Hi,
simply trigger a violation on it where the target vlan is isolation vlan.
regards
Fabrice
Le 2015-10-28 16:50, mourik jan heupink a écrit :
> Hi,
>
> This question is _very_ basic, but... we have been using pf for a while
> now, and I have recently been informed about an infected inline
Hi,
i did the test today on ubuntu 12.04 and i am not able to replicate the
issue.
Can you do step by step like:
apt-get install libapache-ssllookup-perl
apt-get install liburi-escape-xs-perl
...
until you are not able to install the package
Regards
Fabrice
Le 2015-10-28 15:18, Tedder,
Hello Dale,
sorry for the late reply.
Le 2015-10-21 17:14, Dale Whiteaker-Lewis a écrit :
Here is the process:
* Employee has a company-issued laptop
* Employee has a personal phone with WiFi.
* We have a WPA2 Enterprise SSID using 802.1x/EAP-PEAP-MSCHAPv2 for
authentication, with
Hello,
if fact you just need to have italian language enabled in your browser
and packetfence admin gui will detect it.
On my side i have chrome with en_US enabled and firefox with fr_FR
enabled and the language follow.
Regards
Fabrice
Le 2015-10-26 09:17, i...@vanen.it a écrit :
> For
Hi,
i am working on it but each httpd.xxx proces core dump.
So it's still on the way.
Regards
Fabrice
Le 2015-10-26 10:04, mourik jan heupink a écrit :
> Hi,
>
> I wanted to try a packetfence install on debian 8, but the packetfence
> repo appears to be wheezy-only.
>
> Are there plans to
The Captive portal detected alerts ?!
Le 2015-10-22 15:23, Solomon Seal a écrit :
With a clean install of the packetfence_zen appliance (5.4.0) none of
our test devices are triggering the "Captive portal detected" alerts.
The captive portal trigger bypass is not enabled.
Any thoughts on
Hello Solomon,
let's try with that: url=http://app-ca/CertSrv/mscep/
Regards
Fabrice
Le 2015-10-22 15:10, Solomon Seal a écrit :
Here is the pki_provider.conf
[domain-APP-CA]
country=US
server_cert_path=/usr/local/pf/conf/ssl/tls_certs/pf.domain.pem
Sorry but i don't understand what you are talking about.
Can you explain what you are tring to do ?
Regards
Fabrice
Le 2015-10-22 18:53, Solomon Seal a écrit :
Correct.
On Thu, Oct 22, 2015, 6:41 PM Durand fabrice <fdur...@inverse.ca
<mailto:fdur...@inverse.ca>> wrote:
, Solomon Seal a écrit :
On the devices connecting to the captive portal, none detect the
captive portal at all. This leads to users not knowing they need to
sign in. This has always worked on previous versions.
On Thu, Oct 22, 2015, 7:44 PM Durand fabrice <fdur...@inverse.ca
<mailt
Hello,
First:
Did you configure OMAPI ? (check pfdhcplistener.log for OMAPI word)
Also i recommend to create a tmpfs for dhcp lease (in fstab: tmpfs
/usr/local/pf/var/dhcpd tmpfs defaults,noatime,mode=1777,size=200M 0 0)
What was the memory available on the system ?
Did you made a memory
Have a look at database-backup-and-maintenance.sh file.
Le 2015-10-22 20:34, Thomas, Gregory A a écrit :
I have found a temporary fix for this issue. The user’s device was not
in the node table of the database and thus a correct error. However
the device was given an address from the dhcp
Hello, good morning from inverse !
So it's a bug then open an issue there :
https://github.com/inverse-inc/packetfence/issues
Regards
Fabrice
Le 2015-10-21 07:29, mourik jan heupink a écrit :
>
> On 10/21/2015 10:19 AM, Timur Gubaev wrote:
>> The same issue, and also cannot guess, why it
Hello,
you issue is on the eth0 interface, it looks that the vlan 2 is not
tagged on the switch port.
If you check all the vlan interfaces there is no RX packets.
Regards
Fabrice
Le 2015-10-15 16:31, Kristaps Dambergs a écrit :
Hello,
I am using PF 5.3 802.1x + MAC auth. When I plug a
Hello Morgan,
first check in packetfence.log when you hit the captive portal :
Instantiate profile ...
Then paste your profiles.conf and authentication.conf (remove sensible
information)
Regards
Fabrice
Le 2015-10-14 12:06, Morgan, Darren a écrit :
Hi,
Probably a bit of a ‘noob’
Hello,
something like that should work
[siemensphones]
filter = node_info
operator = match
attribute = mac
value = ^(00:1a:e8).*
[1:siemensphones]
scope = IsPhone
role = default
Regards
Fabrice
Le 2015-10-15 10:53, Dennis Bühring a écrit :
Hi,
i want to set the voip attribute for our
Hello Joshua,
maybe you can share what you did with iproute2 ;-)
Regards
Fabrice
Le 2015-10-15 07:35, Nathan, Josh a écrit :
Thanks Fabrice! I was able to get it working with that!
Thanks,
Joshua Nathan
IT Administrator
Black Forest Academy
+49 (0) 7626-9161-630
On Wed, Oct 14, 2015 at
Hello Bjorn,
there is probably a way to configure the palo alto firewall to use a
captive portal.
I found this documentation
https://live.paloaltonetworks.com/twzvq79624/attachments/twzvq79624/ConfigurationArticles/920/1/How%20to%20Configure%20Captive%20Portal.pdf
and you probably be able to
Hello,
yes you need to apply the patch.
Regards
Fabrice
Le 2015-10-13 17:50, ismael flavio silva a écrit :
hello,
ok.. works :)
thanks
I have a question...
I was using the PF 5.3.1 and wanted to use nessus to scan the client
They said they needed a patch
on the PF 5.4.0 i need it?
Hello Darren,
it looks that you define manually the isolation and registration network
in dhcpd.conf (in /usr/local/pf/conf/).
The dhcp configuration is managed by pf and it generate a file in
var/conf/dhcpd.conf, so remove the 2 scopes you defined manually and do a:
bin/pfcmd configreload
Hello,
the question is more are you able to reach the switch with snmp ?
Like is this command works (Of course use the community you defined in
the switch instead of public) : snmpwalk -c public -v 2c 192.168.100.254 1.
Regards
Fabrice
Le 2015-10-08 19:34, ismael flavio silva a écrit :
Hello,
first question, what is the version of your nessus server ?
If it's version 6 then you will have to apply a patch to your installation.
Regards
Fabrice
Le 2015-10-07 11:43, ismael flavio silva a écrit :
Hello
I'm trying to put nessus to work with packetfence
packetfence (local)
Hi Jakes,
can you try with Aruba Switches module ?
https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/ArubaSwitch.pm
Regards
Fabrice
Le 2015-09-30 17:38, Sallee, Jake a écrit :
Louis:
I did as you suggested and got the latest version of the aruba module, but no
luck : (
Hello Rob,
the first thing we need to see is the radius debug.
Let's do that:
pkill radiusd
radiusd -d /usr/local/pf/raddb -X
Then do your machine auth and paste the result.
Also do you have something in packetfence.log about the user
host/Robs-Laptop.X.local ?
Regards
Fabrice
Le
= device_class
value = Smartphones
[50:notiphonenotmacintoshnotandroid]
scope = InlineDhcpRequest
role = 1
Durand fabrice fdur...@inverse.ca 8/27/2015 10:13 AM
Hi Craig,
The 50's rule is trigger in the pfdhcplistener, so you have to restart
pfdhcplistener service to update it.
Also i think it's
think it is causing Windows and Mac OS notebooks to not autoregister
but go into unreg vlan after 802.1x authentication.
Regards,
Craig.
Durand fabrice fdur...@inverse.ca 8/26/2015 4:36 PM
Hi Craig,
let's restart httpd.aaa
bin/pfcmd service httpd.aaa restart
Regards
Fabrice
Le 2015-08-26 09
Hi Craig,
let's restart httpd.aaa
bin/pfcmd service httpd.aaa restart
Regards
Fabrice
Le 2015-08-26 09:28, Craig Strydom a écrit :
Hi All,
I apologize if this was answered somewhere else but I can not find it.
Which service needs to restart to activate the changes made to the
Hello Will,
because in all the Redhat's packets are not in a single repo you
probably have to subscribe to more repo/channels.
https://access.redhat.com/solutions/11312
Or use Centos 6 repo just for the dependencies.
Regards
Fabrice
Le 2015-08-05 17:02, Rossing, Will a écrit :
Getting the
or some sort of custom ldap attribute?
Paul
*From:*Durand fabrice [mailto:fdur...@inverse.ca]
*Sent:* August 2, 2015 11:30 AM
*To:* packetfence-users@lists.sourceforge.net
*Subject:* Re: [PacketFence-users] Replacing authorized device
Hello Paul,
What you can probably do is the following
to the controller as specified
but the log still shows the AP ip?
Paul
*From:*Durand fabrice [mailto:fdur...@inverse.ca]
*Sent:* July 31, 2015 8:22 PM
*To:* packetfence-users@lists.sourceforge.net
mailto:packetfence-users@lists.sourceforge.net
*Subject:* Re: [PacketFence
Hello Paul,
What you can probably do is the following:
In the role section let's use the 10 value for student and teacher (Only
10 registered devices are allowed per user).
I suppose you are using an Active Directory as authentication source and
you use it to associate the roles.
So let's
Hi Paul,
Ok you have a controller , so use it as the controller ip in switch
configuration
And try:
su - pf
ssh admin@controller_ip
Regards
Fabrice
Le 2015-07-31 22:14, Polar Geek a écrit :
Fabrice,
Sorry missed your reply until now.
At any rate the connection to the AP is refused.
saying that the error message in itself contains an error
and is attempting to connect to the controller as specified but the
log still shows the AP ip?
Paul
*From:*Durand fabrice [mailto:fdur...@inverse.ca]
*Sent:* July 31, 2015 8:22 PM
*To:* packetfence-users@lists.sourceforge.net
*Subject
Hi Daniel,
can you try that:
In lib/fingerbank/DB.pm after :
my $ua = LWP::UserAgent-new;
$ua-timeout(60); # An update query should not take more than 60 seconds
Add this:
$ua-env_proxy;
And restart httpd.admin
Regards
Fabrice
Le 2015-07-31 00:10, Hack, Daniel (DPIPWE) a écrit :
Hi
Hi Hubert,
Interim update has to be configured on the AP side, not on PacketFence side.
Regards
Fabrice
Le 2015-07-31 00:13, Hubert Kupper a écrit :
Hi Fabrice,
should I use PF ZEN 5.3.1 and how to upgrade from ZEN 5.1.? How to do
a interim update of radius in ZEN?
Regards
Hubert
Am
Hello Paul,
what you can do is to check a user with adsiedit.msc to see what are the
attribut to match.
I am not sure that uid is member of AllStaff works but something like
memberof contain cn=AllStaff should be probably better.
Also use pftest to test your rules.
Regards
Fabrice
Le
Hello Andrew,
the smtp server you defined in the profile refuse the connection, fix
that and it will work.
Regards
Fabrice
Le 2015-07-26 12:05, Andrew Taylor a écrit :
Hi,
I installed packetfence pki and followed the instructions on the
packetfence git, everything seems to have worked
Ok so from packetfence are you able to ping 10.1.32.245 ?
Le 2015-07-23 11:34, Kishore a écrit :
Hi Fabrice,
Yes, there is an interface between vlan 11 and juniper switch.
Thank you,
--
Regards,
Kishore Thapa
System Administrator,
The Village,
United Distribution Nepal Pvt.Ltd.,
Hi Andy,
check that
http://www.packetfence.org/downloads/PacketFence/doc/PacketFence_Inline_Deployment_Quick_Guide_ZEN-5.3.0.pdf
(Traffic shaping)
Regards
Fabrice
Le 2015-07-22 19:09, Andy A a écrit :
I am using PF 5.2.0 on CentOS 6.6 in inline mode.
1. Can PF do rate limiting or
Hi Luca,
your certificate expired, this is why you have this issue.
To fix it let's do this and you will be ok for 10 years:
openssl req -x509 -new -nodes -days 3650 -batch -out
/usr/local/pf/conf/ssl/server.crt -keyout
/usr/local/pf/conf/ssl/server.key -nodes -config
Hi Rick,
have a look at
https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Administration_Guide.asciidoc#vlan-filter-definition
and at the file vlan_filters.conf ( connection_type).
Regards
Fabrice
Le 2015-07-13 23:00, Rick Chan 詹益龍 (中光電) a écrit :
HI,
I followed
Hi Luca,
we need logs.
On one side let's do service packetfence start and on the other side
tail -f /usr/local/pf/logs/packetfence.log and paste the log on the
mailling list.
Also did you checked pf.config.conf to see if the db user/password is
correct ?
Did you restart pfconfig?
Regards
Hi,
You can configure a 2nd instance of iscdhcpd (manually configured) on
the management interface.
Regards
Fabrice
Le 2015-07-07 10:54, Vishwanath T. K. a écrit :
Hi All,
Just finished setup of PF version 5.0.2 in VLAN Enforcement mode. As
per the available documentation, my
Not yet
Le 2015-07-08 09:20, Dima Ermakov a écrit :
Good day!
My PacketFence server is DHCP server for my network.
I use it in inline mode.
Can i configure static lease for inline subnet?
--
С уважением, Дмитрий Ермаков.
77 ?
Regards
Fabrice
Le 2015-07-04 21:37, Greg M a écrit :
Hi Fabice,
Many thanks for your email.
When I run the raddebug command and login, there is no entries/logs
displayed during a login/connection to the captive portal.
Thanks,
Greg
*From:*Durand fabrice [mailto:fdur...@inverse.ca
the redirect to the “Internet”
SSID which is bound to VLAN 25 is not working. I’ve confirmed AAA
override option is ticked in the SSID’s.
Regards,
Greg
*From:*Durand fabrice [mailto:fdur...@inverse.ca]
*Sent:* Monday, 6 July 2015 2:30 AM
*To:* packetfence-users@lists.sourceforge.net
*Subject
Hello Greg,
did you configure the WLC (Configuration - Switch) in packetfence ?
What about raddebug -d /usr/local/pf/raddb -t 3000 when you try to
connect on the ssid ?
Regards
Fabrice
Le 2015-07-04 13:35, Greg M a écrit :
Hi,
I am trying to get Packetfence setup with a Cisco WLC 2106
Hi Andy,
Can you check something for me ?
-First service packetfence status
-Next connect the laptop in the inline network and check in
pfdhcplistener.log if you see the dhcp request.
-Next check in the database the locationlog entry if it set to inline:
select * from locationlog where
Hi Mourik,
this is already the case:
https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/lookup/person.pm
Regards
Fabrice
Le 2015-06-21 15:24, mourik jan heupink a écrit :
Hi,
Is there a way to make packetfence take user's details from active
directory? It seems now just the
, and my
firstname, sn, etc are set.
Do I need to configure something special, perhaps? Or do I need to do
pfcmd lookup person EltpidEgt to fill in my other details?
(I am talking about the normal userlist, in the admin gui)
MJ
On 06/21/2015 09:52 PM, Durand fabrice wrote:
Hi Mourik
Hi Steve,
we did simple documentation to configure packetfence in inline mode and
out of band mode.
http://www.packetfence.org/downloads/PacketFence/doc/PacketFence_Inline_Deployment_Quick_Guide_ZEN-5.1.0.pdf
Hello,
have a look in /usr/local/pf/db/ directory, you have the latest mysql
schema to use.
Also define that in pf.conf:
[database]
#
# database.pass
#
# Password for the mysql database used by PacketFence.
pass=packet
#
# database.db
#
# Name of the mysql database used by PacketFence.
db=pf
#
Hello Abdelghafour,
Can you paste the switch port configuration where packetfence has been
plugged ?
The result of: ifconfig
If you use tcpdump -i eth0.2 do you have traffic ?
Regards
Fabrice
Le 2015-06-17 20:56, Abdelghafour Rakhma a écrit :
Can Someone help! I'm really stuck here..!
Hi Dennis,
i got a close issue like that last week because of a regression has been
included in the code.
Can you try to apply this patch:
https://github.com/inverse-inc/packetfence/commit/2c0a27b217931280d6ef4fe80d144e65b454e7a9.diff
Regards
Fabrice
Le 2015-06-17 05:22, Dennis Bühring a
Hi Hugo,
let's try that:
https://github.com/inverse-inc/packetfence/commit/8830ddb52225d85d1ee36d30e466c764e47bfd17.diff
Regards
Fabrice
Le 2015-06-14 13:28, Hugo Rodenburg a écrit :
Hi louis and list,
Hello Experts
I am testing packetfence vlan enforcement with an hp procurve 2524 switch
Maybe just a detail but before do a:
rpm -Uvh
http://inverse.ca/downloads/PacketFence/RHEL6/x86_64/RPMS/packetfence-release-1-2.centos6.noarch.rpm
Le 2015-06-12 21:51, James Rouzier a écrit :
Then you can do the following.
yum install yum-utils
sh
Hi Dima,
really simple, just do that:
dns=10.0.20.1,10.0.20.2,10.0.20.3
and pfcmd service dhcpd restart
Regards
Fabrice
Le 2015-06-02 07:10, Dima Ermakov a écrit :
Good day!
This is part of my networks.conf file.
Can I add second DNS server to this network definition?
[10.0.0.0]
Nothing really interesting in the log.
Try that, i did a patch for inline layer 2.
https://github.com/inverse-inc/packetfence/commit/c3cf7ea6976ec802bf119e640ecc42dfe9b070f7
Le 2015-06-02 08:53, Dima Ermakov a écrit :
It is my logs.
On 2 June 2015 at 15:45, Durand fabrice fdur...@inverse.ca
In fact i m just able to replicate with an inline l2 interface not with
inline layer 3.
Can you send me what you have in httpd.admin.log and httpd.admin.catalyst ?
Regards
Fabrice
Le 2015-06-02 08:30, Durand fabrice a écrit :
You are true, there is a bug.
Let me check the code and i
...@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific than Re:
Contents of PacketFence-users digest...
Today's Topics:
1. Packetfence SMS Email Registration (Lewis Jr, Kevin)
2. Re: Packetfence SMS Email Registration (Durand fabrice)
3. DNS networks.conf
2015 at 16:10, Durand fabrice fdur...@inverse.ca
mailto:fdur...@inverse.ca wrote:
Nothing really interesting in the log.
Try that, i did a patch for inline layer 2.
https://github.com/inverse-inc/packetfence/commit/c3cf7ea6976ec802bf119e640ecc42dfe9b070f7
Le 2015-06-02 08:53
Hello Minh,
i suppose you are running centos.
Did you find this file libasync_wmi_lib.so.0 ?
What happen if you do a ldconfig ?
Did you try to reinstall wmi from PacketFence repo ?
Regards
Fabrice
Le 2015-05-27 04:05, Minh Trung a écrit :
Hello experts,
I did follow as the procedure upgrade
Hello,
the thing is with a WLC you send the deauth request to the wlc himself.
For aerohive you send the request to the AP, so if the device move from
one AP to another then packetfence must know that the device move.
It's why we added roaming support for aerohive in PacketFence.
So the
@vmvnnetsec01 logs]#
I can not found link to install wmi from PacketFence repo? Could you
please show me?
Thank in advance,
On 27 May 2015 at 17:38, Durand fabrice fdur...@inverse.ca
mailto:fdur...@inverse.ca wrote:
Hello Minh,
i suppose you are running centos.
Did you find this file
Hello Lee,
yes it's possible, just use a null authentication source on the portal
profile.
Regards
Fabrice
Le 2015-05-26 04:54, fogi fogi a écrit :
Hi,
I’m currently working on a lab test. The criteria’s are the following
user login via an open Wi-Fi infrastructure which the end-user
on switch L2 to
default(Vlan1)?
Any help is appreciated,
Thanks regards,
On 2 April 2015 at 00:46, Durand fabrice
fdur...@inverse.ca mailto:fdur...@inverse.ca wrote:
Hello Minh
Hello Nicola,
can you send us a screenshot ?
Regards
Fabrice
Le 2015-05-11 05:47, Nicola Canepa a écrit :
Hello, I have a cosmetic problem on PacketFence 4.3.0.
When going in the print page for a user's password, I get a page which
is missing all the HTML except for what is in print.tt
Hi Michael,
Le 2015-05-10 21:58, Michael De Abreu a écrit :
Hi!
Thanks in advance. I'm a Software Engineer last year student, but not
really familiar with any networking knowledge. I know the basics
things. Really not familiar with VLANs or anything.
In the internships I was told to do a
Hi David,
this is exactly what we are working on.
We made a branch (fix/mandatory_fields) that fix that. If you want you
can try to apply the patch of this branch to your setup
(https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/516.diff).
Also it will be available in
Hi
/usr/local/pf/conf/iptables.conf is the template and
/usr/local/pf/var/conf/iptables.conf is the generate file.
So add your rules in the template or if you just want to enable nat on a
specific interface then use the interfaceSNAT parameter (cf
documentation.conf)
Regards
Fabrice
Le
Hi Mourik,
can you retry ?
Regards
Fabrice
Le 2015-05-05 03:27, mourik jan heupink a écrit :
Hi Louis,
Thanks for the bugfix release, however, there seems to be a problem with
fingerbank?
root@pf:~# apt-get install packetfence
Reading package lists... Done
Building dependency tree
Hi Chris,
have a look at the vlan_filters.conf.
Regards
Fabrice
Le 2015-05-04 14:56, Chris Abel a écrit :
Hello all,
I have a few devices that I am configuring a new SSID with. I would
like these devices to auto-register with PF since they are shared
devices and used by multiple people.
Hi Cheslin,
let's do:
yum cleanall
yum makecache --enablerepo=packetfence
yum update packetfence --enablerepo=packetfence
Regards
Fabrice
Le 2015-04-17 03:14, Bagley, Cheslin (Mr) (Summerstrand Campus North) a
écrit :
When I run command “yum update packetfence --enablerepo=packetfence”,
Hello Nicolas,
i am not sure to really understand what you want to achive.
Since you can use eth0 (switch port access) for management and eth1
(switch port mode trunk) for registration/isolation interface.
Also i will available on #packetfence freenode irc channel if you want
to chat. (in 1
Hi Adrian,
my bad, i am a little bit tired ;-)
In fact it doesn't really matter to match the SUBDOMAIN realm for
machine authentication, let me explain why.
For user auth we need to strip the username (SUBDOMAIN/user) to be able
to match the username without the domain on the sAMAccountName
::Catalyst_2960::returnRadiusAccessAccept)
2015-04-02 17:33 GMT-03:00 Durand fabrice fdur...@inverse.ca
mailto:fdur...@inverse.ca:
Ok so you use vlan_filter too, so i need more details.
Can you provide these files:
vlan_filters.conf
profile.conf
authentication.conf
Regards
Fabrice
Le 2015
an undefined value. Stopping processing and making unreg date
undefined. (pf::config::dynamic_unreg_date)
2015-04-02 16:13 GMT-03:00 Durand fabrice fdur...@inverse.ca
mailto:fdur...@inverse.ca:
Hello Sergio,
let's configure a portal profile with filter switch : x.x.x.x and
add
?destination_url=http%3A%2F%2Fwww.packetfence.org%2F HTTP/1.1
302 366 - Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36
Em 31-03-2015 20:56, Durand fabrice escreveu:
Hello Liliane,
can you try that:
cd /usr/local/pf
wget
https://github.com
Hello Michael,
Portal preview is a reverse proxy from the admin gui to the portal and
it is just use to see what the portal look like.
Simple authentication source should work well but complex auth source
like OAuth2 is more complicate to make it work through a reverse proxy.
So it's not
access
speed 1000
duplex full
!
interface GigabitEthernet7/6
description ### To KFVNVM02_NIC6 ###
switchport trunk allowed vlan 122,126,127,210,220,230
switchport mode trunk
speed 1000
duplex full/
Any help is appreciated,
Best regards,
On 30 March 2015 at 23:01, Durand fabrice fdur
Hi Pete,
it's a know issue with the WLC, let's try that
https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Administration_Guide.asciidoc#dhcp-remote-sensor
Regards
Fabrice
Le 2015-03-31 10:09, Pete Hoffswell a écrit :
We are bringing a couple old wireless lan controllers
Hello Liliane,
can you try that:
cd /usr/local/pf
wget
https://github.com/inverse-inc/packetfence/commit/ab750b40c7ae622bc0c98dbff81f7c4eb1e3e2ee.diff
patch -p1 ab750b40c7ae622bc0c98dbff81f7c4eb1e3e2ee.diff
and restart the portal (pfcmd service httpd.portal restart)
Regards
Fabrice
Le
of any parts?
Any help is appreciated,
Regards,
On 28 March 2015 at 23:17, Durand fabrice fdur...@inverse.ca wrote:
Hello Minh,
has you probably notice there is no RX traffic on eth0.210 and eth0.220
and eth0.230 so it's probably a switch configuration issue.
Check on the switch port where
-27 11:34, Trung minh a écrit :
Hello Fabrice,
With network diagram as my first posted, do i need to create vlan reg and iso
or other vlan on Lan switches and Core switches?
Which case i should use ip helper to point to pf?
Best regards,
-Original Message-
From: Durand fabrice fdur
Hi David
pfbandwidth just decrement bandwidth_balance and not to have stats.
I plain to integrate http://www.pmacct.net/ when i will have time to
have bandwidth stats of inline network.
Regards
Fabrice
Le 2015-03-26 10:48, David Martinez a écrit :
Hi,
I have PF 4.7.0 in debian wheezy with
is the wifi packetfence will manage and eth0 is the wired ethernet into
our system that has the default route.
regards
Steven
From: Durand fabrice fdur...@inverse.ca
Sent: Thursday, 26 March 2015 10:13 a.m.
To: packetfence-users@lists.sourceforge.net
Subject: Re
Hi,
as i remember you have to enable debian non-free repo.
Regards
Fabrice
Le 2015-03-24 18:10, Steven Jones a écrit :
Hi,
Following the 4.7 admin guide, page 15 I just did a apt-get install packetfence
and I an get an error,
some packages could not be installed
snmp-mibs-downloader is
Hello David,
Did you defined something specific in packetfence-tunnel ?
Did you defined a host Realm in packetfence ?
Regards
Fabrice
Le 2015-03-23 13:17, Hagenbucher, David a écrit :
Hello List,
i am trying to get machine auth with certificates working. I had it working
in version 4.3.0
Hello Steven,
for the tables you can check in db directory ( pf-schema-4.7.0.sql) and
for the permissions:
GRANT SELECT,INSERT,UPDATE,DELETE,EXECUTE,LOCK TABLES ON $db.* TO
?\@${host} IDENTIFIED BY ?;
GRANT DROP ON $db.radius_nas TO ?\@${host} IDENTIFIED BY ?;
Regards
Fabrice
Le
Hi Steven,
Inline setup is really simple to do.
In packetfence define a management interface and an inline interface
(Type:inline layer 2, DNS:8.8.8.8).
Also don't forget to enable ip_forward.
Now connect a laptop in the inline network and if you are unreg then you
will hit the portal. If
Hello Minh,
your packetfence config looks ok, now next step is to configure your
cisco switch, so let's check the documentation:
https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Network_Devices_Configuration_Guide.asciidoc#cisco
If your cisco switch support MAB then use
Hi Anand,
let's follow this guide first to understand how to configure packetfence:
https://github.com/inverse-inc/packetfence/blob/devel/docs/PacketFence_Cisco_Quick_Install_Guide.asciidoc
And here a schema to understand how to configure your network with
packetfence:
?
Or if possible everything except mysql as I want to do a seperate mysql cluster.
regards
Steven Jones
B.Eng (Hons)
Technical Specialist - Linux RHCE
Victoria University ITS,
Level 8 Rankin Brown Building,
Wellington, NZ
6012
0064 4 463 6272
From: Durand fabrice
Hello Denis,
your setup looks like a inline setup.
When you define an inline interface then we use iptables/ipset to
allow/deny access to internet.
You currently hit a registration interface that try to deauth your
device but you probably have errors in packetfence.log.
So reconfigure your
Hello Nicola,
Le 2015-03-10 12:31, Nicola Canepa a écrit :
Thank you very much.
I tried some commands, and I got “200 OK” as an answer and an empty “result”,
but nothing hapened on the DB.
For example (from Linux, with cURL):
curl -kv -u `awk -F= '/^\[/ { ws=0; } ; /^\[webservices\]/
Hello Leja,
you can use this:
for TRANSLATION in de en es fr he_IL it nl pl_PL pt_BR; do
/usr/bin/msgfmt conf/locale/$TRANSLATION/LC_MESSAGES/packetfence.po \
--output-file conf/locale/$TRANSLATION/LC_MESSAGES/packetfence.mo
done
Btw if you have a better translation you can update
Hi Steve,
so you just have to define Active Directory source and email source on
the default portal.
Change that and use the preview button on the default portal config and
you will see that depending of the selected sources the portal will change.
Regards
Fabrice
Le 2015-02-27 04:56,
Hello Rosario,
can you send me a screenshot of the passthrough configuration section ?
Regards
Fabrice
Le 2015-02-26 04:48, Rosario Ippolito a écrit :
Thanks Fabrice, but Passthrough does not work even without the ssl
websites... I am redirected again to the Captive-Portal..
Regards,
Ok so now can you check if there is something in
/usr/local/pf/logs/pfdetect.log ?
Le 2015-02-20 05:43, Rosario Ippolito a écrit :
Ok Fabrice, now I can see the alert for the rule alert tcp any any any
80 (msg: Test rule; sid: 101;) , but PacketFence doing nothing with
this violation
Hello Gregory,
do you have the log when the device try to connect ?
Something like cat packetfence.log| grep mac-address
Regards
Fabrice
Le 2015-02-18 18:54, Thomas, Gregory A a écrit :
Evening,
I upgraded to 4.6 the day it came out and all seemed to be fine.
Currently, I am getting random
Hello,
i have a question about the port where the hub has been connected, why
don´t you try to use authentication host-mode multi-auth configuration
on this port ?
Regards
Fabrice
Le 2015-02-19 05:42, Boris Epstein a écrit :
Scott,
Thanks, this is interesting. Why would there be no
801 - 900 of 1001 matches
Mail list logo
