Re: [PacketFence-users] DHCP forwarding required?
Good day I am trying to setup packetfence to act as a captive portal on a routed network. I have many different end user sites which all sit on my routed service provider network. I want to run the packetfence server centrally in conjunction with my Ruckus virtual SmartZone controller as the wireless and captive portal solution. My problem is that Packetfence seems to want DHCP requests either tunneled to itself, or forwards by means of a DHCP relay, so that Packetfence itself can be the DHCP server to all devices which will authenticate to it. I really need the DHCP function to remain on each respective local DHCP server at each site. So my question is, is packetfence just wanting to know the MAC address related to each IP address for internal authentication purposes? Or does packet fence actually require itself to be the DHCP server? Should the former be true, how do I set it up to work this was without Packetfence acutally being the DHCP server? OR, if the latter is true, then how can I set Packetfence DHCP server up to know which pool/gateway/DHCP options to offer based on the SSID which the device came through, as I need to offer devices the correct DHCP settings on their own subnet based on the site that they are at. Please let me know if anything is unclear so that I can clarify. Thank you Jonathan -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] Packetfence works with core switch but not with attached AP
Hi, I spent a long time but have finally configured my HP 1920 (using H3C::S5120) and it is working well for port connected devices. However I have VigorAP902 access point, which appears to not be supported. I should mention I'm using out of band vlan enforcement with my HP switch. Is it possible that the Access Point that connects to my working switch can be configured in a way that uses the configuration from my switch and the AP can act as a dumb/transparent device? I.E vlan assignment/deauthentication is done by the HP switch and not the AP. If not, what are my options? Thanks Spencer -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Error on packetfence
What do the logs say: tail -f /usr/local/pf/logs/packetfence.log Spencer Hazell [MD final master logos-02] [cid:image002.jpg@01D22ABC.9B34C230] From: Shahram Wali via PacketFence-users [mailto:packetfence-users@lists.sourceforge.net] Sent: 05 September 2017 05:25 To: packetfence-users@lists.sourceforge.net Cc: Shahram WaliSubject: [PacketFence-users] Error on packetfence Dear Sir/Madam, We have worked on Packetfence 802.1x Wired authentication, checked and tested on LAB with the Cisco Switch 3750-x and the 800 series Cisco Router for the Public/internet connectivity. We have enabled the Radius server configuration on Cisco Switch (Authenticator) and the RADIUS server service on Packetfence as the authentication server for the Supplicants(clients), as the RADIUS server is mandatory in order to give access to the network, and Wired 802.1X all require a RADIUS server to authenticate the users and the devices, and then to push the proper roles or VLAN attributes to the network equipment. The radius authentication enabled, we have created the local username/password in PF for the Test, in order to be authenticated through browser, during the process of enabling network access we faced with the error message like, unable to detect network connectivity, it could not redirect us to the global sites, kindly have the attached Screenshots. Thank you, Best Regards -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Packetfence works with core switch but not with attached AP
Hello Spencer, it looks that your AP can do 802.1x but mac auth i am not sure. Also the switch must support multi auth in order to authenticate all the mac address. Lat thing you can do is to enable floating device in packetfence and return an inline vlan in order to authenticate each devices on a portal. Regards Fabrice Le 2017-09-05 à 06:49, Spencer Hazell via PacketFence-users a écrit : > > Hi, > > > > I spent a long time but have finally configured my HP 1920 (using > H3C::S5120) and it is working well for port connected devices. > However I have VigorAP902 access point, which appears to not be > supported. I should mention I’m using out of band vlan enforcement > with my HP switch. > > > > Is it possible that the Access Point that connects to my working > switch can be configured in a way that uses the configuration from my > switch and the AP can act as a dumb/transparent device? I.E vlan > assignment/deauthentication is done by the HP switch and not the AP. > > > > If not, what are my options? > > > > Thanks > > Spencer > > > > -- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] LDAP authentication
Hello, just setup aswell to user authentication on captive portal to ldap. But I got this error when I login on the portal: "you do not have the permission to register a device with this username" where can I change the "permissions" for all authenticated ldap users, in order to add devices? Regards -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Connection profile - advance filter
Thank you LT Em 2017-09-05 13:51, Fabrice Durand via PacketFence-users escreveu: > Hello Luís, > > just add 2 rules in you email source, one for corporate email address and another like catch_all. > > Something like user_email match corporate.acme -> set the role ... > > Regards > > Fabrice > > Le 2017-09-05 à 05:19, Luís Torres via PacketFence-users a écrit : > >> Hello, >> >> can you guide me on this? I want to have two diferent ways to validate people on the same ssid. >> >> The idea is, email validation only but somehow, who validates through company email gets 6months freenet, any others that arent get only 1 day. >> >> Is this possible? >> >> cheers >> >> -- >> Check out the vibrant tech community on one of the world's most >> engaging tech sites, Slashdot.org! http://sdm.link/slashdot [1] >> >> ___ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users [2] > > -- > Fabrice Durand > fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca [3] > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu [4]) and PacketFence (http://packetfence.org [5]) > > -- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot [1] > > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users [2] Links: -- [1] http://sdm.link/slashdot [2] https://lists.sourceforge.net/lists/listinfo/packetfence-users [3] http://www.inverse.ca [4] http://www.sogo.nu [5] http://packetfence.org -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users