t;
>
> *From:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@lists.sourceforge.net]
> *Sent:* Monday, January 15, 2018 6:01 AM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Fabrice Durand
> *Subject:* Re: [PacketFence-users] PKI provisioning conf
Hello Raphael,
can you try that:
in /usr/local/pf/
patch -p1 --dry-run < status.diff
and if there is no error:
patch -p1 < status.diff
and restart packetfence.
Let me know if it works, i will push it in the main code.
Regards
Fabrice
Le 2018-01-15 à 18:01, Raphael Dias via
Hello,
you can play with iptables.conf in the conf directory in order to add
your custom rules.
Regards
Fabrice
Le 2018-01-15 à 11:18, lists via PacketFence-users a écrit :
> Hi,
>
> We're using packetfence in inline modus for our wifi (10.10.10.0/24)
> segment. The external packetfence
e?
>
> Luca
>
>
>
> *Da:* Fabrice Durand <fdur...@inverse.ca>
> *Inviato:* lunedì 15 gennaio 2018 15:10
> *A:* luca comes; Fabrice Durand via PacketFence-users
> *Oggetto:* Re: R: [PacketFence-users] no httpd portal in a Cluster
>
Hello Yan,
does AD1 and AD2 are the same ? (same domain/users ...)
Regards
Fabrice
Le 2018-01-15 ?? 00:41, Yan a ??crit?0?2:
> Hi Durand,
>
> I installed a netdata in my pf server and not found any network issue
> yet(I'm learning to use it). But there is another case I'm not sure if
> it is
t; ip=172.27.17.3
> type=management,high-availability
> mask=255.255.255.0
>
> [pfnac03 interface ens192.2445]
> enforcement=vlan
> ip=10.255.20.10
> type=internal
> mask=255.255.255.0
>
> [pfnac03 interface ens192.2446]
> enforcement=vlan
> ip=10.255.30.10
> ty
Hello Eugene,
Le 2018-01-13 à 02:59, E.P. via PacketFence-users a écrit :
>
> Folks,
>
> Our two big shots in the organization live their lives with Apple
> macbooks and we need to get them on the secure WiFi.
>
> Can someone explain me where and how to get the content of
> certificates that are
Hello Lucas,
can i have the cluster.conf file ?
Regards
Fabrice
Le 2018-01-15 à 05:10, luca comes via PacketFence-users a écrit :
>
> Hi all,
>
> I've successfully migrated a single node infrastructure to a full 3
> node cluster, all things has gone well but I have only one problem.
> After
gt;
>
>
> 2018-01-10 20:50 GMT-03:00 Durand fabrice <fdur...@inverse.ca
> <mailto:fdur...@inverse.ca>>:
>
> Hello André,
>
> so you have to choose nessus6 and not nessus.
>
> Restart
>
> Fabrice
>
>
>
> Le 2018-01-10 à
Hello André,
what is the version of nessus ?
Regards
Fabrice
Le 2018-01-10 à 15:59, André Scrivener via PacketFence-users a écrit :
> Hey guys!
>
>
> I'm enabling nessus to scan hosts, but I'm trying out these logs below:
>
>
> Jan 10 18:33:25 packetfence pfqueue: pfqueue(12693) INFO:
>
alidating server certificate, same results,
> reason - eap_tls: SSL says error 20 : unable to get local issuer
> certificate
>
>
>
> Eugene
>
>
>
> *From:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@lists.sourceforge.net]
> *Sent:* Wedne
Hello Yan,
i checked the logs and all looks to be ok, 802.1x authentication works
correctly.
What i can imagine that you maybe lost the connection between
PacketFence and the AP/Controller or maybe a cache on the AP/Controller.
What you can do to check that is to install netdata on the
Hello Yan,
you need to check on the PacketFence side what happen:
run that (raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000) , try
to connect and paste the result
Also take a look in audit in packetfence gui and check for a mac address
where you have the issue.
Regards
Fabrice
Le
Hello Eugene,
you probably need to import the CA certificate or uncheck verify server
certificate in your supplicant config.
Regards
Fabrice
Le 2018-01-10 à 03:57, E.P. via PacketFence-users a écrit :
>
> And here comes the culmination of my saga with PKI ;)
>
> Actually, I was slowly going
Hello Eugene,
Le 2018-01-09 à 03:01, E.P. a écrit :
>
> Couple of questions on PKI, Fabfice
>
>
>
> 1. How would I change the password for admin user in PKI. The
> “User Management” section gives me the option of editing the admin
> user but I can’t see the password change option
>
>
>
Hello All,
just to clarify some points.
First realmd can't be used because we have to use ntlm_auth in
Freeradius to authenticate user for eap/peap mschap v2.
Next, Configuration → Policies and Access Control → Domains → Active
Directory Domains – Add Domain is only to join the machine to a
secret = <<< secret >>>
>
> nas_type = "other"
>
> proto = "*"
>
> limit {
>
> max_connections = 16
>
> lifetime = 0
>
> idle_timeout = 30
>
> }
>
> }
>
> cl
Just for information, i uploaded a new version of the packetfence-pki
for centos7 who fix all the install issues.
Regards
Fabrice
Le 2017-12-12 à 23:58, E.P. a écrit :
>
> Well, I’m taking my hat off in front of you, no kidding and pun
> intended ;)
>
> Do you need traceback from the error
vlan 3
>> name "Isolation"
>> exit
>> vlan 4
>> name "Mac detection"
>> exit
>> vlan 5
>> name "Guest"
>> exit
>> vlan 100
>> na
Hello Jeremy,
do you have any documentation related to the support of the VoIP on the
Aruba switch ?
There is probably a vsa attribute to return when PacketFence detect that
a phone is plugged on a switch port.
If the vsa exist then it will be easy to add the VoIP support for the
Aruba
Hello,
what you can do is to connect in the sqlite db and update the password.
sqlite3 db.sqlite3
UPDATE "auth_user" set
password='pbkdf2_sha256$2$Z2Lhr1cW8QM0$mN9PtNhxneIDzApqFa4uG8V44IXqHe+r7yootSoSzJQ='
where username='admin';
the password is p@ck3tf3nc3
Regards
Fabrice
Le
Hello Ivan,
what you can do is the following:
/usr/local/pf/bin/pfcmd service radiusd generateconfig
/usr/sbin/radiusd -d /usr/local/pf/raddb -n auth -fxx -l stdout
And paste the debug if the service is not able to start.
Regards
Fabrice
Le 2018-01-03 à 09:31, Auger, Ivan (ITS) via
bb5eafe.png
>
> https://i.imgsafe.org/05/05bbd86ab4.png
>
>
>
> Also please make sure you have the latest UniFi AP and controller
> firmware as they were just updated a few days ago.
>
>
>
> See my earlier post on the PacketFence-User
"useStrongerSecret"
> exit
> radius-server host auth 172.16.0.2
> name "PacketFence"
> usage 802.1x
> key "useStrongerSecret"
> exit
> !
> interface Gi1/0/11
> switc
t;>
>>>> Just a thought, but can you change the deauthentication method to
>>>> HTTPS and specify the UniFi controller IP? See my setup below:
>>>>
>>>>
>>>>
>>>> https://i.imgsafe.org/0c/0cff2c7f19.png
>>>>
>>
Hello André,
First you need to check on the switch side if the mac address of the
device is in the vlan 300.
Next a registration vlan is a vlan managed by PacketFence, so you need
to enable dhcp on the vlan 300 and 600.
Another thing i can see is that the interface enp0s8.300 (vlan 300) use
the
For me it looks that 172.19.254.2 is define twice.
Can you do in /usr/local/pf/raddb:
grep 172.19.254.2 * -r
Also can you try to run radiusd in debug mode and see if you can see
172.19.254.2 (radiusd -d /usr/local/pf/raddb -n auth -X)
Regards
Fabrice
Le 2017-12-29 à 01:26, E.P. a écrit :
Hum if it's a cluster then omapi will not work on one of them (dhcpd
only run on 2 of the 3 servers).
What you can do is just to disable omapi.
Regards
Fabrice
Le 2017-12-20 à 05:12, Luís Torres via PacketFence-users a écrit :
>
> I didnt..., and yes its a cluster.
>
> Should I use in all
gt; other thing I can check?
>
>
> Thanks
>
>
> Luca
>
>
>
> ----------------
> *Da:* Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net>
> *Inviato:* venerdì 15 dicembre 2017 14:46
> *A:* packetfence-users@lists.sourceforge.net
> *Cc:* F
Hello,
yes if the ios is not something completely exotic it should be ok.
Regards
Fabrice
Le 2017-12-15 à 06:25, Tomasz Karczewski via PacketFence-users a écrit :
>
> Does it have different cisco ios?
>
>
>
> Tomasz Karczewski
>
> Administrator Sieci
>
>
>
> olman
>
>
>
>
Hello Luca,
if you want faster answer you can buy a support contract with Inverse.
I answer on the mailing list when i have time to do it and most of the
time i am busy.
So the packetfence.log is not enough complete because what is
interesting is just a after and we should suppose to see
Hello Luís,
the only solution i can see is to raise the server resources
Regards
Fabrice
Le 2017-12-14 à 10:05, Luís Torres via PacketFence-users a écrit :
>
> Hi mates,
>
>
>
> is there a way to speed up the opening of the portal webpage? in the
> cluster it takes a few seconds to open it...
as an
> option in the UniFi controller when you choose WPA Enterprise. You
> can see screenshots of my setup below:
>
> https://i.imgsafe.org/05/ 05bb81f5b4.png
> <https://i.imgsafe.org/05/05bb81f5b4.png>
> https://i.imgsafe.org/05/ 05bbd86ab4.png
>
Just on one of them, right ?
If it's the case then it's normal.
Le 2017-12-12 à 14:22, Luís Torres via PacketFence-users a écrit :
>
> Hi mates,
>
>
>
> manage to recover the cluster but now the dhcp wont start. Gives me
> the error:
>
>
>
> /usr/local/pf/bin/pfcmd service dhcpd restart
>
n assignment on open SSIDs? For open networks it only lets me
> specify a static VLAN to use.
>
> Thanks!
>
> Sent from mobile phone
>
> On Dec 12, 2017, at 07:41, Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net
> <mailto:pa
Hello Yan,
you need to patch packetfence:
cd /usr/local/pf
curl
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/2530.diff
| patch -p1
Then restart all the services.
On the Ruckus side i don't know, i have no documentation.
Btw if you have screenshot of how to set
Hello Timothy,
you must enable that:
https://raw.githubusercontent.com/inverse-inc/packetfence/ae18f50b4879cc2d4132490fcee33f2fbe53b36f/docs/images/unifi-radius.png
Regards
Fabrice
Le 2017-12-12 à 01:37, Timothy Mullican via PacketFence-users a écrit :
> Hello all,
> I am trying to setup a
Ok so it should work with coovachilli on openwrt.
There is a module in PacketFence for that.
Regards
Fabrice
Le 2017-12-12 à 07:36, Luca Fois via PacketFence-users a écrit :
> Hi;
>
> Thanks for your quick reply
> I will use a ubiquiti picostation m2 with openwrt.
>
> I think its better than
Just change the owner of the sqlite file to pf and it should be ok.
Btw all these steps are made in the packaging, so it probably failled or
never finish correctly.
I will do a test on my side.
Regards
Fabrice
Le 2017-12-12 à 03:47, E.P. a écrit :
>
> Well, we are getting closer ;)
>
> Ran
hed Dependency Resolution
>
> Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
> (packetfence-extra)
>
> Requires: python-django-rest-framework
>
> Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
> (packetfence-extra)
>
> Requir
Hello Eugene,
can you try:
yum makecache --enablerepo=packetfence,packetfence-extra
yum install packetfence-pki --enablerepo=packetfence-extra, packetfence
Regards
Fabrice
Le 2017-12-11 à 16:03, E.P. via PacketFence-users a écrit :
>
> Hi guys,
>
> I’m trying to follow the guide published
Le 2017-12-08 à 09:45, Benoît Dubé via PacketFence-users a écrit :
>
> Merci beaucoup Fabrice,
>
>
> When external users are redirected to the PacketFence portal, IP
> packets contain the user's IP. I can install the DHCP remote sensor
> on the server, but question is why to do that if the IP
Hello Jeremy,
does the Aruba Switch run Arubas OS or is it something like HP Os ?
Regards
Fabrice
Le 2017-12-06 à 09:07, Jeremy Plumley via PacketFence-users a écrit :
>
> I’m looking into possibly replacing some of our access layer switch
> needs with Aruba Networks switches. I notice in
Hello Yan,
you also need to register the device.
so something like that:
[pf_ssid]
filter = ssid
operator = is
value = PF-Wireless
[SG1_switch]
filter = switch._ip
operator = is
value = 172.11.5.121
[reg_by_switch:pf_ssid_switch]
scope = RegistrationRole
action = modify_node
action_param =
47:37 -0500] "192.168.2.223" "GET
> /Ruckus?sip=192.168.2.100=58b63311d5e0_mac=60f81dc3e758=192.168.2.126==ZoneDirector218.domain.com
> <http://ZoneDirector218.domain.com>=http%3a%2f%2fcaptive.apple.com
> <http://2fcaptive.apple.com>%2fhotspot%2ddetec
Hello Ricardo,
i am not seeing what is wrong but it's not suppose to have that in the
log: Can't re-evaluate access because no open locationlog entry was found
Can you put the portal in debug mode ?
conf/log.conf.d/httpd.portal.conf:
### httpd.portal logger ###
log4perl.rootLogger = INFO,
https://github.com/inverse-inc/packetfence/pull/2735
Le 2017-11-24 à 08:48, Gonzague Dambricourt a écrit :
> Yeah for now . .UniFi doesn’t support CoA :(
>
>> Le 24 nov. 2017 à 14:46, Fabrice Durand via PacketFence-users
>> <packetfence-users@lists.sourceforge.net
>>
Hello Spencer,
you can use something like that:
https://www.ubnt.com/unifi/unifi-ap-ac-lite/
There is only a limitation with 802.1x (i hope Ubiquiti will fix it) but
mac auth should be ok.
Regards
Fabrice
Le 2017-11-24 à 06:11, Spencer Hazell via PacketFence-users a écrit :
>
> Hi
>
>
>
Hello,
try first to restart packetfence-config
systemctl restart packetfence-config
and do a pfcmd configreload hard
Regards
Fabrice
Le 2017-11-23 à 07:07, Samuel Chege via PacketFence-users a écrit :
> You can also try to remove the package called kf5-kio-widgets FIRST
> before
Hello Yan,
use proxy_passthroughs=123.23.1.2 instead of passthroughs=123.23.1.2 and
retry.
Regards
Fabrice
Le 2017-11-22 ?? 10:26, Yan via PacketFence-users a ??crit?0?2:
> In short, I want to know if it is possible to use PF's Captive Portal
> detection mechanism to pop out the captive
Hello Jason,
Le 2017-11-21 à 23:40, Jason Sloan a écrit :
> Fabrice,
>
> Totally understand being busy. Thanks for the reply. I was actually
> able to get this working a few hours ago, and hadn't had time to post
> a reply. I'm not sure what did it, perhaps adding "strip" to the realm
> options
Hello,
this is normal, the dhcp can run only on 2 off them.
Regards
Fabrice
Le 2017-11-17 à 14:35, Tobias Friede via PacketFence-users a écrit :
> Hi,
>
> I have the same problem, maybe that behavior is normal?
>
> My Cluster is a PF 7.2 Cluster.
>
> Greetings
> Tobias
>
> 2017-11-17 16:34
Hello Pedro,
it looks that it's a reevaluation issue, can you provide the
packetfence.log ?
What controler/AP are you using in your POC ?
Regards
Fabrice
Le 2017-11-17 à 13:03, Pedro Trindade via PacketFence-users a écrit :
> Hello all, I've been trying to make a Packetfence 7.3.0 POC on a
ter = pf::access_filter::radius->new;
> my $rule = $filter->test('returnAuthorizeRead', $args);
> ($radius_reply_ref, $status) =
> $filter->handleAnswerInRule($rule,$args,$radius_reply_ref);
> return [$status, %$radius_reply_ref];
> }
Hum ok, really weird.
It looks that first when the device connect on the port 2/43 802.1x
failed so it start mac auth but just after that the port goes down and a
new request is coming from the port 5/3.
When this happen, can you check in the mac-address-table where is the
mac address (before
Hello Yan,
it looks that the pid ( the person ) doesn't exist on your setup.
So check in the person tab if you can find it (the person id appear just
before the error in the log).
Regards
Fabrice
Le 2017-11-16 ?? 05:21, Yan via PacketFence-users a ??crit?0?2:
> Hi dear users,
>
> We use PF
;
> Maybe the bug is related to this:
> https://quickview.cloudapps.cisco.com/quickview/bug/CSCve85309 ?
>
> Il 15/11/2017 22:50, Fabrice Durand via PacketFence-users ha scritto:
>> Hello Cristian,
>>
>> so i am able to replicate it and it looks to be a bug with
Hello Cristian,
so i am able to replicate it and it looks to be a bug with the ios version.
Let's say i have a nothing connected on the port Gi1/0/8, if i do that:
Switch#sh interfaces gigabitEthernet 1/0/8
GigabitEthernet1/0/8 is administratively down, line protocol is down
(disabled)
Ok so here the patch
https://github.com/inverse-inc/packetfence-pki/commit/c66ef2ab34964caecda3d2cdff1c956656227ffc.diff
Regards
Fabrice
Le 2017-11-15 à 08:56, Fabrice Durand via PacketFence-users a écrit :
>
> Ok i am able to replicate it, let me fix it and i will give you a
Ok i am able to replicate it, let me fix it and i will give you a patch.
Regards
Fabrice
Le 2017-11-14 à 22:41, Jason Sloan a écrit :
> Sorry, I should have included the values.
> I wasn't sure if the values should be comma delimited or not. I tried
> both comma and space delimited.
>
> KU:
>
ha scritto:
>> If you mean PacketFence is 7.3.0
>> If you mean IOS: Cisco IOS Software, C2960X Software
>> (C2960X-UNIVERSALK9-M), Version 15.2(2)E6, RELEASE SOFTWARE (fc1)
>>
>>
>> Il 19/10/2017 16:41, Fabrice Durand via PacketFence-users ha scritto:
&
Ok let me fix that.
Btw you can remove the file initial_data.json and do a python manage.py
syncdb.
Le 2017-11-14 à 04:12, Jason Sloan a écrit :
> Looks like there's 2 more dependencies
> python-ipaddress
> python-idna
>
> Then it looks like I'm bombing out on an initial data load of some
Hello Marcus,
in the device registration page there is no way to allow the end user to
choose the role.
You define it or PacketFence use the same one of the user.
Also Julien did this sort of thing you want to use on the device
registration page but for the captive portal.
f, $status) =
> $filter->handleAnswerInRule($rule,$args,$radius_reply_ref);
> return [$status, %$radius_reply_ref];
> }
>
> Then restart PacketFence.
>
> Let me know if it works.
>
> Regards
>
> Fabrice
>
>
>
>
>
> Le 2017-11-11 à 02:41, Al
Hello Alessandro,
what is the type of the switch ?
Regards
Fabrice
Le 2017-11-10 à 09:44, Alessandro Canella via PacketFence-users a écrit :
>
> Hello all,
>
>
>
> I solved everything (thanks to all..) ando now I0m investigating about
> this:
>
>
>
>
>
>
>
> Nov 10 13:37:03
Hello Tobias,
did you changed the html template files ?
Because the progress bar is there by default.
Regards
Fabrice
Le 2017-11-09 à 04:32, Schimanski Tobias via PacketFence-users a écrit :
>
> Hey guys
>
>
>
> my packetfence didn’t show the progress bar after login. It shows an
> error
ese accounts have only user management rights.
>
> Regards,
> Nicolay
>
>
> 2017-11-07 22:17 GMT+01:00 Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net>>:
>
> Hell
Hello Michel,
did you define a device registration profile and did you assign it to
your connection profile ?
In 7.3 you can create multiples connection profile and assign one of
them to a connection profile.
Regards
Fabrice
Le 2017-11-09 à 01:20, Pedersen Michel via PacketFence-users a
e shown only if I click "today" but "Operating
>> Systems" or "Bandwidth Consumers" show the "What's going on..."
>> message. When I click "7 days" or older, "Node States" is empty but
>> the other options show graphs. I am a l
Hello Luís,
in
html/captive-portal/lib/captiveportal/PacketFence/DynamicRouting/Module/Authentication/Sponsor.pm
line 177 add cell_phone in the list
177 foreach my $key (qw(firstname lastname telephone company
cell_phone)) {
regards
Fabrice
Le 2017-11-07 à 05:10, Luís Torres via
Hello Nicolay,
not sure to understand , you mean in the admin gui ?
Regards
Fabrice
Le 2017-11-07 à 08:23, Nicolay Rytchev via PacketFence-users a écrit :
> Hello all,
>
> Is it possible to hide from the user or forbid to him see or change
> user's account in local database that is not
op works.
>
>
>
>
>
> *Da:*Fabrice Durand [mailto:fdur...@inverse.ca]
> *Inviato:* martedì 31 ottobre 2017 17.32
> *A:* Alessandro Canella <alessandro.cane...@itcare.it>
> <mailto:alessandro.cane...@itcare.it>;
>
Hello Paul,
What i would do is to use the device registration page in this case.
When user want to register there IOT devices, they use there already
registered device to hit the device registration page and register the
IOT by his mac address.
At the end of the registration you will just have
gt; *Inviato:* martedì 31 ottobre 2017 17.32
> *A:* Alessandro Canella <alessandro.cane...@itcare.it>
> <mailto:alessandro.cane...@itcare.it>;
> packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net
Hello Stephen,
it looks that there an issue to connect to the OMAPI socket.
Does the dhcp server is running ?
Also try to disable OMAPI in the admin gui and restart pfqueue.
Regards
Fabrice
Le 2017-11-02 à 10:20, Stephen Appleby via PacketFence-users a écrit :
>
> I've setup radius and
Hello James,
cool it works, i will add the support of 802.1x for the Mserie in the
main code.
Regards
Fabrice
Le 2017-11-02 à 09:15, James Garcellano via PacketFence-users a écrit :
> Hello Fabrice,
>
> Adding the line "sub supportsWiredDot1x { return $TRUE; }" to
>
;
> Done some tests. Cannot grant internet access to PF, so I’ve
> pasted diff content in a local diff file, but doesn’t work
> (remains freezed and needs a ctrl-c to return to prompt)
>
>
>
> Not too simply.. any ideas? Can I execute single lines of diff fi
Hello James,
little bit weird , the NAS-IP-Address is equal to 192.168.1.5 and should
be equal to 192.168.1.12.
Did you changed something the the Netgear config to set NAS IP Address
with the wrong value ?
Regards
Fabrice
Le 2017-11-01 à 16:48, James Garcellano via PacketFence-users a écrit
Hello James,
can you run radius in debug mode and retry a connection, i would like to
see the radius request.
raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000
Regards
Fabrice
Le 2017-11-01 à 14:21, James Garcellano via PacketFence-users a écrit :
>
> Hello everyone,
>
>
>
> I would
a local diff file, but doesn’t work (remains freezed
> and needs a ctrl-c to return to prompt)
>
>
>
> Not too simply.. any ideas? Can I execute single lines of diff file?
>
>
>
> *Da:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@lists
Hello Samuel,
there is a pull request for that:
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/2683.diff
And i think it's close to what you did.
Regards
Le 2017-10-31 à 09:33, Samuel Chege via PacketFence-users a écrit :
> Hi Guys,
>
> I just set up PacketFence
Hello Alessandro,
can you try this patch:
cd /usr/local/pf
curl
https://github.com/inverse-inc/packetfence/commit/fa866d14be0b16ef1af0ed849c85a481a4011048.diff
| patch -p1
Then restart packetfence.
Regards
Fabrice
Le 2017-10-31 à 07:59, Alessandro Canella via PacketFence-users a écrit :
>
> Desauth Method : RADIUS / CoA is ticked , I dont know if there is
> anything else I should set ?
>
> For 802.1X I did not bind Packetfence to an AD, I thought it could use
> the local user database ?
>
> thanks
>
> On Mon, Oct 30, 2017 at 7:40 PM, Fabrice Durand via Pa
Hello Gonzague,
it will not really complicate to add the CoA support for Meraki switches
in PacketFence.
Can you try the attached switch module and let me know.
Also for the 802.1x issue , did you joined the server to your AD ?
Did you created realm associated to your domain ?
Regards
Hello Yan,
Le 2017-10-30 ?? 11:28, Yan via PacketFence-users a ??crit?0?2:
> Hi Fabrice,
>
> Thank you very much. You are right. It seems my problem was caused by
> not excuting "pfcmd configreload hard" and to "restart
> packetfence-config". After doing this, the nodes dashboard are loaded
>
i look in the log there is no traces about a registration process,
i can just see 2 wire mac authentication.
Regards
Fabrice
Le 2017-10-30 à 11:22, j...@momentumvr.co.uk a écrit :
>
>
>
>
>
> *From:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@
ntication SUCCEEDED against local (Authentication successful.)
> Matched against local for 'authentication' rules
> set_access_duration : 5D
> set_access_level : NONE
> set_role : guest
> Matched against local for 'administration' rules
> set_access_duration : 5D
> set_acc
uthentication' rules
> set_role : guest
> set_access_duration : 1D
> Did not match against null for 'administration' rules
>
> Authenticating against My_SMS
> Authentication FAILED against My_SMS ()
> Matched against My_SMS for 'authentication' rules
> set_role :
Hello John,
i need a little bit of log.
First radius log when the device connect:
raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000
Then the packetfence.log.
Regards
Fabrice
Le 2017-10-30 à 07:33, john--- via PacketFence-users a écrit :
>
> Good day everyone,
>
>
>
> I have an
Hello Yan,
yes of course it's possible to move the db from local to remote.
When you export the db, be sure to export the procedures too, or use the
db schema in db directory then import your data.
Also don't forget to do a pfcmd configreload hard and to restart
packetfence-config.
Regards
ntain information which is confidential or
> privileged. if you are not the intended recipient, please immediately
> notify us
> and destroy this message and any attachments without retaining a copy.
> Any unauthorized use of this message can expose the responsabile party
> to civil an
Can you do that:
bin/pftest authentication user password
and give me the output
Le 2017-10-26 à 09:09, Nicolay Rytchev via PacketFence-users a écrit :
> Yes , I did.
>
> Встроенное изображение 1
>
> 2017-10-26 15:00 GMT+02:00 Fabrice Durand via PacketFence-users
>
Hello Yan,
it looks a javascript issue.
Did you refresh the browser cache (ctrl + f5) ?, is there any adblock
extension installed ?
Regards
Fabrice
Le 2017-10-26 ?? 05:20, Yan via PacketFence-users a ??crit?0?2:
> Hi dear users,
>
> My previous PF was v7.2 and I just upgrade it to v7.3 as
Hello Nicolay,
did you define a role and an access duration for the user ?
Regards
Fabrice
Le 2017-10-26 à 04:09, Nicolay Rytchev via PacketFence-users a écrit :
> Hello All,
>
> I can`t get access to the network by local Packetfence authentication
> , but the authentication process is
Hello Hubert,
PacketFence need to have the accounting data from the switch to show you
reports.
Regards
Fabrice
Le 2017-10-26 à 03:29, Hubert Kupper via PacketFence-users a écrit :
> Hello,
>
> I have a new PF 7.3.0 server running in production. In the REPORTS tab
> only node states are
Hello Luca,
when you do mac authentication, PacketFence will return access-accept
but depending of the status of the device it will return the
registration vlan or a prod vlan.
When it return the registration vlan then the device will hit the portal
to register.
Regards
Fabrice
Le
r when authenticating
> with google (see attachment).*
> *Do I need to generate or install a certificate?
> *
> *Can you solve this?*
> *Thank you!*
> *
> *
> *
> *
>
> 2017-10-25 14:37 GMT-02:00 Fabrice Durand via PacketFence-us
, 2017 at 12:33 PM, Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net>> wrote:
>
> Hello Matt,
>
> this is normal, PacketFence allowed the mac of the device and if
> you plug an
Hello Diego,
you will need to remove facebook from the dns_filters.conf.default in
order to fix the fqdn graph.facebook.com.
Also the passthroughs for the OAuth sources are in the OAuth config
itself (pf side).
Regards
Fabrice
Le 2017-10-25 à 12:29, Diego Lopes da Cruz via PacketFence-users
Hello Matt,
this is normal, PacketFence allowed the mac of the device and if you
plug another device in the switch port then a new security trap will be
sent to PacketFence.
Regards
Fabrice
Le 2017-10-25 à 10:33, Matt Mossholder via PacketFence-users a écrit :
> Hi everyone,
> What is
501 - 600 of 680 matches
Mail list logo