 16:29, Francis a écrit : >> >>> Oh, great! I was able to enable CoA for an Unifi AP with the legacy UI >>> then I was able to configure PF. My PF configuration now works great to >>> manage a wifi network. >>> >>> Now I wonder if CoA is also supported for unifi switch/wired networks? I >>> would like to use 802.1x with device authentication and a captive portal >>> for guest users. Can I use Unifi switches with PF? I can successfully >>> authenticate my device to the radius server with 802.1x, but without CoA >>> support, I understand that PF is unable to move the device to the required >>> vlan (my device gets no IP from the dhcp server). >>> >>> Thank you! >>> >>> >>> Le mar. 14 mars 2023 à 16:08, Fabrice Durand a >>> écrit : >>> >>>> Hello Francis, >>>> >>>> if i am not wrong you should be able to see the option if you switch to >>>> the legacy view of the controller. >>>> Also you can connect on the AP (ssh) and see if the port 3799 UDP is >>>> listening. >>>> >>>> Regards >>>> >>>> Fabrice >>>> >>>> >>>> Le mar. 14 mars 2023 à 15:50, Francis via PacketFence-users < >>>> packetfence-users@lists.sourceforge.net> a écrit : >>>> >>>>> Hello, >>>>> >>>>> I wonder if someone is using Unifi switches with packetfence? I >>>>> understand I need to activate CoA support to make it working with PF. >>>>> >>>>> I found release notes that say it was added by Ubiquiti in version >>>>> 5.12.22 of Unifi Controller. I found old screenshots that show the options >>>>> but I fail to find it in the newest version (Unifi controller 7.3.83 with >>>>> all firmware up to date). >>>>> >>>>> I found some posts in the UI forums of others wondering the same thing >>>>> but they never got answers and Ubiquiti support failed to reply to my >>>>> ticket for almost a week. So I wonder... maybe they just silently dropped >>>>> CoA support? >>>>> >>>>> Thanks! >>>>> >>>>> -- >>>>> Francis >>>>> ___ >>>>> PacketFence-users mailing list >>>>> PacketFence-users@lists.sourceforge.net >>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>> >>>> ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] 802.1x machine authentication under Linux
Hello, I was able to configure Packetfence to do machine authentication for Windows desktops. I'm using AD as an authentication source configured with the computers OU, so user authentication is not possible. This works fine for both wired 802.1x and WPA2-Enterprise wifi. Now I wonder how to do the same thing I did on Windows on my Linux (Ubuntu) desktops. Like Windows desktops, we joined them to our AD domain (with sssd). So I guess there is a way to authenticate the computers with the AD computer object, but I fail to see how to do it after I did multiple searches. Network-Manager seems to only allow user-inputed credentials for PEAP/MSCHAPv2 authentication. The goal is to authorize only corporate devices in the employees vlan. All other unknown devices are restricted to the guest vlan. This is why I'm trying to do computer auth and not user auth. Thank you. -- Francis ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Unifi switch CoA support
Oh, great! I was able to enable CoA for an Unifi AP with the legacy UI then I was able to configure PF. My PF configuration now works great to manage a wifi network. Now I wonder if CoA is also supported for unifi switch/wired networks? I would like to use 802.1x with device authentication and a captive portal for guest users. Can I use Unifi switches with PF? I can successfully authenticate my device to the radius server with 802.1x, but without CoA support, I understand that PF is unable to move the device to the required vlan (my device gets no IP from the dhcp server). Thank you! Le mar. 14 mars 2023 à 16:08, Fabrice Durand a écrit : > Hello Francis, > > if i am not wrong you should be able to see the option if you switch to > the legacy view of the controller. > Also you can connect on the AP (ssh) and see if the port 3799 UDP is > listening. > > Regards > > Fabrice > > > Le mar. 14 mars 2023 à 15:50, Francis via PacketFence-users < > packetfence-users@lists.sourceforge.net> a écrit : > >> Hello, >> >> I wonder if someone is using Unifi switches with packetfence? I >> understand I need to activate CoA support to make it working with PF. >> >> I found release notes that say it was added by Ubiquiti in version >> 5.12.22 of Unifi Controller. I found old screenshots that show the options >> but I fail to find it in the newest version (Unifi controller 7.3.83 with >> all firmware up to date). >> >> I found some posts in the UI forums of others wondering the same thing >> but they never got answers and Ubiquiti support failed to reply to my >> ticket for almost a week. So I wonder... maybe they just silently dropped >> CoA support? >> >> Thanks! >> >> -- >> Francis >> ___ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] Unifi switch CoA support
Hello, I wonder if someone is using Unifi switches with packetfence? I understand I need to activate CoA support to make it working with PF. I found release notes that say it was added by Ubiquiti in version 5.12.22 of Unifi Controller. I found old screenshots that show the options but I fail to find it in the newest version (Unifi controller 7.3.83 with all firmware up to date). I found some posts in the UI forums of others wondering the same thing but they never got answers and Ubiquiti support failed to reply to my ticket for almost a week. So I wonder... maybe they just silently dropped CoA support? Thanks! -- Francis ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
