Hi all,
In previous PF environments I've always performed MySQL tuning by updating
my.cnf, stopping PF services and then restarting. If I have a separate DB
server to the PF server can I get away with just restarting MySQL on the DB
server, or do I still need to stop and start the services on
is specific to your setup)
In your case, just add the following to the default realm options:
auth_pool = eduroam
nostrip
Cheers
- Julien
On 2017-01-03 11:26 AM, Morris, Andi wrote:
Hi all,
upgrading my 6.2.1 to 6.4 running CentOS 7.3.1611 release today has resulted in
my radiusd and radiusd-acct
Hi all,
upgrading my 6.2.1 to 6.4 running CentOS 7.3.1611 release today has resulted in
my radiusd and radiusd-acct services not starting.
Firstly I was getting the following error:
service|command
httpd.admin|already started
Checking configuration sanity...
WARNING - Cannot open the following
Hi,
I’ve used PF in a clustered environment previously (version 5) and had more
downtime because of it than I did without. This wasn’t directly an issue with
PacketFence, but with the way that DRDB ties in with the Linux kernel, and how
to maintain an up to date kernel whilst running this
Hi all,
I'm trying to configure our Packetfence Guest setup (6.2.1) to send radius
accounting data to our fortigates in order to see the username in the firewall
logs, rather than just the IP. As far as I can see everything is configured
correctly, as per the guide here:
Hi all,
A quick update on this, disabling the Captive Portal Bypass mechanism option
and keeping wispr enabled seems to have resolved this.
More testing to be done, but it looks good so far.
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 15 November 2016 09:24
HI all,
Sorry to bump an old ish topic, but this is an issue we're seeing a lot of.
Users are seeing the HSTS error when trying to connect to our Guest network and
I'm not sure the best way around this, if there's any way at all.
In our config (6.2.1) we have both captive portal detection
:20
To: Morris, Andi <amor...@cardiffmet.ac.uk>;
packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Security Onion alerts not triggering
Hi,
I created a unit test (https://github.com/inverse-inc/packetfence/pull/1759)
and can validate that the "security_on
Thanks Thierry, this fixed my issue.
Cheers,
Andi
From: Thierry Laurion [mailto:tlaur...@inverse.ca]
Sent: 07 October 2016 18:09
To: packetfence-users@lists.sourceforge.net
Cc: Morris, Andi <amor...@cardiffmet.ac.uk>
Subject: Re: [PacketFence-users] Security Onion alerts not triggeri
max_enable=10
desc=P2P Vuze
enabled=Y
template=p2p
grace=2h
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 07 October 2016 14:56
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] Security Onion alerts not triggering
Hi all,
I have configured my security onion server
Hi all,
I have configured my security onion server to send alerts to my packetfence
server (version 6.2.1), and I can see that they're getting there through
TCPdump.
IDS server:
13:37:02.260031 IP idsserver.internal.domain.35871 >
packetfence.internal.domain.syslog: SYSLOG user.notice, length:
@lists.sourceforge.net
Subject: Re: [PacketFence-users] maintenance script with remote database
On Sep 28, 2016, at 11:55 AM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Apologies, I mean the database cleaner script being run remotely, not the
Apologies, I mean the database cleaner script being run remotely, not the
optimisation.
From: Morris, Andi
Sent: 28 September 2016 16:52
To: 'packetfence-users@lists.sourceforge.net'
<packetfence-users@lists.sourceforge.net>
Subject: RE: [PacketFence-users] maintenance script with
: [PacketFence-users] maintenance script with remote database
On Sep 28, 2016, at 10:34 AM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi Louis,
That makes sense, but in practice I get errors when running this on a server
that hasn’t had packetfen
, depending on how it's configured.
Makes sense?
On Sep 27, 2016, at 9:14 AM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi,
An update to this. It does seem to work well if the packetfence server is also
running the mariadb service. Mine wasn’
be sent to the user designated for PF alerts? If not, is
there scope for this to be added as an option?
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 21 September 2016 10:16
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] maintenance script
Hi all,
I've recently moved to a setup which has a remote database server, and I was
wondering whether the regular addons/database-backup-and-maintenance.sh file
will still run from the packetfence server to the remote DB server. I can see
the flags inside the script calling for the database
Nobody else has seen this then? I can't work out why my parking violations are
triggering after such a short period.
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 07 September 2016 12:50
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] parking
You could use snort to trigger on signatures related to port scanning and send
the culprit into the isolation VLAN.
Cheers,
Andi
From: Jonathan Brown [mailto:jbr...@fmcllc.com]
Sent: 14 September 2016 16:27
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] Block port
Hi all,
I've setup parking to trap devices that have been in the setup portal for over
3600 seconds, however I noticed a huge amount of users were triggering the
violation. After doing some testing with my own phone I found that this was
triggering after just 9 minutes.
I can't see how I've
Hi all,
I'm getting some strange errors when smartphones connect to my registration
network in order to register themselves as a guest. They see an error saying
that their device was not found in the packetfence database.
Interestingly the IP address displayed on the user's screen was
Hi all,
I'm getting a similar issue on two separate CentOS 7 servers that I've setup
today. I get through the configurator up until the service start section, but
when I do httpd.graphite never starts. Restarting the services from the CLI
gets the following result:
bin/pfcmd service pf restart
Hi all,
Just curious what the communities' solutions were for high availability with
their packetfence setups. We've recently purchased some hardware load
balancers, which gives us more options for load balancing than we had
previously, so I was considering the following setup?
1 x database
Any thoughts on this guys?
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 08 July 2016 15:19
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] sponsored access
Apologies for the barrage of emails. I think this is now something to do
ly 2016 14:32
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] sponsored access
As an update, this isn't happening with a laptop, so might be something to do
with the Android device, but something is definitely stopping it communicating
with whatever part of the interne
to the captive portal detection for
this OS version?
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 07 July 2016 15:15
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] sponsored access
Hi all,
I'm having trouble with my sponsored guest access where
Hi all,
I'm having trouble with my sponsored guest access where the registration isn't
completing until the guest node leaves and then reconnects to the captive
portal, when packetfence then sees the registered mac address and puts the node
in the correct vlan.
This doesn't seem to be
for your help. I'll try to wait until 6.1 is released before pushing
this into production. A horrible question I know, but do you know a rough
timescale for this release?
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 10 June 2016 09:20
To: packetfence-users
, at 6:02 , Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi Louis,
I needed to reinstall as I messed something up, so this is with the patch file
on a completely CentOS 7.2.1511 vanilla 6.0.3 installation just after
completing the configurator.
pat
Subject: Re: [PacketFence-users] SAML authentication
Hi Andi,
SAML is not currently available as a login option when granting sponsorship.
So you're not mis-configuring it. Its just not there :)
- Julien
On 2016-06-08 11:53 AM, Morris, Andi wrote:
Hi,
I'm trying to setup SAML authentication for my
Hi,
I'm trying to setup SAML authentication for my users connecting to sponsor a
guest, and also potentially for my admin users, however I can't seem to get
packetfence to attempt to authenticate the users with this source. I've even
tried pushing the SAML section right to the top of the
When applying that patch do I need to rename the x.y.z files in the diff file
to match my current version, and then create the relevant files? My patch dry
run is failing because the files don’t currently exist.
Apologies, I’m a git/patch noob
Cheers,
Andi
From: Morris, Andi [mailto:amor
, but has implemented
his own fix.
Cheers,
Andi
From: Louis Munro [mailto:lmu...@inverse.ca]
Sent: 06 June 2016 20:27
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Still a problem with registration process
On Jun 6, 2016, at 11:05 , Morris, Andi
<a
ver there is nothing at all in
the packetfence.log
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 06 June 2016 15:55
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Still a problem with registration process
On my current reverse proxy solution
, at 10:19 , Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi Andrew,
I’m also seeing the exact same issue. Users choose to register by email, then
click the email validation link and get a message to say they must use the same
device to v
//www.packetfence.org>)
On Jun 3, 2016, at 03:19, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi Derek,
I’ve done this by editing the HTML code within the portal pages.
I’m going to try this using the new portal config methods in version 6.x tod
Hi all,
On version <6.0.3 I was able to access the management IP on port 443 in order
for sponsors to activate guests. However, now I'm seeing the server refuse the
connection. Looking at the output for netstat I'm not seeing the management
interface listening on ports 80 or 443.
Do I have to
//www.packetfence.org>)
On Jun 2, 2016, at 06:18, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi all,
I’ve been battling with customising the interface for the Guest wifi signup
page here and management want it to be as simple as possible. I’m getting
I should have mentioned that this is version 5.7.0 for the moment. Perhaps this
is easier with the new version 6 interface? I'll happily update if this is the
case as my system is just in dev at the moment.
Cheers,
Andi
From: Morris, Andi
Sent: 02 June 2016 11:19
To: packetfence-users
s database?
Cheers,
Andi
-Original Message-----
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 04 May 2016 15:00
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] computer / user auth when onsite and offsite
Essentially the logic would be:
If domain_PC
Original Message-----
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 04 May 2016 14:37
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] computer / user auth when onsite and offsite
Hi Fabrice,
Thanks for your reply.
That looks good, although I'd need to add all o
Regards
Fabrice
Le Mercredi, Mai 04, 2016 08:53 EDT, "Morris, Andi" <amor...@cardiffmet.ac.uk>
a écrit:
> Hi all,
>
> I'm trying to work out a way to have domain PCs to authenticate with computer
> auth, but the device falling back to user auth so that if
Hi all,
I'm trying to work out a way to have domain PCs to authenticate with computer
auth, but the device falling back to user auth so that if it's offsite it will
use the user auth credentials to authenticate at other eduroam sites. What's
happening at the moment is that the device
2016-04-29 06:55, Morris, Andi a écrit :
Hi again all,
Is there a way to set access duration in vlan filters? I can see the options
there, but I can't get them to work.
Currently I evaluate the node role each time the user is authenticated using:
[2:home_user]
scope = RegisteredRole
role
Hi again all,
Is there a way to set access duration in vlan filters? I can see the options
there, but I can't get them to work.
Currently I evaluate the node role each time the user is authenticated using:
[2:home_user]
scope = RegisteredRole
role = eduroam_home
action = modify_node
rse.ca<mailto:jrouz...@inverse.ca> :: +1.514.447.4918 (x115) ::
http://www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://www.packetfence.org)
On 2016-04-28 12:44 PM, Morris, Andi wrote:
Hey all,
A bump of an old topic, but it still seems to
]\.[Aa][Cc]\.[Uu][Kk]$|.+@[Uu][Ww][Ii][Cc]\.[Aa][Cc]\.[Uu][Kk]$<mailto:.+@[Cc][Aa][Rr][Dd][Ii][Ff][Ff][Mm][Ee][Tt]\.%5bAa%5d%5bCc%5d\.%5bUu%5d%5bKk%5d$|.+@%5bUu%5d%5bWw%5d%5bIi%5d%5bCc%5d\.%5bAa%5d%5bCc%5d\.%5bUu%5d%5bKk%5d$>)
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk
Hi,
Hopefully just a quick one.
I know it's pretty easy to setup Packetfence to be able to authenticate users
against active directory in order to register devices using their standard
account name, however I was wondering whether it's possible to allow the user
to login/register in the
lm_auth --username=testuser
--challenge=ddd77a598cbc5038
--nt-response=ad6d3d357eafbfaa11185d03da4a1771b1222c9f7a6c581f --request-nt-key
2016-03-23 15:28 GMT+01:00 Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>>:
Hi all,
I’m looking to port our current working
Hi Louis,
Co-incidentally earlier today I had a conversation with a colleague about
getting posture checking with dot1x auth and windows clients and I suggested
Packetfence for the solution. If you discontinue SoH, is there something on the
roadmap that would be its equivalent?
Cheers,
Andi
Hi Brian,
1 - The sponsor is recorded against the owner of the device. Maybe this works
for you?
2 - You could use SAML authentication for single sign on if you have a SAML
based IdP e.g. ADFS/Shibboleth. This would mean that your sponsors wouldn't
have to keep logging in.
Cheers,
Andi
-users] dot1x auth when soh is enabled
On Mar 17, 2016, at 10:41 , Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi Louis,
Co-incidentally earlier today I had a conversation with a colleague about
getting posture checking with dot1x auth and win
in login.html which you can reproduce
in other pages.
[%# AUP %]
Comment the whole AUP section, and change the input as shown.
Thank you
On 03/15/2016 12:31 PM, Morris, Andi wrote:
Hi all,
I need to edit the registration form so that users don't see the AUP
Hi all,
I need to edit the registration form so that users don't see the AUP (this will
be provided in a separate link). I've removed the section from the guest.html,
but when I register I see an error telling me that I haven't accepted the AUP.
Is there a way to override this check?
Cheers,
lan filter not working
Hi Andi,
replace match by regex.
Regards
Fabrice
Le 2016-03-03 06:43, Morris, Andi a écrit :
Hi,
Running version 5.7.0 on CentOS.
I'm trying to get autoreg working through vlan_filters like I have on my 5.0.1
production install but it doesn't seem to be taking effect
Hi,
Running version 5.7.0 on CentOS.
I'm trying to get autoreg working through vlan_filters like I have on my 5.0.1
production install but it doesn't seem to be taking effect and new devices are
being sent into the registration network after a radius access-accept message.
My vlan filter is as
) and PacketFence
(http://www.packetfence.org)
On 2016-02-26 9:58 AM, Morris, Andi wrote:
> Hi James,
> Yes, thanks, I've done that. Apologies my last email was terribly formatted
> somehow.
>
> I still cannot start the services due to this kill error. I may just rebuild
> the s
...@inverse.ca :: +1.514.447.4918 (x115) :: http://www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://www.packetfence.org)
On 2016-02-26 7:13 AM, Morris, Andi wrote:
> Thanks for your help Fabrice,
>
> OK, so this isn't working as it supposedly should.
Actually, this appears to be ingrained with the install (CentOS 6.7) as putting
the two database references back also displays this message. I'm not sure how
the services started ok when I first installed the server and ran through the
wizard.
-Original Message-
From: Morris, Andi
2016 16:03
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Installing with separate database server
Importance: Low
Yes exactly, mysql is a dependency but disable it when the system start.
Le Jeudi, Février 25, 2016 10:49 EST, "Morris, Andi" <amor...@car
).
Regards
Fabrice
Le Jeudi, Février 25, 2016 08:15 EST, "Morris, Andi" <amor...@cardiffmet.ac.uk>
a écrit:
> Hi all.
> Just wondering what the best practice is for installing packetfence with a
> separate mysql database server. Do I need to install packetfence on t
Hi all.
Just wondering what the best practice is for installing packetfence with a
separate mysql database server. Do I need to install packetfence on the main
server without the mysql elements? If so, what's the best way to do that so
that I don't miss out a vital dependency when installing
l have it on the system if I really need to find it. To gain
>>> easy access to the DB, I have an older version of phpMyAdmin (4.2.2
>>> because newer version are not compatible with the CentOS Source
>>> Distribution of MySQL)
>>
>>> -- Gregory A. Thomas Studen
Hi all,
Is there a way to make the default captive portal page the signup page rather
than the login page?
As a spin off to this, could the signup page then have a link on it pointing
to the login page? So basically, the reverse of how it is out of the box?
Cheers,
Andi
Hi all,
I'm looking to make some adjustments to how we have our PacketFence NAC
solution setup which is controlling our eduroam wireless network. To start
with, please let me explain our workflow:
User connects to open SSID, where they are redirected to our wifi setup portal
containing several
Just to note, I also see this issue. If as a result of Jake's question there
comes some routine maintenance that should be done on the database, please let
me know.
I already run the built in maintenance script, but I notice that I have several
fragmented tables in the sql tuner results, I'm
Student Life Support Specialist
University of Wisconsin-Parkside
thom...@uwp.edu
262.595.2432
-Original Message-
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: Tuesday, January 12, 2016 7:01 AM
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Admin
Hi again,
I've found the bug and the fix on github. I'm not familiar with github at all
though, can anyone please advise me how I can patch the files?
https://github.com/inverse-inc/packetfence/commit/d9c88a93aa11348d33d350e0871a3880e21126f1
Cheers,
Andi
From: Morris, Andi [mailto:amor
/d9c88a93aa11348d33d350e0871a3880e21126f1.diff
patch -p1 --dry-run < d9c88a93aa11348d33d350e0871a3880e21126f1.diff
all is ok, there is no conflict ?
patch -p1 < d9c88a93aa11348d33d350e0871a3880e21126f1.diff
bin/pfcmd service httpd.portal restart
Regards
Fabrice
Le 2016-01-08 07:06, Morris, Andi a écrit :
Hi
Hi all,
Sorry to bump a very old thread, but I'm running version 5.0.1 and am in no
position to upgrade my current production system at the moment. I've also just
started utilising violations in anger, and have found that users clicking the
Enable Network button do not get put back on the main
) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
On Nov 11, 2015, at 3:42 AM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi Derek,
Thanks for your reply, as always.
I’ve reproduced this on another packetfence box where I can see the w
. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
On Nov 9, 2015, at 12:09 PM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi all,
I’m getting reports of u
Hi all,
I'm getting reports of users being briefly disconnected from the wireless
network every few minutes, which is something that didn't used to happen when
users were connected to another SSID using exactly the same hardware (Cisco
WLC). I'm wondering if it's something like radius
Sorry for an old thread bump, but we see this also on Cisco WLCs. Some client
devices will visibly disconnect the user from the network and then
reauthenticate. We actually see it every few minutes.
We also have users saying that xbox live disconnects every few minutes when run
through our
= status
value = reg
[reg_network]
filter = ssid
operator = is
value = setup_wifi
[block_reg_devices:reg_devices_network]
scope = NormalVlan
role = blocked
Le Mercredi, Novembre 04, 2015 07:34 EST, "Morris, Andi"
<amor...@cardiffmet.ac.uk> a écrit:
> Thanks Fabric
then it's suppose to go on a
production vlan, not the registration vlan ?!
Regards
Fabrice
Le 2015-11-04 06:16, Morris, Andi a écrit :
Now I have the vlan_filters in front of me, does this look doable?
[reg_devices]
filter = node_info
operator = is
attribute = status
value = reg
[reg_network]
fil
Now I have the vlan_filters in front of me, does this look doable?
[reg_devices]
filter = node_info
operator = is
attribute = status
value = reg
[reg_network]
filter = ssid
operator = is
value = setup_wifi
[block_reg_devices:reg_devices_network]
role = blocked
Cheers,
Andi
From: Morris, Andi
Hi all,
I'm still having a large problem with devices sitting in my captive portal, and
as such using up a lot of PF resources. With others help on here I've setup a
violation that I can trigger if I see a device sitting in there for too long,
and I've managed to get any long term devices off
] Recommended setup for HA and efficiency
Set the role vlan to -1. That should return reject.
Sent from my iPhone
On Oct 22, 2015, at 11:17 AM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
I’ve been working on this today, and have successf
All sorted, I needed to enable mac authentication on the setup network.
Thanks all.
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 23 October 2015 09:56
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Recommended setup for HA and efficiency
That works
p://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
On Oct 22, 2015, at 15:19 , Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi Louis,
I've tried this already unfortunately.
I've tried
configreload hard
service packetfenc
cketfence.org<http://www.packetfence.org>)
On Oct 22, 2015, at 15:35 , Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
I did have that file, I removed it and ran a configreload hard but I still get
the error. I tried a service restart again, still not
Move MySQL to a different server on fast storage. I run 2 MySQL vms in ha on
ssd storage and that helps.
Sent from my iPhone
On Oct 21, 2015, at 12:37 PM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Hi all,
I’ve recently come into some issues with th
: Re: [PacketFence-users] Recommended setup for HA and efficiency
On 10/21/15, 12:35 PM, "Morris, Andi"
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Has anyone else run into this sort of issue with devices sitting in the captive
portal, and if so ho
cketfence.org<http://www.packetfence.org>)
On Oct 22, 2015, at 15:56 , Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Still no good I'm afraid. All commands ran successfully. The dat files all look
like they've been recreated, but there's no dat file for the violat
connects
back up to the network without issue and continues as normal.
Would creating a real vlan, which has no route to the internet be a better way
to go about this? Or am I doing something wrong by sending them to the mac
detection vlan?
Cheers,
Andi
From: Morris, Andi [mailto:amor
Hi all,
Firstly, sorry for all the mailing list entries recently, it never rains
Anyway, I created a violation earlier which went well, however since editing it
on the CLI through violations.conf I can no longer get to certain parts of the
admin GUI.
Httpd.admin.log shows:
Oct 22 17:20:30
Hi all,
I've recently come into some issues with the load on my PacketFence setup
during peak times and so we're now looking at seeing if we can split the
service into separate components across servers, and also across our two sites
for high availability.
Loads are currently around 2000
I'm getting trouble accessing the web admin interface when using IE11. This
seems to be ok using PacketFence version 5.1, but not 5.3.1 or 5.4.0. Login
access is ok, but the nodes and users tabs just sit there with the 3 dots just
flashing as if the browser is waiting. The search box doesn't
wuelfr...@inverse.ca<mailto:dwuelfr...@inverse.ca> :: +1.514.447.4918 (x110)
:: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
On Oct 13, 2015, at 9:22
p://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
On Oct 8, 2015, at 12:04 PM, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Aha, I found the Actions array in /lib/pf/Authentication/constants.pm and
changed th
Aha, I think I now see that this is not because of the format of the date, but
because the ‘expiration’ field isn’t declared as an Action.
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 13 October 2015 14:33
To: packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users
lto:dwuelfr...@inverse.ca> :: +1.514.447.4918 (x110)
:: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and
PacketFence (www.packetfence.org<http://www.packetfence.org>)
On Oct 7, 2015, at 11:38 AM, Morris, Andi
<amor...@cardiffmet.ac
Aha, I found the Actions array in /lib/pf/Authentication/constants.pm and
changed the order. That means that the Actions now shows ‘Set access duration’
by default on the create screen, perfect.
I’ll keep looking for ways to give the users a default unreg date.
Cheers,
Andi
From: Morris, Andi
nce (www.packetfence.org<http://www.packetfence.org>)
On Oct 1, 2015, at 11:45, Morris, Andi
<amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote:
Is there a way to remove the registration window option and make two actions
appear by default (access duration
Is there a way to remove the registration window option and make two actions
appear by default (access duration and role) in the create users window? I'm
trying to make this page as simple as possible for the staff creating users.
Cheers,
Andi
-
Andi Morris
action = modify_node
action_param = mac = $mac , unregdate = 2015-09-0923:59:59
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 19 August 2015 13:36
To: 'packetfence-users@lists.sourceforge.net'
Subject: Re: [PacketFence-users] Using vlan_filter device registration
Apologies, I meant
Hi all,
I'm having an issue on a new PF box running 5.0.1 (this is the version we have
in dev). Currently I'm using vlan_filters to decide whether a user is a home
user, or an eduroam visiting user, and assign the correct role based on this.
However I've just added the device-registration
and role (pf::Switch::returnRadiusAccessAccept)
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 19 August 2015 13:28
To: packetfence-users@lists.sourceforge.net
Subject: [PacketFence-users] Using vlan_filter device registration
Hi all,
I'm having an issue on a new PF box
to dynamically calculate this
date from the registration date.
Cheers,
Andi
From: Morris, Andi [mailto:amor...@cardiffmet.ac.uk]
Sent: 12 May 2015 14:20
To: 'packetfence-users@lists.sourceforge.net'
Subject: Re: [PacketFence-users] valid date
Actually, to follow this up. Is there a way to set the unreg
1 - 100 of 310 matches
Mail list logo