Re: [PacketFence-users] Windows 10 & Kaspersky

2016-09-07 Thread Tim DeNike
Solving the issue is simple. Block the traffic. The rest will work itself out. People need to learn to not do things that break the Internet. Using 3rd party DNS servers like that causes decreased performance of the interwebzz. Sent from my iPhone > On Sep 7, 2016, at 6:54 PM, Sallee, Jake

Re: [PacketFence-users] Windows 10 & Kaspersky

2016-09-07 Thread Sallee, Jake
I didn't see anyone else reply to this so here is what we are seeing. Scenario 1: (less likely) Some AV vendors (Kaspersky being one) are installing a DNS proxy with the AV software and are tunneling all DNS traffic to their own servers. I did some research a while ago into this and found

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Jason 'XenoPhage' Frisvold
On 9/7/16 17:22, Jason 'XenoPhage' Frisvold wrote: > Aha.. found it. Ok, so I have cleartext passwords now. Just trying to > get 802.1x to behave now.. Ok, so very close to having this working now. I can log in via 802.1x, the user/pass is checked, radius returns an accept. However, the

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Jason 'XenoPhage' Frisvold
On 9/7/16 17:04, Jason 'XenoPhage' Frisvold wrote: > Which is what I see in the database as well. That's obviously not a > cleartext password, though.. Is there an option I need to enable to > turn on cleartext passwords? Aha.. found it. Ok, so I have cleartext passwords now. Just trying to

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Jason 'XenoPhage' Frisvold
On 9/7/16 16:52, Louis Munro wrote: > Try to find the radius debug section where it actually looks up the user > in the database. > > It may not be finding it, or finding another. > If the password is right, the username must be wrong... Ok, so looks like I found it here : (11) pflocal:

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Louis Munro
Try to find the radius debug section where it actually looks up the user in the database. It may not be finding it, or finding another. If the password is right, the username must be wrong... > On Sep 7, 2016, at 4:49 PM, Jason 'XenoPhage' Frisvold > wrote: > > On

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Jason 'XenoPhage' Frisvold
On 9/7/16 16:23, Jason 'XenoPhage' Frisvold wrote: > Wed Sep 7 16:14:39 2016 : Auth: (8) Login incorrect (mschap: > MS-CHAP2-Response is incorrect): [testuser] (from client 192.168.10.10 > port 50101 cli xx:xx:xx:xx:xx:xx via TLS tunnel) So, the googles tell me that this means that the

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Jason 'XenoPhage' Frisvold
On 9/7/16 15:36, Louis Munro wrote: > Also, check that you have enabled local auth by uncommenting line 98 in > conf/radiusd/packetfence-tunnel. Ah, well.. That wasn't set properly.. Is that in the documentation somewhere and I overlooked it? I already owe you beer from that last time we did

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Louis Munro
Also, check that you have enabled local auth by uncommenting line 98 in conf/radiusd/packetfence-tunnel. > On Sep 7, 2016, at 3:31 PM, Louis Munro wrote: > > Hi Jason, > > It's trying to use winbind for authentication. > Assuming you want to use locally defined users, it

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Jason 'XenoPhage' Frisvold
Interestingly, MAB works just fine. After 802.1x fails I can open a web page and log in via the packetfence portal ... On 9/7/16 15:23, Jason 'XenoPhage' Frisvold wrote: > Hi all, > > I'm trying to set up a new packetfence instance to authenticate via > 802.1x. I'm working on wired only

Re: [PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Louis Munro
Hi Jason, It's trying to use winbind for authentication. Assuming you want to use locally defined users, it should not do that. Can you send the output to # radiusd -d /usr/local/pf/raddb -n auth -X Please? It should tell us why it's doing that. > On Sep 7, 2016, at 3:23 PM, Jason

[PacketFence-users] 802.1x and radius error : Reading winbind reply failed

2016-09-07 Thread Jason 'XenoPhage' Frisvold
Hi all, I'm trying to set up a new packetfence instance to authenticate via 802.1x. I'm working on wired only right now but will be adding wireless shortly. I'm running into a problem, though, as shown in the error pasted below. I'm only looking to use users defined in the

[PacketFence-users] Windows 10 & Kaspersky

2016-09-07 Thread Thomas, Gregory A
All, Is any one else having problems with Windows 10 and Kaspersky AV? I am having multiple folks that can connect to the network, but the browser reports: No Connection. Any clues on what I may need to change on my side or advice to give them to connect. -- Gregory A. Thomas Student Life

[PacketFence-users] parking violation bug?

2016-09-07 Thread Morris, Andi
Hi all, I've setup parking to trap devices that have been in the setup portal for over 3600 seconds, however I noticed a huge amount of users were triggering the violation. After doing some testing with my own phone I found that this was triggering after just 9 minutes. I can't see how I've