Re: [PacketFence-users] Captive Portal and DACLs problems on version 12.2 (Aruba 2930M)
Hello Yassine, I backported a fix for that on 12.2 , the new package should be available tomorrow. Regards Fabrice Le mar. 9 mai 2023 à 08:28, TISSIR, Yassine via PacketFence-users < packetfence-users@lists.sourceforge.net> a écrit : > Still stuck on the same problem > Any suggestion would be really appreciated > > Le lun. 3 avr. 2023 à 23:20, TISSIR, Yassine <56...@etu.he2b.be> a écrit : > >> Hello everyone , >> I'm currently testing packetfence for my company. I started with version >> 11.2 but I decided to upgrade to 12.2 because of an issue that I think >> prevented getting the captive portal to work in vlan enforcement mode (A >> guest computer placed in the registration VLAN was redirected to >> "packetfence.domain/captive-portal" that points to 66.70.255.147 but the >> page was loading indefinitely). The problem is that after the update I have >> the following error when trying to save ACLs for registration VLAN: >> >> "AccessListMapping.0.accesslist: WARNING: Syntax error in >> ACL:packetfence, near: >in<. >> "config/switch/192.168.1.10" >> >> I also had an AD authentication source for the domain computers that >> worked fine before the update, but stopped working now (Audit tab shows >> successfuls authentications, but the computers don't get internet access >> anymore). >> >> Here is my switches.conf : >> >> [default] >> description=aruba sw >> VlanMap=N >> ExternalPortalEnforcement=Y >> deauthOnPrevious=N >> [192.168.1.10] >> group=default >> description=ARUBA 2930 >> wsPwd=xx >> wsUser=xx >> SNMPPrivProtocolWrite=md5 >> SNMPPrivProtocolRead=md5 >> SNMPAuthProtocolRead=md5 >> SNMPAuthProtocolWrite=md5 >> SNMPUserNameWrite=xx >> SNMPVersion=3 >> SNMPUserNameRead=xx >> SNMPAuthPasswordWrite=xx >> SNMPAuthPasswordRead=xx >> SNMPPrivPasswordRead=xx >> SNMPPrivPasswordWrite=xx >> SNMPEngineID=xx >> SNMPPrivProtocolTrap=AES >> SNMPUserNameTrap=xx >> SNMPAuthProtocolTrap=md5 >> SNMPVersionTrap=3 >> SNMPAuthPasswordTrap=xx >> SNMPPrivPasswordTrap=xx >> guestVlan=10 >> defaultVlan=10 >> registrationVlan=20 >> type=Aruba::2930M >> radiusSecret=xx >> VlanMap=Y >> coaPort=3799 >> isolationVlan=99 >> UserVlan=10 >> macDetectionVlan=20 >> ExternalPortalEnforcement=N >> registrationUrl=http://192.168.1.4/Aruba::2930M >> UrlMap=Y >> AccessListMap=Y >> >> >> The ACLS that I try to save are the one from the Network Devices >> Configuration Guide for Aruba 2930 switch: >> >> permit in tcp from any to 192.168.1.4 80 >> permit in tcp from any to 192.168.1.4 443 >> deny in tcp from any to any 80 cpy >> deny in tcp from any to any 443 cpy >> permit in udp from any to any 53 >> permit in udp from any to any 67 >> >> Any help would be really appreciated >> >> >> > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Captive Portal and DACLs problems on version 12.2 (Aruba 2930M)
Still stuck on the same problem Any suggestion would be really appreciated Le lun. 3 avr. 2023 à 23:20, TISSIR, Yassine <56...@etu.he2b.be> a écrit : > Hello everyone , > I'm currently testing packetfence for my company. I started with version > 11.2 but I decided to upgrade to 12.2 because of an issue that I think > prevented getting the captive portal to work in vlan enforcement mode (A > guest computer placed in the registration VLAN was redirected to > "packetfence.domain/captive-portal" that points to 66.70.255.147 but the > page was loading indefinitely). The problem is that after the update I have > the following error when trying to save ACLs for registration VLAN: > > "AccessListMapping.0.accesslist: WARNING: Syntax error in > ACL:packetfence, near: >in<. > "config/switch/192.168.1.10" > > I also had an AD authentication source for the domain computers that > worked fine before the update, but stopped working now (Audit tab shows > successfuls authentications, but the computers don't get internet access > anymore). > > Here is my switches.conf : > > [default] > description=aruba sw > VlanMap=N > ExternalPortalEnforcement=Y > deauthOnPrevious=N > [192.168.1.10] > group=default > description=ARUBA 2930 > wsPwd=xx > wsUser=xx > SNMPPrivProtocolWrite=md5 > SNMPPrivProtocolRead=md5 > SNMPAuthProtocolRead=md5 > SNMPAuthProtocolWrite=md5 > SNMPUserNameWrite=xx > SNMPVersion=3 > SNMPUserNameRead=xx > SNMPAuthPasswordWrite=xx > SNMPAuthPasswordRead=xx > SNMPPrivPasswordRead=xx > SNMPPrivPasswordWrite=xx > SNMPEngineID=xx > SNMPPrivProtocolTrap=AES > SNMPUserNameTrap=xx > SNMPAuthProtocolTrap=md5 > SNMPVersionTrap=3 > SNMPAuthPasswordTrap=xx > SNMPPrivPasswordTrap=xx > guestVlan=10 > defaultVlan=10 > registrationVlan=20 > type=Aruba::2930M > radiusSecret=xx > VlanMap=Y > coaPort=3799 > isolationVlan=99 > UserVlan=10 > macDetectionVlan=20 > ExternalPortalEnforcement=N > registrationUrl=http://192.168.1.4/Aruba::2930M > UrlMap=Y > AccessListMap=Y > > > The ACLS that I try to save are the one from the Network Devices > Configuration Guide for Aruba 2930 switch: > > permit in tcp from any to 192.168.1.4 80 > permit in tcp from any to 192.168.1.4 443 > deny in tcp from any to any 80 cpy > deny in tcp from any to any 443 cpy > permit in udp from any to any 53 > permit in udp from any to any 67 > > Any help would be really appreciated > > > ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] Captive Portal and DACLs problems on version 12.2 (Aruba 2930M)
Hello everyone , I'm currently testing packetfence for my company. I started with version 11.2 but I decided to upgrade to 12.2 because of an issue that I think prevented getting the captive portal to work in vlan enforcement mode (A guest computer placed in the registration VLAN was redirected to "packetfence.domain/captive-portal" that points to 66.70.255.147 but the page was loading indefinitely). The problem is that after the update I have the following error when trying to save ACLs for registration VLAN: "AccessListMapping.0.accesslist: WARNING: Syntax error in ACL:packetfence, near: >in<. "config/switch/192.168.1.10" I also had an AD authentication source for the domain computers that worked fine before the update, but stopped working now (Audit tab shows successfuls authentications, but the computers don't get internet access anymore). Here is my switches.conf : [default] description=aruba sw VlanMap=N ExternalPortalEnforcement=Y deauthOnPrevious=N [192.168.1.10] group=default description=ARUBA 2930 wsPwd=xx wsUser=xx SNMPPrivProtocolWrite=md5 SNMPPrivProtocolRead=md5 SNMPAuthProtocolRead=md5 SNMPAuthProtocolWrite=md5 SNMPUserNameWrite=xx SNMPVersion=3 SNMPUserNameRead=xx SNMPAuthPasswordWrite=xx SNMPAuthPasswordRead=xx SNMPPrivPasswordRead=xx SNMPPrivPasswordWrite=xx SNMPEngineID=xx SNMPPrivProtocolTrap=AES SNMPUserNameTrap=xx SNMPAuthProtocolTrap=md5 SNMPVersionTrap=3 SNMPAuthPasswordTrap=xx SNMPPrivPasswordTrap=xx guestVlan=10 defaultVlan=10 registrationVlan=20 type=Aruba::2930M radiusSecret=xx VlanMap=Y coaPort=3799 isolationVlan=99 UserVlan=10 macDetectionVlan=20 ExternalPortalEnforcement=N registrationUrl=http://192.168.1.4/Aruba::2930M UrlMap=Y AccessListMap=Y The ACLS that I try to save are the one from the Network Devices Configuration Guide for Aruba 2930 switch: permit in tcp from any to 192.168.1.4 80 permit in tcp from any to 192.168.1.4 443 deny in tcp from any to any 80 cpy deny in tcp from any to any 443 cpy permit in udp from any to any 53 permit in udp from any to any 67 Any help would be really appreciated ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users