Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hi,

on my first server, both local server ip and the vip are listening on eth0
also inPthe interface configuration, the portal is only listening on the
local server ip.
Port 80 is listening like this :

local_server_ip:80   0.0.0.0:*   LISTEN  9627/httpd
vip_ip:80 0.0.0.0:*   LISTEN
 5989/haproxy

is this the way it should be ?
Regards,

On Mon, 22 Jul 2019 at 15:40, pro fence  wrote:

> Hi Fabrice,
>
> Thanks for the reply,
> here is what i have in the pre_auth ACL :
> [image: acls.png]
>
> do you see something wrong ?
>
> On Mon, 22 Jul 2019 at 14:54, Fabrice Durand via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello Pro fence,
>>
>> packetfence manage the port that needs to be open, so you don't have to
>> do anything.
>>
>> Btw it looks that the issue you have is related to the acl you made on
>> the WLC. (check is there is some hit)
>>
>> What you can do is to capture the traffic on the device your are testing
>> with and see if you see any kind of redirection.
>>
>> Regards
>>
>> Fabrice
>>
>>
>> Le 19-07-21 à 09 h 59, pro fence via PacketFence-users a écrit :
>>
>> Hi,
>>
>> For somebody who would encounter the same issue,
>> to solve the last error, you need to add a new radius client.
>>
>> Does anybody know exactly what ports need to be open for the VIP besides
>> radius, http for the portal to pop up ? I mean in the log i have the right
>> ACL and the http://VIP-IP/CISCO::WLC  url but the portal is not showing.
>>
>> regards,
>>
>> On Thu, 18 Jul 2019 at 17:00, pro fence  wrote:
>>
>>> Hi Fabrice,
>>>
>>> to be more precise i am going to use the ip adresses of the installation
>>> guide to show you my configuration :
>>>
>>> to answer your question, yes, cluster.conf is replicated on the 3
>>> servers with the command:
>>> # /usr/local/pf/bin/cluster/sync --from=192.168.1.5 --api-user=user
>>> --api-password=password
>>>
>>> here is the content of cluster.conf :
>>> [CLUSTER]
>>> management_ip=192.168.1.10
>>> [CLUSTER interface eth0]
>>> ip=192.168.1.10
>>> [CLUSTER interface eth1.2]
>>> ip=192.168.2.10
>>> [CLUSTER interface eth1.3]
>>> ip=192.168.3.10
>>>
>>> [pf1.example.com]
>>> management_ip=192.168.1.5
>>> [pf1.example.com interface eth0]
>>> ip=192.168.1.5
>>> [pf1.example.com interface eth1.2]
>>> ip=192.168.2.5
>>> [pf1.example.com interface eth1.3]
>>> ip=192.168.3.5
>>>
>>> [pf2.example.com]
>>> management_ip=192.168.1.6
>>> [pf2.example.com interface eth0]
>>> ip=192.168.1.6
>>> [pf2.example.com interface eth1.2]
>>> ip=192.168.2.6
>>> [pf2.example.com interface eth1.3]
>>> ip=192.168.3.6
>>>
>>> [pf3.example.com]
>>> management_ip=192.168.1.7
>>> [pf3.example.com interface eth0]
>>> ip=192.168.1.7
>>> [pf3.example.com interface eth1.2]
>>> ip=192.168.2.7
>>> [pf3.example.com interface eth1.3]
>>> ip=192.168.3.7
>>>
>>> the error message becomes  :
>>>
>>> Ignoring request to auth address 192.168.1.5 port 1812 bound to server
>>> packetfence from unknown client loadBalancer_IP port 8905 proto udp
>>>
>>> listening ip and port for the first server for example:
>>>
>>> tcp0  0 192.168.1.10:800.0.0.0:*
>>> LISTEN  24615/haproxy
>>> tcp0  0 192.168.2.10:80 0.0.0.0:*
>>> LISTEN  24615/haproxy
>>> tcp0  0 192.168.3.10:80  0.0.0.0:*
>>> LISTEN  24615/haproxy
>>>
>>> tcp0  0 192.168.1.5:80   0.0.0.0:*   LISTEN
>>>  1026/httpd
>>> tcp0  0 192.168.2.5:80   0.0.0.0:*   LISTEN
>>>  1026/httpd
>>> tcp0  0 192.168.3.5:80   0.0.0.0:*   LISTEN
>>>  1026/httpd
>>>
>>> thanks in advance,
>>> Regards
>>>
>>> On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users <
>>> packetfence-users@lists.sourceforge.net> wrote:
>>>
 Hello Pro fence,


 it looks that you miss-configured your cluster.

 Did you copy the file cluster.conf on each servers ?

 Regards

 Fabrice


 Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :

 Hello,

 does anyone ever encountered the following error using a VIP, from
 radius :

 " Ignoring request to auth address MANAGEMENT_IP port 1812 bound to
 server packetfence from unknown client loadBalancer_IP port 8905 proto udp"

 the VIP sends the request using a different ip than the one configured
 in cluster.conf, so maybe that's the reason ?

 Thanks,
 Regards,


 On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:

> Fabrice,
>
> may god bless you ! thank you very much for your time and help,
> Regards,
>
> On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Yes, only the VIP is need on the WLC.
>>
>> The WLC send a request to the VIP and the radius load-balancer will

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hi Fabrice,

Thanks for the reply,
here is what i have in the pre_auth ACL :
[image: acls.png]

do you see something wrong ?

On Mon, 22 Jul 2019 at 14:54, Fabrice Durand via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:

> Hello Pro fence,
>
> packetfence manage the port that needs to be open, so you don't have to do
> anything.
>
> Btw it looks that the issue you have is related to the acl you made on the
> WLC. (check is there is some hit)
>
> What you can do is to capture the traffic on the device your are testing
> with and see if you see any kind of redirection.
>
> Regards
>
> Fabrice
>
>
> Le 19-07-21 à 09 h 59, pro fence via PacketFence-users a écrit :
>
> Hi,
>
> For somebody who would encounter the same issue,
> to solve the last error, you need to add a new radius client.
>
> Does anybody know exactly what ports need to be open for the VIP besides
> radius, http for the portal to pop up ? I mean in the log i have the right
> ACL and the http://VIP-IP/CISCO::WLC  url but the portal is not showing.
>
> regards,
>
> On Thu, 18 Jul 2019 at 17:00, pro fence  wrote:
>
>> Hi Fabrice,
>>
>> to be more precise i am going to use the ip adresses of the installation
>> guide to show you my configuration :
>>
>> to answer your question, yes, cluster.conf is replicated on the 3 servers
>> with the command:
>> # /usr/local/pf/bin/cluster/sync --from=192.168.1.5 --api-user=user
>> --api-password=password
>>
>> here is the content of cluster.conf :
>> [CLUSTER]
>> management_ip=192.168.1.10
>> [CLUSTER interface eth0]
>> ip=192.168.1.10
>> [CLUSTER interface eth1.2]
>> ip=192.168.2.10
>> [CLUSTER interface eth1.3]
>> ip=192.168.3.10
>>
>> [pf1.example.com]
>> management_ip=192.168.1.5
>> [pf1.example.com interface eth0]
>> ip=192.168.1.5
>> [pf1.example.com interface eth1.2]
>> ip=192.168.2.5
>> [pf1.example.com interface eth1.3]
>> ip=192.168.3.5
>>
>> [pf2.example.com]
>> management_ip=192.168.1.6
>> [pf2.example.com interface eth0]
>> ip=192.168.1.6
>> [pf2.example.com interface eth1.2]
>> ip=192.168.2.6
>> [pf2.example.com interface eth1.3]
>> ip=192.168.3.6
>>
>> [pf3.example.com]
>> management_ip=192.168.1.7
>> [pf3.example.com interface eth0]
>> ip=192.168.1.7
>> [pf3.example.com interface eth1.2]
>> ip=192.168.2.7
>> [pf3.example.com interface eth1.3]
>> ip=192.168.3.7
>>
>> the error message becomes  :
>>
>> Ignoring request to auth address 192.168.1.5 port 1812 bound to server
>> packetfence from unknown client loadBalancer_IP port 8905 proto udp
>>
>> listening ip and port for the first server for example:
>>
>> tcp0  0 192.168.1.10:800.0.0.0:*
>> LISTEN  24615/haproxy
>> tcp0  0 192.168.2.10:80 0.0.0.0:*
>> LISTEN  24615/haproxy
>> tcp0  0 192.168.3.10:80  0.0.0.0:*
>> LISTEN  24615/haproxy
>>
>> tcp0  0 192.168.1.5:80   0.0.0.0:*   LISTEN
>>  1026/httpd
>> tcp0  0 192.168.2.5:80   0.0.0.0:*   LISTEN
>>  1026/httpd
>> tcp0  0 192.168.3.5:80   0.0.0.0:*   LISTEN
>>  1026/httpd
>>
>> thanks in advance,
>> Regards
>>
>> On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users <
>> packetfence-users@lists.sourceforge.net> wrote:
>>
>>> Hello Pro fence,
>>>
>>>
>>> it looks that you miss-configured your cluster.
>>>
>>> Did you copy the file cluster.conf on each servers ?
>>>
>>> Regards
>>>
>>> Fabrice
>>>
>>>
>>> Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :
>>>
>>> Hello,
>>>
>>> does anyone ever encountered the following error using a VIP, from
>>> radius :
>>>
>>> " Ignoring request to auth address MANAGEMENT_IP port 1812 bound to
>>> server packetfence from unknown client loadBalancer_IP port 8905 proto udp"
>>>
>>> the VIP sends the request using a different ip than the one configured
>>> in cluster.conf, so maybe that's the reason ?
>>>
>>> Thanks,
>>> Regards,
>>>
>>>
>>> On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:
>>>
 Fabrice,

 may god bless you ! thank you very much for your time and help,
 Regards,

 On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
 packetfence-users@lists.sourceforge.net> wrote:

> Yes, only the VIP is need on the WLC.
>
> The WLC send a request to the VIP and the radius load-balancer will
> forward to one of the radius server in the cluster.
>
> Regards
>
> Fabrice
> Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :
>
> Hi Fabrice,
>
> do you mean that the VIP needs to be configured as the radius server
> in the WLC ?
>
> Thanks,
> Regards,
>
> On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello,
>>
>> only the VIP needs to be configured as the radius server.
>>
>> Regards
>>
>> Fabrice
>>
>>

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[Fabrice Durand via PacketFence-users]

Hello Pro fence,

packetfence manage the port that needs to be open, so you don't have to 
do anything.


Btw it looks that the issue you have is related to the acl you made on 
the WLC. (check is there is some hit)


What you can do is to capture the traffic on the device your are testing 
with and see if you see any kind of redirection.


Regards

Fabrice


Le 19-07-21 à 09 h 59, pro fence via PacketFence-users a écrit :

Hi,

For somebody who would encounter the same issue,
to solve the last error, you need to add a new radius client.

Does anybody know exactly what ports need to be open for the VIP 
besides radius, http for the portal to pop up ? I mean in the log i 
have the right ACL and the http://VIP-IP/CISCO::WLC url but the portal 
is not showing.


regards,

On Thu, 18 Jul 2019 at 17:00, pro fence > wrote:


Hi Fabrice,

to be more precise i am going to use the ip adresses of the
installation guide to show you my configuration :

to answer your question, yes, cluster.conf is replicated on the 3
servers with the command:
# /usr/local/pf/bin/cluster/sync --from=192.168.1.5
--api-user=user --api-password=password

here is the content of cluster.conf :
[CLUSTER]
management_ip=192.168.1.10
[CLUSTER interface eth0]
ip=192.168.1.10
[CLUSTER interface eth1.2]
ip=192.168.2.10
[CLUSTER interface eth1.3]
ip=192.168.3.10

[pf1.example.com ]
management_ip=192.168.1.5
[pf1.example.com  interface eth0]
ip=192.168.1.5
[pf1.example.com  interface eth1.2]
ip=192.168.2.5
[pf1.example.com  interface eth1.3]
ip=192.168.3.5

[pf2.example.com ]
management_ip=192.168.1.6
[pf2.example.com  interface eth0]
ip=192.168.1.6
[pf2.example.com  interface eth1.2]
ip=192.168.2.6
[pf2.example.com  interface eth1.3]
ip=192.168.3.6

[pf3.example.com ]
management_ip=192.168.1.7
[pf3.example.com  interface eth0]
ip=192.168.1.7
[pf3.example.com  interface eth1.2]
ip=192.168.2.7
[pf3.example.com  interface eth1.3]
ip=192.168.3.7

the error message becomes  :

Ignoring request to auth address 192.168.1.5 port 1812 bound to
server packetfence from unknown client loadBalancer_IP port 8905
proto udp

listening ip and port for the first server for example:

tcp        0      0 192.168.1.10:80       
 0.0.0.0:*               LISTEN      24615/haproxy
tcp        0      0 192.168.2.10:80       
  0.0.0.0:*               LISTEN      24615/haproxy
tcp        0      0 192.168.3.10:80       
   0.0.0.0:*               LISTEN      24615/haproxy

tcp        0      0 192.168.1.5:80       
0.0.0.0:*               LISTEN      1026/httpd
tcp        0      0 192.168.2.5:80       
0.0.0.0:*               LISTEN      1026/httpd
tcp        0      0 192.168.3.5:80       
0.0.0.0:*               LISTEN      1026/httpd

thanks in advance,
Regards

On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>> wrote:

Hello Pro fence,


it looks that you miss-configured your cluster.

Did you copy the file cluster.conf on each servers ?

Regards

Fabrice


Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :

Hello,

does anyone ever encountered the following error using a VIP,
from radius :

" Ignoring request to auth address MANAGEMENT_IP port 1812
bound to server packetfence from unknown client
loadBalancer_IP port 8905 proto udp"

the VIP sends the request using a different ip than the one
configured in cluster.conf, so maybe that's the reason ?

Thanks,
Regards,


On Wed, 17 Jul 2019 at 14:32, pro fence mailto:pfenc...@gmail.com>> wrote:

Fabrice,

may god bless you ! thank you very much for your time and
help,
Regards,

On Wed, 17 Jul 2019 at 13:28, Durand fabrice via
PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>> wrote:

Yes, only the VIP is need on the WLC.

The WLC send a request to the VIP and the radius
load-balancer will forward to one of the radius
server in the cluster.

Regards

Fabrice

Le 19-07-17 à 05 h 14, pro fence via

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hi,

For somebody who would encounter the same issue,
to solve the last error, you need to add a new radius client.

Does anybody know exactly what ports need to be open for the VIP besides
radius, http for the portal to pop up ? I mean in the log i have the right
ACL and the http://VIP-IP/CISCO::WLC  url but the portal is not showing.

regards,

On Thu, 18 Jul 2019 at 17:00, pro fence  wrote:

> Hi Fabrice,
>
> to be more precise i am going to use the ip adresses of the installation
> guide to show you my configuration :
>
> to answer your question, yes, cluster.conf is replicated on the 3 servers
> with the command:
> # /usr/local/pf/bin/cluster/sync --from=192.168.1.5 --api-user=user
> --api-password=password
>
> here is the content of cluster.conf :
> [CLUSTER]
> management_ip=192.168.1.10
> [CLUSTER interface eth0]
> ip=192.168.1.10
> [CLUSTER interface eth1.2]
> ip=192.168.2.10
> [CLUSTER interface eth1.3]
> ip=192.168.3.10
>
> [pf1.example.com]
> management_ip=192.168.1.5
> [pf1.example.com interface eth0]
> ip=192.168.1.5
> [pf1.example.com interface eth1.2]
> ip=192.168.2.5
> [pf1.example.com interface eth1.3]
> ip=192.168.3.5
>
> [pf2.example.com]
> management_ip=192.168.1.6
> [pf2.example.com interface eth0]
> ip=192.168.1.6
> [pf2.example.com interface eth1.2]
> ip=192.168.2.6
> [pf2.example.com interface eth1.3]
> ip=192.168.3.6
>
> [pf3.example.com]
> management_ip=192.168.1.7
> [pf3.example.com interface eth0]
> ip=192.168.1.7
> [pf3.example.com interface eth1.2]
> ip=192.168.2.7
> [pf3.example.com interface eth1.3]
> ip=192.168.3.7
>
> the error message becomes  :
>
> Ignoring request to auth address 192.168.1.5 port 1812 bound to server
> packetfence from unknown client loadBalancer_IP port 8905 proto udp
>
> listening ip and port for the first server for example:
>
> tcp0  0 192.168.1.10:800.0.0.0:*   LISTEN
>  24615/haproxy
> tcp0  0 192.168.2.10:80 0.0.0.0:*
> LISTEN  24615/haproxy
> tcp0  0 192.168.3.10:80  0.0.0.0:*
> LISTEN  24615/haproxy
>
> tcp0  0 192.168.1.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.2.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.3.5:80   0.0.0.0:*   LISTEN
>1026/httpd
>
> thanks in advance,
> Regards
>
> On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello Pro fence,
>>
>>
>> it looks that you miss-configured your cluster.
>>
>> Did you copy the file cluster.conf on each servers ?
>>
>> Regards
>>
>> Fabrice
>>
>>
>> Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :
>>
>> Hello,
>>
>> does anyone ever encountered the following error using a VIP, from radius
>> :
>>
>> " Ignoring request to auth address MANAGEMENT_IP port 1812 bound to
>> server packetfence from unknown client loadBalancer_IP port 8905 proto udp"
>>
>> the VIP sends the request using a different ip than the one configured in
>> cluster.conf, so maybe that's the reason ?
>>
>> Thanks,
>> Regards,
>>
>>
>> On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:
>>
>>> Fabrice,
>>>
>>> may god bless you ! thank you very much for your time and help,
>>> Regards,
>>>
>>> On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
>>> packetfence-users@lists.sourceforge.net> wrote:
>>>
 Yes, only the VIP is need on the WLC.

 The WLC send a request to the VIP and the radius load-balancer will
 forward to one of the radius server in the cluster.

 Regards

 Fabrice
 Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :

 Hi Fabrice,

 do you mean that the VIP needs to be configured as the radius server in
 the WLC ?

 Thanks,
 Regards,

 On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
 packetfence-users@lists.sourceforge.net> wrote:

> Hello,
>
> only the VIP needs to be configured as the radius server.
>
> Regards
>
> Fabrice
>
>
> Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :
>
> Hello,
>
> Does your wlc have hits in the statistics of communication with radius
> servers?
> Do you have the IPs of the servers in wlc's ACL?
> Thanks
>
> Cumprimentos,
>
> * Domingos Varela*
> Tel. +244 923 229 330 | Luanda - Angola
>
>
> pro fence via PacketFence-users <
> packetfence-users@lists.sourceforge.net> escreveu no dia terça,
> 16/07/2019 à(s) 16:41:
>
>> Hi,
>>
>> thank you for your reply,
>> i have configured the 3 radius servers on the wlc, but i thought that
>> more needs to be done so that the WLC could link the vip with the ssid ? 
>> or
>> maybe i am missing something ? problem is when i try to connect to the
>> ssid,nothing happens 

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

HI
For somebody who would encounter the same issue,
to solve the last error, you need to add a new radius client.

Does anybody know exactly what ports need to be open for the VIP besides
radius, http for the portal to pop up ?

regards,

On Thu, 18 Jul 2019 at 17:00, pro fence  wrote:

> Hi Fabrice,
>
> to be more precise i am going to use the ip adresses of the installation
> guide to show you my configuration :
>
> to answer your question, yes, cluster.conf is replicated on the 3 servers
> with the command:
> # /usr/local/pf/bin/cluster/sync --from=192.168.1.5 --api-user=user
> --api-password=password
>
> here is the content of cluster.conf :
> [CLUSTER]
> management_ip=192.168.1.10
> [CLUSTER interface eth0]
> ip=192.168.1.10
> [CLUSTER interface eth1.2]
> ip=192.168.2.10
> [CLUSTER interface eth1.3]
> ip=192.168.3.10
>
> [pf1.example.com]
> management_ip=192.168.1.5
> [pf1.example.com interface eth0]
> ip=192.168.1.5
> [pf1.example.com interface eth1.2]
> ip=192.168.2.5
> [pf1.example.com interface eth1.3]
> ip=192.168.3.5
>
> [pf2.example.com]
> management_ip=192.168.1.6
> [pf2.example.com interface eth0]
> ip=192.168.1.6
> [pf2.example.com interface eth1.2]
> ip=192.168.2.6
> [pf2.example.com interface eth1.3]
> ip=192.168.3.6
>
> [pf3.example.com]
> management_ip=192.168.1.7
> [pf3.example.com interface eth0]
> ip=192.168.1.7
> [pf3.example.com interface eth1.2]
> ip=192.168.2.7
> [pf3.example.com interface eth1.3]
> ip=192.168.3.7
>
> the error message becomes  :
>
> Ignoring request to auth address 192.168.1.5 port 1812 bound to server
> packetfence from unknown client loadBalancer_IP port 8905 proto udp
>
> listening ip and port for the first server for example:
>
> tcp0  0 192.168.1.10:800.0.0.0:*   LISTEN
>  24615/haproxy
> tcp0  0 192.168.2.10:80 0.0.0.0:*
> LISTEN  24615/haproxy
> tcp0  0 192.168.3.10:80  0.0.0.0:*
> LISTEN  24615/haproxy
>
> tcp0  0 192.168.1.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.2.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.3.5:80   0.0.0.0:*   LISTEN
>1026/httpd
>
> thanks in advance,
> Regards
>
> On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello Pro fence,
>>
>>
>> it looks that you miss-configured your cluster.
>>
>> Did you copy the file cluster.conf on each servers ?
>>
>> Regards
>>
>> Fabrice
>>
>>
>> Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :
>>
>> Hello,
>>
>> does anyone ever encountered the following error using a VIP, from radius
>> :
>>
>> " Ignoring request to auth address MANAGEMENT_IP port 1812 bound to
>> server packetfence from unknown client loadBalancer_IP port 8905 proto udp"
>>
>> the VIP sends the request using a different ip than the one configured in
>> cluster.conf, so maybe that's the reason ?
>>
>> Thanks,
>> Regards,
>>
>>
>> On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:
>>
>>> Fabrice,
>>>
>>> may god bless you ! thank you very much for your time and help,
>>> Regards,
>>>
>>> On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
>>> packetfence-users@lists.sourceforge.net> wrote:
>>>
 Yes, only the VIP is need on the WLC.

 The WLC send a request to the VIP and the radius load-balancer will
 forward to one of the radius server in the cluster.

 Regards

 Fabrice
 Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :

 Hi Fabrice,

 do you mean that the VIP needs to be configured as the radius server in
 the WLC ?

 Thanks,
 Regards,

 On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
 packetfence-users@lists.sourceforge.net> wrote:

> Hello,
>
> only the VIP needs to be configured as the radius server.
>
> Regards
>
> Fabrice
>
>
> Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :
>
> Hello,
>
> Does your wlc have hits in the statistics of communication with radius
> servers?
> Do you have the IPs of the servers in wlc's ACL?
> Thanks
>
> Cumprimentos,
>
> * Domingos Varela*
> Tel. +244 923 229 330 | Luanda - Angola
>
>
> pro fence via PacketFence-users <
> packetfence-users@lists.sourceforge.net> escreveu no dia terça,
> 16/07/2019 à(s) 16:41:
>
>> Hi,
>>
>> thank you for your reply,
>> i have configured the 3 radius servers on the wlc, but i thought that
>> more needs to be done so that the WLC could link the vip with the ssid ? 
>> or
>> maybe i am missing something ? problem is when i try to connect to the
>> ssid,nothing happens know
>>
>> Regards,
>>
>> On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hi,

does anybody know how to add a radius client ?

Regards,

On Thu, 18 Jul 2019 at 17:00, pro fence  wrote:

> Hi Fabrice,
>
> to be more precise i am going to use the ip adresses of the installation
> guide to show you my configuration :
>
> to answer your question, yes, cluster.conf is replicated on the 3 servers
> with the command:
> # /usr/local/pf/bin/cluster/sync --from=192.168.1.5 --api-user=user
> --api-password=password
>
> here is the content of cluster.conf :
> [CLUSTER]
> management_ip=192.168.1.10
> [CLUSTER interface eth0]
> ip=192.168.1.10
> [CLUSTER interface eth1.2]
> ip=192.168.2.10
> [CLUSTER interface eth1.3]
> ip=192.168.3.10
>
> [pf1.example.com]
> management_ip=192.168.1.5
> [pf1.example.com interface eth0]
> ip=192.168.1.5
> [pf1.example.com interface eth1.2]
> ip=192.168.2.5
> [pf1.example.com interface eth1.3]
> ip=192.168.3.5
>
> [pf2.example.com]
> management_ip=192.168.1.6
> [pf2.example.com interface eth0]
> ip=192.168.1.6
> [pf2.example.com interface eth1.2]
> ip=192.168.2.6
> [pf2.example.com interface eth1.3]
> ip=192.168.3.6
>
> [pf3.example.com]
> management_ip=192.168.1.7
> [pf3.example.com interface eth0]
> ip=192.168.1.7
> [pf3.example.com interface eth1.2]
> ip=192.168.2.7
> [pf3.example.com interface eth1.3]
> ip=192.168.3.7
>
> the error message becomes  :
>
> Ignoring request to auth address 192.168.1.5 port 1812 bound to server
> packetfence from unknown client loadBalancer_IP port 8905 proto udp
>
> listening ip and port for the first server for example:
>
> tcp0  0 192.168.1.10:800.0.0.0:*   LISTEN
>  24615/haproxy
> tcp0  0 192.168.2.10:80 0.0.0.0:*
> LISTEN  24615/haproxy
> tcp0  0 192.168.3.10:80  0.0.0.0:*
> LISTEN  24615/haproxy
>
> tcp0  0 192.168.1.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.2.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.3.5:80   0.0.0.0:*   LISTEN
>1026/httpd
>
> thanks in advance,
> Regards
>
> On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello Pro fence,
>>
>>
>> it looks that you miss-configured your cluster.
>>
>> Did you copy the file cluster.conf on each servers ?
>>
>> Regards
>>
>> Fabrice
>>
>>
>> Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :
>>
>> Hello,
>>
>> does anyone ever encountered the following error using a VIP, from radius
>> :
>>
>> " Ignoring request to auth address MANAGEMENT_IP port 1812 bound to
>> server packetfence from unknown client loadBalancer_IP port 8905 proto udp"
>>
>> the VIP sends the request using a different ip than the one configured in
>> cluster.conf, so maybe that's the reason ?
>>
>> Thanks,
>> Regards,
>>
>>
>> On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:
>>
>>> Fabrice,
>>>
>>> may god bless you ! thank you very much for your time and help,
>>> Regards,
>>>
>>> On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
>>> packetfence-users@lists.sourceforge.net> wrote:
>>>
 Yes, only the VIP is need on the WLC.

 The WLC send a request to the VIP and the radius load-balancer will
 forward to one of the radius server in the cluster.

 Regards

 Fabrice
 Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :

 Hi Fabrice,

 do you mean that the VIP needs to be configured as the radius server in
 the WLC ?

 Thanks,
 Regards,

 On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
 packetfence-users@lists.sourceforge.net> wrote:

> Hello,
>
> only the VIP needs to be configured as the radius server.
>
> Regards
>
> Fabrice
>
>
> Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :
>
> Hello,
>
> Does your wlc have hits in the statistics of communication with radius
> servers?
> Do you have the IPs of the servers in wlc's ACL?
> Thanks
>
> Cumprimentos,
>
> * Domingos Varela*
> Tel. +244 923 229 330 | Luanda - Angola
>
>
> pro fence via PacketFence-users <
> packetfence-users@lists.sourceforge.net> escreveu no dia terça,
> 16/07/2019 à(s) 16:41:
>
>> Hi,
>>
>> thank you for your reply,
>> i have configured the 3 radius servers on the wlc, but i thought that
>> more needs to be done so that the WLC could link the vip with the ssid ? 
>> or
>> maybe i am missing something ? problem is when i try to connect to the
>> ssid,nothing happens know
>>
>> Regards,
>>
>> On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <
>> packetfence-users@lists.sourceforge.net> wrote:
>>
>>> Hi,
>>>
>>> wlc needs to know who the radius server will communicate with it, so
>>> I think 

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

For somebody who would encounter the same issue,

to solve the last error, you need to add a new radius client, and don't
forget to change the switch url in packetfence GUI to reflect the VIP.

Regards,

On Thu, 18 Jul 2019 at 17:00, pro fence  wrote:

> Hi Fabrice,
>
> to be more precise i am going to use the ip adresses of the installation
> guide to show you my configuration :
>
> to answer your question, yes, cluster.conf is replicated on the 3 servers
> with the command:
> # /usr/local/pf/bin/cluster/sync --from=192.168.1.5 --api-user=user
> --api-password=password
>
> here is the content of cluster.conf :
> [CLUSTER]
> management_ip=192.168.1.10
> [CLUSTER interface eth0]
> ip=192.168.1.10
> [CLUSTER interface eth1.2]
> ip=192.168.2.10
> [CLUSTER interface eth1.3]
> ip=192.168.3.10
>
> [pf1.example.com]
> management_ip=192.168.1.5
> [pf1.example.com interface eth0]
> ip=192.168.1.5
> [pf1.example.com interface eth1.2]
> ip=192.168.2.5
> [pf1.example.com interface eth1.3]
> ip=192.168.3.5
>
> [pf2.example.com]
> management_ip=192.168.1.6
> [pf2.example.com interface eth0]
> ip=192.168.1.6
> [pf2.example.com interface eth1.2]
> ip=192.168.2.6
> [pf2.example.com interface eth1.3]
> ip=192.168.3.6
>
> [pf3.example.com]
> management_ip=192.168.1.7
> [pf3.example.com interface eth0]
> ip=192.168.1.7
> [pf3.example.com interface eth1.2]
> ip=192.168.2.7
> [pf3.example.com interface eth1.3]
> ip=192.168.3.7
>
> the error message becomes  :
>
> Ignoring request to auth address 192.168.1.5 port 1812 bound to server
> packetfence from unknown client loadBalancer_IP port 8905 proto udp
>
> listening ip and port for the first server for example:
>
> tcp0  0 192.168.1.10:800.0.0.0:*   LISTEN
>  24615/haproxy
> tcp0  0 192.168.2.10:80 0.0.0.0:*
> LISTEN  24615/haproxy
> tcp0  0 192.168.3.10:80  0.0.0.0:*
> LISTEN  24615/haproxy
>
> tcp0  0 192.168.1.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.2.5:80   0.0.0.0:*   LISTEN
>1026/httpd
> tcp0  0 192.168.3.5:80   0.0.0.0:*   LISTEN
>1026/httpd
>
> thanks in advance,
> Regards
>
> On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello Pro fence,
>>
>>
>> it looks that you miss-configured your cluster.
>>
>> Did you copy the file cluster.conf on each servers ?
>>
>> Regards
>>
>> Fabrice
>>
>>
>> Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :
>>
>> Hello,
>>
>> does anyone ever encountered the following error using a VIP, from radius
>> :
>>
>> " Ignoring request to auth address MANAGEMENT_IP port 1812 bound to
>> server packetfence from unknown client loadBalancer_IP port 8905 proto udp"
>>
>> the VIP sends the request using a different ip than the one configured in
>> cluster.conf, so maybe that's the reason ?
>>
>> Thanks,
>> Regards,
>>
>>
>> On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:
>>
>>> Fabrice,
>>>
>>> may god bless you ! thank you very much for your time and help,
>>> Regards,
>>>
>>> On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
>>> packetfence-users@lists.sourceforge.net> wrote:
>>>
 Yes, only the VIP is need on the WLC.

 The WLC send a request to the VIP and the radius load-balancer will
 forward to one of the radius server in the cluster.

 Regards

 Fabrice
 Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :

 Hi Fabrice,

 do you mean that the VIP needs to be configured as the radius server in
 the WLC ?

 Thanks,
 Regards,

 On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
 packetfence-users@lists.sourceforge.net> wrote:

> Hello,
>
> only the VIP needs to be configured as the radius server.
>
> Regards
>
> Fabrice
>
>
> Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :
>
> Hello,
>
> Does your wlc have hits in the statistics of communication with radius
> servers?
> Do you have the IPs of the servers in wlc's ACL?
> Thanks
>
> Cumprimentos,
>
> * Domingos Varela*
> Tel. +244 923 229 330 | Luanda - Angola
>
>
> pro fence via PacketFence-users <
> packetfence-users@lists.sourceforge.net> escreveu no dia terça,
> 16/07/2019 à(s) 16:41:
>
>> Hi,
>>
>> thank you for your reply,
>> i have configured the 3 radius servers on the wlc, but i thought that
>> more needs to be done so that the WLC could link the vip with the ssid ? 
>> or
>> maybe i am missing something ? problem is when i try to connect to the
>> ssid,nothing happens know
>>
>> Regards,
>>
>> On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <
>> 

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hi Fabrice,

to be more precise i am going to use the ip adresses of the installation
guide to show you my configuration :

to answer your question, yes, cluster.conf is replicated on the 3 servers
with the command:
# /usr/local/pf/bin/cluster/sync --from=192.168.1.5 --api-user=user
--api-password=password

here is the content of cluster.conf :
[CLUSTER]
management_ip=192.168.1.10
[CLUSTER interface eth0]
ip=192.168.1.10
[CLUSTER interface eth1.2]
ip=192.168.2.10
[CLUSTER interface eth1.3]
ip=192.168.3.10

[pf1.example.com]
management_ip=192.168.1.5
[pf1.example.com interface eth0]
ip=192.168.1.5
[pf1.example.com interface eth1.2]
ip=192.168.2.5
[pf1.example.com interface eth1.3]
ip=192.168.3.5

[pf2.example.com]
management_ip=192.168.1.6
[pf2.example.com interface eth0]
ip=192.168.1.6
[pf2.example.com interface eth1.2]
ip=192.168.2.6
[pf2.example.com interface eth1.3]
ip=192.168.3.6

[pf3.example.com]
management_ip=192.168.1.7
[pf3.example.com interface eth0]
ip=192.168.1.7
[pf3.example.com interface eth1.2]
ip=192.168.2.7
[pf3.example.com interface eth1.3]
ip=192.168.3.7

the error message becomes  :

Ignoring request to auth address 192.168.1.5 port 1812 bound to server
packetfence from unknown client loadBalancer_IP port 8905 proto udp

listening ip and port for the first server for example:

tcp0  0 192.168.1.10:800.0.0.0:*   LISTEN
   24615/haproxy
tcp0  0 192.168.2.10:80 0.0.0.0:*   LISTEN
 24615/haproxy
tcp0  0 192.168.3.10:80  0.0.0.0:*   LISTEN
 24615/haproxy

tcp0  0 192.168.1.5:80   0.0.0.0:*   LISTEN
 1026/httpd
tcp0  0 192.168.2.5:80   0.0.0.0:*   LISTEN
 1026/httpd
tcp0  0 192.168.3.5:80   0.0.0.0:*   LISTEN
 1026/httpd

thanks in advance,
Regards

On Thu, 18 Jul 2019 at 15:03, Fabrice Durand via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:

> Hello Pro fence,
>
>
> it looks that you miss-configured your cluster.
>
> Did you copy the file cluster.conf on each servers ?
>
> Regards
>
> Fabrice
>
>
> Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :
>
> Hello,
>
> does anyone ever encountered the following error using a VIP, from radius :
>
> " Ignoring request to auth address MANAGEMENT_IP port 1812 bound to server
> packetfence from unknown client loadBalancer_IP port 8905 proto udp"
>
> the VIP sends the request using a different ip than the one configured in
> cluster.conf, so maybe that's the reason ?
>
> Thanks,
> Regards,
>
>
> On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:
>
>> Fabrice,
>>
>> may god bless you ! thank you very much for your time and help,
>> Regards,
>>
>> On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
>> packetfence-users@lists.sourceforge.net> wrote:
>>
>>> Yes, only the VIP is need on the WLC.
>>>
>>> The WLC send a request to the VIP and the radius load-balancer will
>>> forward to one of the radius server in the cluster.
>>>
>>> Regards
>>>
>>> Fabrice
>>> Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :
>>>
>>> Hi Fabrice,
>>>
>>> do you mean that the VIP needs to be configured as the radius server in
>>> the WLC ?
>>>
>>> Thanks,
>>> Regards,
>>>
>>> On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
>>> packetfence-users@lists.sourceforge.net> wrote:
>>>
 Hello,

 only the VIP needs to be configured as the radius server.

 Regards

 Fabrice


 Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :

 Hello,

 Does your wlc have hits in the statistics of communication with radius
 servers?
 Do you have the IPs of the servers in wlc's ACL?
 Thanks

 Cumprimentos,

 * Domingos Varela*
 Tel. +244 923 229 330 | Luanda - Angola


 pro fence via PacketFence-users <
 packetfence-users@lists.sourceforge.net> escreveu no dia terça,
 16/07/2019 à(s) 16:41:

> Hi,
>
> thank you for your reply,
> i have configured the 3 radius servers on the wlc, but i thought that
> more needs to be done so that the WLC could link the vip with the ssid ? 
> or
> maybe i am missing something ? problem is when i try to connect to the
> ssid,nothing happens know
>
> Regards,
>
> On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hi,
>>
>> wlc needs to know who the radius server will communicate with it, so
>> I think you have to configure the three radius servers in wlc, the 
>> virtual
>> IP will only redirect the requests to the servers.
>> If you configure the virtual IP the request will be made, but you may
>> have problems in the response because wlc will not recognize the server
>> that will respond to the request.

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[Fabrice Durand via PacketFence-users]

Hello Pro fence,


it looks that you miss-configured your cluster.

Did you copy the file cluster.conf on each servers ?

Regards

Fabrice


Le 19-07-18 à 06 h 49, pro fence via PacketFence-users a écrit :

Hello,

does anyone ever encountered the following error using a VIP, from 
radius :


" Ignoring request to auth address MANAGEMENT_IP port 1812 bound to 
server packetfence from unknown client loadBalancer_IP port 8905 proto 
udp"


the VIP sends the request using a different ip than the one configured 
in cluster.conf, so maybe that's the reason ?


Thanks,
Regards,


On Wed, 17 Jul 2019 at 14:32, pro fence > wrote:


Fabrice,

may god bless you ! thank you very much for your time and help,
Regards,

On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>> wrote:

Yes, only the VIP is need on the WLC.

The WLC send a request to the VIP and the radius load-balancer
will forward to one of the radius server in the cluster.

Regards

Fabrice

Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :

Hi Fabrice,

do you mean that the VIP needs to be configured as the radius
server in the WLC ?

Thanks,
Regards,

On Tue, 16 Jul 2019 at 23:16, Durand fabrice via
PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote:

Hello,

only the VIP needs to be configured as the radius server.

Regards

Fabrice


Le 19-07-16 à 11 h 53, Domingos Varela via
PacketFence-users a écrit :

Hello,

Does your wlc have hits in the statistics of
communication with radius servers?
Do you have the IPs of the servers in wlc's ACL?
Thanks

Cumprimentos,*

Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
escreveu no dia terça, 16/07/2019 à(s) 16:41:

Hi,

thank you for your reply,
i have configured the 3 radius servers on the wlc,
but i thought that more needs to be done so that the
WLC could link the vip with the ssid ? or maybe i am
missing something ? problem is when i try to connect
to the ssid,nothing happens know

Regards,

On Tue, 16 Jul 2019 at 17:07, Domingos Varela via
PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>> wrote:

Hi,

wlc needs to know who the radius server will
communicate with it, so I think you have to
configure the three radius servers in wlc, the
virtual IP will only redirect the requests to
the servers.
If you configure the virtual IP the request will
be made, but you may have problems in the
response because wlc will not recognize the
server that will respond to the request.
thanks
Regards

Cumprimentos,*

Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
escreveu no dia terça, 16/07/2019 à(s) 14:42:

Hi,

i have a 3 servers' cluster configured with
a Virtual IP,
do you guys know what needs to be changed or
configured on the cisco WLC for the VIP to
make sure that when the user connects to the
ssid it goes through the VIP ?

Any help would be appreciated,
Thanks,
Regards,
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net


https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net


https://lists.sourceforge.net/lists/listinfo/packetfence-users

___

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hello,

does anyone ever encountered the following error using a VIP, from radius :

" Ignoring request to auth address MANAGEMENT_IP port 1812 bound to server
packetfence from unknown client loadBalancer_IP port 8905 proto udp"

the VIP sends the request using a different ip than the one configured in
cluster.conf, so maybe that's the reason ?

Thanks,
Regards,


On Wed, 17 Jul 2019 at 14:32, pro fence  wrote:

> Fabrice,
>
> may god bless you ! thank you very much for your time and help,
> Regards,
>
> On Wed, 17 Jul 2019 at 13:28, Durand fabrice via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Yes, only the VIP is need on the WLC.
>>
>> The WLC send a request to the VIP and the radius load-balancer will
>> forward to one of the radius server in the cluster.
>>
>> Regards
>>
>> Fabrice
>> Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :
>>
>> Hi Fabrice,
>>
>> do you mean that the VIP needs to be configured as the radius server in
>> the WLC ?
>>
>> Thanks,
>> Regards,
>>
>> On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
>> packetfence-users@lists.sourceforge.net> wrote:
>>
>>> Hello,
>>>
>>> only the VIP needs to be configured as the radius server.
>>>
>>> Regards
>>>
>>> Fabrice
>>>
>>>
>>> Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :
>>>
>>> Hello,
>>>
>>> Does your wlc have hits in the statistics of communication with radius
>>> servers?
>>> Do you have the IPs of the servers in wlc's ACL?
>>> Thanks
>>>
>>> Cumprimentos,
>>>
>>> * Domingos Varela*
>>> Tel. +244 923 229 330 | Luanda - Angola
>>>
>>>
>>> pro fence via PacketFence-users 
>>> escreveu no dia terça, 16/07/2019 à(s) 16:41:
>>>
 Hi,

 thank you for your reply,
 i have configured the 3 radius servers on the wlc, but i thought that
 more needs to be done so that the WLC could link the vip with the ssid ? or
 maybe i am missing something ? problem is when i try to connect to the
 ssid,nothing happens know

 Regards,

 On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <
 packetfence-users@lists.sourceforge.net> wrote:

> Hi,
>
> wlc needs to know who the radius server will communicate with it, so I
> think you have to configure the three radius servers in wlc, the virtual 
> IP
> will only redirect the requests to the servers.
> If you configure the virtual IP the request will be made, but you may
> have problems in the response because wlc will not recognize the server
> that will respond to the request.
> thanks
> Regards
>
> Cumprimentos,
>
> * Domingos Varela*
> Tel. +244 923 229 330 | Luanda - Angola
>
>
> pro fence via PacketFence-users <
> packetfence-users@lists.sourceforge.net> escreveu no dia terça,
> 16/07/2019 à(s) 14:42:
>
>> Hi,
>>
>> i have a 3 servers' cluster configured with a Virtual IP,
>> do you guys know what needs to be changed or configured on the cisco
>> WLC for the VIP to make sure that when the user connects to the ssid it
>> goes through the VIP ?
>>
>> Any help would be appreciated,
>> Thanks,
>> Regards,
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
 ___
 PacketFence-users mailing list
 PacketFence-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/packetfence-users

>>>
>>>
>>> ___
>>> PacketFence-users mailing 
>>> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>> ___
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>
>>
>> ___
>> PacketFence-users mailing 
>> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[Durand fabrice via PacketFence-users]

Yes, only the VIP is need on the WLC.

The WLC send a request to the VIP and the radius load-balancer will 
forward to one of the radius server in the cluster.


Regards

Fabrice

Le 19-07-17 à 05 h 14, pro fence via PacketFence-users a écrit :

Hi Fabrice,

do you mean that the VIP needs to be configured as the radius server 
in the WLC ?


Thanks,
Regards,

On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users 
> wrote:


Hello,

only the VIP needs to be configured as the radius server.

Regards

Fabrice


Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :

Hello,

Does your wlc have hits in the statistics of communication with
radius servers?
Do you have the IPs of the servers in wlc's ACL?
Thanks

Cumprimentos,*

Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>> escreveu no dia
terça, 16/07/2019 à(s) 16:41:

Hi,

thank you for your reply,
i have configured the 3 radius servers on the wlc, but i
thought that more needs to be done so that the WLC could link
the vip with the ssid ? or maybe i am missing something ?
problem is when i try to connect to the ssid,nothing happens know

Regards,

On Tue, 16 Jul 2019 at 17:07, Domingos Varela via
PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote:

Hi,

wlc needs to know who the radius server will communicate
with it, so I think you have to configure the three
radius servers in wlc, the virtual IP will only redirect
the requests to the servers.
If you configure the virtual IP the request will be made,
but you may have problems in the response because wlc
will not recognize the server that will respond to the
request.
thanks
Regards

Cumprimentos,*

Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
escreveu no dia terça, 16/07/2019 à(s) 14:42:

Hi,

i have a 3 servers' cluster configured with a Virtual IP,
do you guys know what needs to be changed or
configured on the cisco WLC for the VIP to make sure
that when the user connects to the ssid it goes
through the VIP ?

Any help would be appreciated,
Thanks,
Regards,
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net  

https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hi Fabrice,

do you mean that the VIP needs to be configured as the radius server in the
WLC ?

Thanks,
Regards,

On Tue, 16 Jul 2019 at 23:16, Durand fabrice via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:

> Hello,
>
> only the VIP needs to be configured as the radius server.
>
> Regards
>
> Fabrice
>
>
> Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :
>
> Hello,
>
> Does your wlc have hits in the statistics of communication with radius
> servers?
> Do you have the IPs of the servers in wlc's ACL?
> Thanks
>
> Cumprimentos,
>
> * Domingos Varela*
> Tel. +244 923 229 330 | Luanda - Angola
>
>
> pro fence via PacketFence-users 
> escreveu no dia terça, 16/07/2019 à(s) 16:41:
>
>> Hi,
>>
>> thank you for your reply,
>> i have configured the 3 radius servers on the wlc, but i thought that
>> more needs to be done so that the WLC could link the vip with the ssid ? or
>> maybe i am missing something ? problem is when i try to connect to the
>> ssid,nothing happens know
>>
>> Regards,
>>
>> On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <
>> packetfence-users@lists.sourceforge.net> wrote:
>>
>>> Hi,
>>>
>>> wlc needs to know who the radius server will communicate with it, so I
>>> think you have to configure the three radius servers in wlc, the virtual IP
>>> will only redirect the requests to the servers.
>>> If you configure the virtual IP the request will be made, but you may
>>> have problems in the response because wlc will not recognize the server
>>> that will respond to the request.
>>> thanks
>>> Regards
>>>
>>> Cumprimentos,
>>>
>>> * Domingos Varela*
>>> Tel. +244 923 229 330 | Luanda - Angola
>>>
>>>
>>> pro fence via PacketFence-users 
>>> escreveu no dia terça, 16/07/2019 à(s) 14:42:
>>>
 Hi,

 i have a 3 servers' cluster configured with a Virtual IP,
 do you guys know what needs to be changed or configured on the cisco
 WLC for the VIP to make sure that when the user connects to the ssid it
 goes through the VIP ?

 Any help would be appreciated,
 Thanks,
 Regards,
 ___
 PacketFence-users mailing list
 PacketFence-users@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/packetfence-users

>>> ___
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
>
> ___
> PacketFence-users mailing 
> listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[Durand fabrice via PacketFence-users]

Hello,

only the VIP needs to be configured as the radius server.

Regards

Fabrice


Le 19-07-16 à 11 h 53, Domingos Varela via PacketFence-users a écrit :

Hello,

Does your wlc have hits in the statistics of communication with radius 
servers?

Do you have the IPs of the servers in wlc's ACL?
Thanks

Cumprimentos,*

Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users 
> escreveu no dia 
terça, 16/07/2019 à(s) 16:41:


Hi,

thank you for your reply,
i have configured the 3 radius servers on the wlc, but i thought
that more needs to be done so that the WLC could link the vip with
the ssid ? or maybe i am missing something ? problem is when i try
to connect to the ssid,nothing happens know

Regards,

On Tue, 16 Jul 2019 at 17:07, Domingos Varela via
PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote:

Hi,

wlc needs to know who the radius server will communicate with
it, so I think you have to configure the three radius servers
in wlc, the virtual IP will only redirect the requests to the
servers.
If you configure the virtual IP the request will be made, but
you may have problems in the response because wlc will not
recognize the server that will respond to the request.
thanks
Regards

Cumprimentos,*

Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>> escreveu no
dia terça, 16/07/2019 à(s) 14:42:

Hi,

i have a 3 servers' cluster configured with a Virtual IP,
do you guys know what needs to be changed or configured on
the cisco WLC for the VIP to make sure that when the user
connects to the ssid it goes through the VIP ?

Any help would be appreciated,
Thanks,
Regards,
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users

___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net

https://lists.sourceforge.net/lists/listinfo/packetfence-users



___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[Domingos Varela via PacketFence-users]

Hello,

Does your wlc have hits in the statistics of communication with radius
servers?
Do you have the IPs of the servers in wlc's ACL?
Thanks

Cumprimentos,

*Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users 
escreveu no dia terça, 16/07/2019 à(s) 16:41:

> Hi,
>
> thank you for your reply,
> i have configured the 3 radius servers on the wlc, but i thought that more
> needs to be done so that the WLC could link the vip with the ssid ? or
> maybe i am missing something ? problem is when i try to connect to the
> ssid,nothing happens know
>
> Regards,
>
> On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hi,
>>
>> wlc needs to know who the radius server will communicate with it, so I
>> think you have to configure the three radius servers in wlc, the virtual IP
>> will only redirect the requests to the servers.
>> If you configure the virtual IP the request will be made, but you may
>> have problems in the response because wlc will not recognize the server
>> that will respond to the request.
>> thanks
>> Regards
>>
>> Cumprimentos,
>>
>> *Domingos Varela*
>> Tel. +244 923 229 330 | Luanda - Angola
>>
>>
>> pro fence via PacketFence-users 
>> escreveu no dia terça, 16/07/2019 à(s) 14:42:
>>
>>> Hi,
>>>
>>> i have a 3 servers' cluster configured with a Virtual IP,
>>> do you guys know what needs to be changed or configured on the cisco WLC
>>> for the VIP to make sure that when the user connects to the ssid it goes
>>> through the VIP ?
>>>
>>> Any help would be appreciated,
>>> Thanks,
>>> Regards,
>>> ___
>>> PacketFence-users mailing list
>>> PacketFence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[pro fence via PacketFence-users]

Hi,

thank you for your reply,
i have configured the 3 radius servers on the wlc, but i thought that more
needs to be done so that the WLC could link the vip with the ssid ? or
maybe i am missing something ? problem is when i try to connect to the
ssid,nothing happens know

Regards,

On Tue, 16 Jul 2019 at 17:07, Domingos Varela via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:

> Hi,
>
> wlc needs to know who the radius server will communicate with it, so I
> think you have to configure the three radius servers in wlc, the virtual IP
> will only redirect the requests to the servers.
> If you configure the virtual IP the request will be made, but you may have
> problems in the response because wlc will not recognize the server that
> will respond to the request.
> thanks
> Regards
>
> Cumprimentos,
>
> *Domingos Varela*
> Tel. +244 923 229 330 | Luanda - Angola
>
>
> pro fence via PacketFence-users 
> escreveu no dia terça, 16/07/2019 à(s) 14:42:
>
>> Hi,
>>
>> i have a 3 servers' cluster configured with a Virtual IP,
>> do you guys know what needs to be changed or configured on the cisco WLC
>> for the VIP to make sure that when the user connects to the ssid it goes
>> through the VIP ?
>>
>> Any help would be appreciated,
>> Thanks,
>> Regards,
>> ___
>> PacketFence-users mailing list
>> PacketFence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] [PF 9.0.1] Cisco WLC and Virtual IP

[Domingos Varela via PacketFence-users]

Hi,

wlc needs to know who the radius server will communicate with it, so I
think you have to configure the three radius servers in wlc, the virtual IP
will only redirect the requests to the servers.
If you configure the virtual IP the request will be made, but you may have
problems in the response because wlc will not recognize the server that
will respond to the request.
thanks
Regards

Cumprimentos,

*Domingos Varela*
Tel. +244 923 229 330 | Luanda - Angola


pro fence via PacketFence-users 
escreveu no dia terça, 16/07/2019 à(s) 14:42:

> Hi,
>
> i have a 3 servers' cluster configured with a Virtual IP,
> do you guys know what needs to be changed or configured on the cisco WLC
> for the VIP to make sure that when the user connects to the ssid it goes
> through the VIP ?
>
> Any help would be appreciated,
> Thanks,
> Regards,
> ___
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
___
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users