Hello,
So, in my continuing saga of getting a new setup going for how we use
PacketFence, I am trying to get EAP-TTLS working. Yesterday, I had it
working for a little while. Then I started adding some more settings to
get things ready for production, did some "clean up", and discovered it no
3452 0056
a:
w: Hammersteiner Straße 50, 79400 Kandern
bfacademy.de
On Fri, Apr 30, 2021 at 1:56 PM Nathan, Josh
wrote:
> I don't know if it helps, but I'm doing PEAP authentication with
> MSCHAPv2. I tried using the Provisioner, but that doesn't work from my
> Pixel 3a. So I'm just
: Hammersteiner Straße 50, 79400 Kandern
bfacademy.de
On Mon, Apr 26, 2021 at 3:51 PM Nathan, Josh
wrote:
> Hello Ludovic,
>
> OK, I made those changes, then did a "pfcmd service pf restart".
>
> No dice. Exact same results. Here's the end of the raddebug again in
Hello Ludovic,
OK, I made those changes, then did a "pfcmd service pf restart".
No dice. Exact same results. Here's the end of the raddebug again in case
that helps. Still nothing in packetfence.log.
(17) Mon Apr 26 15:46:04 2021: Debug: Received Access-Request Id 93 from
172.20.50.76:43555
company/akamai-technologies>
> <http://www.youtube.com/user/akamaitechnologies?feature=results_main>
>
> On Apr 22, 2021, at 2:35 AM, Nathan, Josh
> wrote:
>
> Any further insights regarding what I could try or where I should look?
> I've not had any luck this week at figur
bfacademy.de
On Fri, Apr 16, 2021 at 9:39 AM Nathan, Josh
wrote:
> Hello Ludovic,
>
> OK, here's from this morning:
>
> [root@gatekeeper ~]# grep 58:cb:52:37:5d:ab
> /usr/local/pf/logs/packetfence.log
> Apr 16 09:13:51 gatekeeper packetfence_httpd.aaa: httpd.aaa(2054) INFO:
>
ic Zammit
> lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
>
>
>
>
>
>
> On Apr 15, 2021, at 9:48 AM, Nathan, Josh via PacketFence-users <
>
Hello,
So, I'm trying to configure a 10.2 Zen version of PF. Our user
authentication happens via RADIUS. So I configured our RADIUS server under
the "Internal Sources" section, and everything is now "mostly" working. My
devices authenticate, but the Authentication Rules don't seem to be taking
+1.514.447.4918 (x145) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org)
>
>
>
>
>
>
>
>
> On Mar 24, 2021, at 9:17 AM, Nathan, Josh
> wrote:
>
> Thank you! I decided to go the route of
Hello,
Well, I'm not sure what I missed, but after following the installation
guide for using the built-in PKI provider, I have been unable to get TLS
working.
I'm trying to prep a new virtual server for replacing our existing one. I
have the ZEN version with PF 10.2.0. The error I'm running
, 2021 at 9:12 AM Nathan, Josh
wrote:
> Hello,
>
> I'm trying to do a fresh install of PacketFence 10.2 on CentOS 7 within a
> virtual machine. I installed and updated CentOS 7. I did install it with
> the Gnome Desktop since I do prefer to have a graphical interface. I
> dis
Hello,
I'm trying to do a fresh install of PacketFence 10.2 on CentOS 7 within a
virtual machine. I installed and updated CentOS 7. I did install it with
the Gnome Desktop since I do prefer to have a graphical interface. I
disabled the firewall, disabled SELinux, and even disabled
Hi,
>
> On 27/09/2019 11:40, Nathan, Josh via PacketFence-users wrote:
> > I tried to find it in log.conf and pf.conf, and I don't seem to have a
> > packetfence.logrotate file anywhere...
>
> Take a look at /etc/logrotate.d/packetfence
>
> --
> Nico
Hello,
So, I am having trouble finding where I can set the expiration time for the
various log files. It used to be in the configuration pages of the admin
console, but it doesn't seem to be there anymore. Just to make sure that
I'm not hanging onto any user data any longer than necessary, I'd
We actually did do something like this, but I'm going to be honest, we
haven't really tested it in a long time (firmware updates might have broken
it), and the problem is that the only way we found to make it would was to
attempt the command on every antenna. We just programmed the script to
Hello All,
OK, I am somewhat abandoning trying to use LDAP as I thought RADIUS might
be easier.
I'm trying to use JumpCloud's Radius-as-a-Service. If I tell my AP to use
their RADIUS server directly, authentication works. However, I'd like to
use PacketFence as a go-between to use dynamic
49 (0) 152 3452 0056
a:
w: Hammersteiner Straße 50, 79400 Kandern
bfacademy.de
On Wed, Mar 21, 2018 at 4:36 PM, Nathan, Josh <josh.nat...@bfacademy.de>
wrote:
> Hello,
>
> So, I'm having some trouble setting up an LDAP authentication source in
> PacketFence version 6.0.1
Hello,
So, I'm having some trouble setting up an LDAP authentication source in
PacketFence version 6.0.1.
It tests successfully, and doing an ldapsearch test comes back without
issue. In fact, from the registration VLAN, through the PacketFence
Captive Portal it works!
However, with the
Hey Just FYI... Running both the Guest and RADIUS-Assigned VLANs on the
same AP (separate SSIDs, of course), does NOT work on Unifi's 3.8.15
firmware. It works with firmware version 3.8.3, broke at 3.8.6, and it's
working again at least as of 3.9.19.
So if you need that firmware version, it
>
> Btw in the new packetfence version we limit that.
>
> Regards
>
> Fabrice
>
>
>
> Le 2017-10-17 à 04:12, Nathan, Josh via PacketFence-users a écrit :
>
> So, we have a PacketFence 6.0.1 installation, and it's been plugging along
> for almost two years now.
I ran into that as well. What fixed it for me, is that there are two
values in the source with default numbers. The port and the timeout or
whatever, I think. You need to FILL IN those values. Leaving them
auto-completed didn't work for me for some reason. I just entered in the
same numbers
So, we have a PacketFence 6.0.1 installation, and it's been plugging along
for almost two years now. However, its database has gotten REALLY slow.
The PacketFence admin page actually times out when trying to load the Node
list (only 25 entries per page selected). The server isn't being stressed
When I had a similar problem, recently, I was directed to restart the
packetfence-config service. And then afterward I found I also needed to
restart the packetfence-mariadb service for subsequent issues.
Joshua Nathan
*IT Technician*
Black Forest Academy
p: +49 (0) 7626 9161 630 m: +49 (0)
ketfence-config
>
> /usr/local/pf/bin/pfcmd service pf restart
>
> Le 2017-09-26 à 09:16, Nathan, Josh via PacketFence-users a écrit :
>
> OK. That gives me:
>
> Failed to connect to config service for namespace resource::URI_Filters,
> retrying
>
>
> And th
owing:
>
> /usr/local/pf/bin/pfcmd service pf start
>
>
> Regard
>
> Fabrice
>
>
>
> Le 2017-09-26 à 04:43, Nathan, Josh via PacketFence-users a écrit :
>
> Sorry, to be a little more specific... it seems that at least a number of
> the files are stil
Strange issue... I just did a clean install of PacketFence 7.2.0 on a
CentOS 7 server. However, at some point over night, my PacketFence service
disappeared. The directory and configurations seem to all still be in
place, but the service is gone. Is there a way to readily recreate that?
p: +49 (0) 7626 9161 630 m: +49 (0) 152 3452 0056
a:
w: Hammersteiner Straße 50, 79400 Kandern
bfacademy.de
On Tue, Sep 26, 2017 at 10:37 AM, Nathan, Josh <josh.nat...@bfacademy.de>
wrote:
> Strange issue... I just did a clean install of PacketFence 7.2.0 on a
> CentOS 7 server. Howev
Is there a way to generate this?
Thanks,
Joshua Nathan
Level 3 IT Support and Development
Black Forest Academy
+49 (0) 7626-9161-630
On Fri, Jun 10, 2016 at 11:31 AM, Nathan, Josh <josh.nat...@bfacademy.de>
wrote:
> James,
>
> /usr/local/pf/git_commit_id does NOT exist for
ce
> (http://www.packetfence.org)
>
> On 2016-06-09 10:51 AM, Nathan, Josh wrote:
>
> No, I ran it once before. I think after the first patch was released.
> But then I've seen at least one, if not 2 more patches get released that
> looked helpful.
>
> Thanks,
> Joshua Nat
, Jun 7, 2016 at 10:35 AM, Nathan, Josh <josh.nat...@bfacademy.de>
wrote:
> When I try to run pf-maint, I get the following error:
>
> ** GET
> https://api.github.com/repos/inverse-inc/packetfence/compare/a962ef7cf0c0755845f9e48ee0d2d0c5bf517c7d...f9dda4c3b46973fd6fa4fac586df9ce8
When I try to run pf-maint, I get the following error:
** GET
https://api.github.com/repos/inverse-inc/packetfence/compare/a962ef7cf0c0755845f9e48ee0d2d0c5bf517c7d...f9dda4c3b46973fd6fa4fac586df9ce810df745c
==> 404 Not Found (1s)
404 Not Found
I'm running PF 6.0.1.
Thanks,
Joshua Nathan
Level
When using the Android Provisioner, I'm trying to set it to use EAP-TLS,
and I get this error on the captive portal after successfully providing my
credentials:
Apr 28 11:53:03 httpd.portal(18407) ERROR: [mac:a8:7c:01:a2:60:6f] Caught
exception in
So, I'm having difficulty with the Android App. I'm trying to use PEAP, but
the app doesn't seem to recognize that the username and password need to be
supplied. So leaves me with registering, downloading/installing the app,
running the app, and then going into the device's wifi settings and
inverse.ca
> +1.514.447.4918 x125 :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
> www.packetfence.org)
>
> On Apr 22, 2016, at 9:59 , Nathan, Josh <josh.nat...@bfacademy.de> wrote:
>
> Didn't take especially long. I know about
So... Is there a quicker/easier way to setup P2P detection with Snort?
Within the emerging-threats file, there's a LOT of different SIDs. Do I
really need to enter them all by hand, or is there a way to somehow block
trigger anything in that file?
PF 6.0
Thanks,
Joshua Nathan
Level 3 IT Support
gt;
>
> On 04/22/2016 08:06 AM, Nathan, Josh wrote:
>
> Here's what the messages log says:
> Apr 22 13:54:48 gatekeeper systemd: Starting PacketFence Service...
> Apr 22 13:54:50 gatekeeper pfcmd: service|command
> Apr 22 13:54:56 gatekeeper pfcmd: [Fri Apr 22 13:54:56 2016]
c. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
> www.packetfence.org)
>
> On Apr 21, 2016, at 10:59 , Nathan, Josh <josh.nat...@bfacademy.de> wrote:
>
> I will confess that I'm struggling to get used to CentOS 7 as it is so
> different from CentOS 6. Here's the "journalctl -xe&q
; Louis Munro
> lmu...@inverse.ca :: www.inverse.ca
> +1.514.447.4918 x125 :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
> www.packetfence.org)
>
> On Apr 21, 2016, at 6:24 , Nathan, Josh <josh.nat...@bfacademy.de> wrote:
>
> So...
So... I've just done a fresh install of PacketFence 6 on a CentOS 7 box.
Is anyone else having the problem where PacketFence won't start because
it's takes too long, and systemctl times out on it? I am running it in a
virtual server, so maybe I'm not giving it enough resources... But it has
8GB
if it’s the same.
> It’s not inconceivable that this is specific to eapol_test.
>
> --
> Louis Munro
> lmu...@inverse.ca :: www.inverse.ca
> +1.514.447.4918 x125 :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
> www.packetfence.org)
&
INE: engine deinit
MPPE keys OK: 0 mismatch: 1
FAILURE
What would it be about the relay that is interfering?
Thanks,
Joshua Nathan
Level 3 IT Support and Development
Black Forest Academy
+49 (0) 7626-9161-630
On Tue, Apr 12, 2016 at 10:19 AM, Nathan, Josh <josh.nat...@bfacademy.de>
wro
server for
handling credentials.
Thanks,
Joshua Nathan
Level 3 IT Support and Development
Black Forest Academy
+49 (0) 7626-9161-630
On Mon, Apr 11, 2016 at 7:18 PM, Louis Munro <lmu...@inverse.ca> wrote:
> Hi Nathan,
>
> On Apr 11, 2016, at 10:21 , Nathan, Josh <josh.nat...@b
certificate in the same file to which you then point
> FreeRADIUS (as it’s server cert file).
>
>
> Regards,
> --
> Louis Munro
> lmu...@inverse.ca :: www.inverse.ca
> +1.514.447.4918 x125 :: +1 (866) 353-6153 x125
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and Packe
, 2016 at 4:21 PM, Nathan, Josh <josh.nat...@bfacademy.de>
wrote:
> OK, so I've been having no luck with getting EAP-TLS to work properly with
> my Windows computers, but I'm interested in testing PEAP. However, I can
> see from my iPad that RADIUS *always* hands out its own se
OK, so I've been having no luck with getting EAP-TLS to work properly with
my Windows computers, but I'm interested in testing PEAP. However, I can
see from my iPad that RADIUS *always* hands out its own self-made CA cert
for PEAP. I've even removed the entire raddb/certs directory, restarted
ty store as a
> trusted root (I'm pretty sure it's a few installers/apps doing it). So
> between the 2 problems, you can make all of one or all of the other work
> with no problems but you'll always have to screw with the other. Private
> CA is the way to go imho.
>
> Sent from my
Hello,
So I'm trying to get Radius to supply a valid cert. Even though I've got
my PacketFence server, itself, using my Comodo Wildcard certificate, I can
see when logging into my wireless AP via 802.1X that I'm still getting the
self-signed Radius cert. I renamed the certs directory according
addebug -f /usr/local/pf/var/run/radiusd.sock
>
>
> Greetings
>
> Tobias
>
>
>
> 2016-04-05 9:16 GMT+02:00 Nathan, Josh <josh.nat...@bfacademy.de>:
>
>> So, I'm not sure what's wrong with my command since I've run Radius in
>> debug before, but now wh
Hello,
We're working on switching to a fully "out of band" deployment of
PacketFence if possible, and I wasn't quite understanding what the ideal
situation is for Guest accounts. We'd like to use the self-registration by
email, but we ideally would like an automatic VLAN change upon registering
in our Production environment yet, but maybe that's required?
Thanks,
Joshua Nathan
Level 3 IT Support and Development
Black Forest Academy
+49 (0) 7626-9161-630
On Wed, Feb 24, 2016 at 4:21 PM, Louis Munro <lmu...@inverse.ca> wrote:
>
>
> On Feb 24, 2016, at 10:08 , Nathan,
ouis Munro <lmu...@inverse.ca> wrote:
>
>
> On Feb 23, 2016, at 3:21 , Nathan, Josh <josh.nat...@bfacademy.de> wrote:
>
> We do get the occasional "Rogue DHCP" alert, so we know Snort is doing
> *something*... But I don't see any log files that mention any of
We're having trouble with PacketFence throwing violations on P2P activity.
It doesn't seem to be detecting it. Back when we were running PacketFence
3.x it was working, but we've recently come to realize that on our
PacketFence 5.2 system, it is not catching it. We've recently come to
suspect
+49 (0) 7626-9161-630
On Wed, Feb 10, 2016 at 11:10 AM, Nathan, Josh <josh.nat...@bfacademy.de>
wrote:
> Hello,
>
> Due to site location deficiencies, we're currently running multiple
> PacketFence servers. Lately, we've started getting a lot of emails saying
> that we'v
Hello,
Due to site location deficiencies, we're currently running multiple
PacketFence servers. Lately, we've started getting a lot of emails saying
that we've reached our "hourly API limit" for Fingerbank.
My understanding is that PacketFence stores a local copy that it
periodically tries to
Hello,
So, I'm working to get 802.1X authentication working, and I'm wondering if
PacketFence can do what I want it to...
I would like to do 802.1X against either a RADIUS database or LDAP while
still relying on the PacketFence database for what VLAN to use. Does that
make sense?
My initial
So... Strange problem.
I'm working in a test environment that's running PacketFence 5.4.0. If I
have my client authenticate using EAP-TTLS, when logging into the captive
portal, PacketFence properly bounces the port, and assigns the correct VLAN.
However, if I set the client computer to use
IT Administrator
Black Forest Academy
+49 (0) 7626-9161-630
On Wed, Nov 25, 2015 at 10:42 AM, Nathan, Josh <josh.nat...@bfacademy.de>
wrote:
> Hello,
>
> So... I'm trying to setup 802.1x in a test environment, but I'm getting
> login faiIures even when the credentials are good. We do
Hello,
So... I'm trying to setup 802.1x in a test environment, but I'm getting
login faiIures even when the credentials are good. We don't have an Active
Directory server or the like, but instead we're storing accounts in a MySQL
database using MD5 encryption.
With a Linux computer (Chromixium
A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
USA.
=cut
1;
#
wrote:
> Hello Joshua,
>
> maybe you can share what you did with iproute2 ;-)
>
> Regards
> Fabrice
>
>
>
> Le 2015-10-15 07:35, Nathan, Josh a écrit :
>
> Thanks Fabrice! I was able to get it working with that!
>
> Thanks,
> Joshua Nathan
> IT Admin
do that.
> http://www.lartc.org/howto/
>
> regards
> Fabrice
>
>
>
> Le 2015-10-14 05:08, Nathan, Josh a écrit :
> > Hello all,
> >
> > So... I see where PacketFence has the option to specify that there are
> > multiple SNAT interfaces, but I've not found
Hello all,
So... I see where PacketFence has the option to specify that there are
multiple SNAT interfaces, but I've not found where/all to specify which one
to use... Here's what I want to do.
Within an Inline environment, I want to specify that VLAN 15 (ex. eth0.15)
reaches the Internet via
31ccd
> or use pf-maint.pl (perl /usr/local/pf/addons/pf-maint.pl)
> And "Unknown switch" is just because you are using inline (it's a warning).
>
> Also can you modify the the progress bar timeout to be at least 1
> minutes (Issue with browser dns cache)
>
>
I'm getting it too. Our problem is that we are in general having problems
with our Captive Portal. But for now, I guess I'll ignore those errors and
search elsewhere...
Thanks,
Joshua Nathan
IT Administrator
Black Forest Academy
+49 (0) 7626-9161-630
On Sat, Aug 15, 2015 at 3:01 PM, mourik jan
Hello,
I'm trying to debug some problems we're having with our PacketFence server,
so I'm first trying to whittle through the various errors in the logs. Can
anyone give me some direction on these?
>From packetfence.log:
httpd.portal(25510) ERROR: Unable to perform RADIUS authentication on any
)
Regards
Fabrice
Le 2015-06-17 08:52, Nathan, Josh a écrit :
I tried doing a fresh install... still seeing the problem. Here's
another error I'm getting:
Jun 17 14:51:22 httpd.portal(13792) INFO: [60:eb:69:56:4e:6e] shouldn't
reach here. Calling access re-evaluation. Make sure your network
Hello,
I'm seeing a strange problem with my PF 5.1 server. It works, except that
every few minutes people are reaching the Sorry page. Here's the error
from the packetfence.log file:
Jun 16 12:39:08 httpd.portal(27967) INFO: Matched IP '172.22.159.209' to
MAC address 'b0:34:95:f0:d9:b6' using
Oh, and we're running it as InlineL2
Thanks,
Joshua Nathan
IT Administrator
Black Forest Academy
+49 (0) 7626-916123
On Tue, Jun 16, 2015 at 12:41 PM, Nathan, Josh josh.nat...@bfacademy.de
wrote:
Hello,
I'm seeing a strange problem with my PF 5.1 server. It works, except that
every few
Academy
+49 (0) 7626-916123
On Mon, May 25, 2015 at 12:02 PM, Nathan, Josh josh.nat...@bfacademy.de
wrote:
We do something similar to this, actually. However, while we used to run a
query against the database, something changed with the upgrade to 4.0 that
caused that to stop working. They'd
We do something similar to this, actually. However, while we used to run a
query against the database, something changed with the upgrade to 4.0 that
caused that to stop working. They'd be listed as unregistered in the
database, but still have access. I was able to put together a pfcmd
command
Hello,
Fresh install of PacketFence 5.0.2...
I've not actually ever used Github before, and the new Fingerbank thing is
giving me trouble. I created a Github account (free), and have even tried
creating an API with full permissions for everything, but PacketFence still
can't update its
IT Administrator
Black Forest Academy
+49 (0) 7626-916123
On Mon, May 11, 2015 at 10:25 AM, Nathan, Josh josh.nat...@bfacademy.de
wrote:
Hello,
Fresh install of PacketFence 5.0.2...
I've not actually ever used Github before, and the new Fingerbank thing is
giving me trouble. I created a Github
I ran into that problem too. Here's how I fixed it:
The problem was in /lib/pf/Authentication/Source.pm
At line #58, it starts defining common_attributes for the conditions, but
it does NOT have an entry for username.
This causes the if statement at line #133 to fail, and apparently the
elseif
sarrus.ippol...@gmail.com wrote:
Thank you so much sir! So we just have to add the field username in the
subroutine common_attributes?
2015-01-28 9:47 GMT+01:00 Nathan, Josh josh.nat...@bfacademy.de:
OK, I solved my problem. I'm not sure where to report it, so I'm saying
it here.
The problem
debugged my issue!
Hope this helps somebody else!
Joshua Nathan
IT Administrator
Black Forest Academy
+49 (0) 7626-916123
On Wed, Jan 14, 2015 at 11:02 AM, Nathan, Josh josh.nat...@bfacademy.de
wrote:
Well, it took a long time in testing as other issues came up causing me to
table this problem
match.
Regards
Fabrice
Le 2014-12-22 10:35, Nathan, Josh a écrit :
Anymore thoughts about this? I tested the login with the condition
Current Time is after 01:00 and that worked, but trying to do
anything with the username seems to always fail
, Nathan, Josh josh.nat...@bfacademy.de
wrote:
Thanks for your reply Juan,
But if you look, you should see from the excerpt of my conf file that I
do, indeed, have a role. The role is staff. Further, it does correctly
assign the role if I remove any conditions I have regarding the username
(I'll
of devices authorized for the pid and doesn´t assign a
functional vlan, I think that your rule is corrected created except for the
role, try to create a role and that should solve the problem.
I hope that this help you solve the problem.
Best Regards,
On Wed, Dec 10, 2014 at 5:09 AM, Nathan, Josh
rather than an equals.
I'd like to use something akin to: [a-zA-Z]$
Thanks,
Joshua Nathan
IT Administrator
Black Forest Academy
+49 (0) 7626-916123
On Tue, Dec 9, 2014 at 9:31 PM, Nathan, Josh josh.nat...@bfacademy.de
wrote:
I know it works without the condition. I did test that. And I can see
Forest Academy
+49 (0) 7626-916123
On Wed, Dec 10, 2014 at 10:46 AM, Nathan, Josh josh.nat...@bfacademy.de
wrote:
OK, here're the packetfence logs for my login with NO conditions set
(works... user gains Internet access):
Dec 10 10:37:31 httpd.portal(6988) INFO: Authentication successful
Hello,
I'm trying to authenticate users against a Radius database, but if I add a
condition to the rule, I keep getting this message in the logs along with
the Sorry! page:
httpd.portal(6978) WARN: No role specified or found for pid jnathan (MAC
00:1d:72:35:1b:15); assume maximum number of
lmu...@inverse.ca wrote:
On 2014-12-09, at 9:04 , Nathan, Josh josh.nat...@bfacademy.de wrote:
Hello,
I'm trying to authenticate users against a Radius database, but if I add
a condition to the rule, I keep getting this message in the logs along with
the Sorry! page:
httpd.portal(6978
Hello,
I've recently setup a PacketFence 3.6 server in Inline mode. I created a
custom violation via the webgui in Configuration-Violations. However, even
though I enabled the violation, and set trap as one of the actions, it's
still letting computers with an open violation browse the
: [PacketFence-users] Inline Quarantine Not Working
Hello Nathan,
Can you create a new violation for your node and verify that in the ipset
session your the mac addresse appear ?
ipset -L
Regards
Fabrice
Le 2013-04-17 06:24, Nathan, Josh a écrit :
Hello,
I've recently setup a PacketFence 3.6 server
Hello,
I work at a school, and we're using PacketFence 3.6. What we want to do, is
force the people to login at different intervals based off of the credentials
they supply. Since we have lab computers, we'd like students to have to log in
every time they open a browser. Preferably making
Hello,
We're running PacketFence 3.3.2 in Inline mode. The problem we're having is
that most of the time when someone logs in, it tells them that no Internet
Access is detected. Most of the time they can still access the Internet.
However, sometimes it will take several minutes before they
better
for the inline mode.
Regards
Fabrice
Le 2013-02-06 05:38, Nathan, Josh a écrit :
Hello,
We're running PacketFence 3.3.2 in Inline mode. The problem we're having is
that most of the time when someone logs in, it tells them that no Internet
Access is detected. Most of the time they can
if there is an error in your violation record which is
causing it?
What does your trigger look like?
David Bulanda
Network Services Manager
dgbula...@indianatech.edumailto:dgbula...@indianatech.edu
Indiana Techhttp://www.indianatech.edu/
From: Nathan, Josh [mailto:josh.nat...@bfacademy.de]
Sent: Monday
Hello,
We're getting a lot of Rogue DHCP server violations, but I'm not seeing what
the cause could be. We're running PacketFence version 3.3.2. I've looked at
some of the laptops that are getting these, but there doesn't seem to be
anything amiss.
Any suggestions on what to look for?
Hello,
I'm looking at trying to combine PacketFence with OpenDNS. However, in order
to do that, I need to block all DNS requests except the one(s) I specify. Is
there a way to do this within PacketFence (perhaps log a violation for any DNS
requests going to non-listed DNS servers)? Or shall
On a fresh install of PacketFence 3.3.1, I can't get named to start. No errors
are given, either. I'm using Inline enforcement.
Because named won't run, browsers aren't getting successfully redirected. I
was able to confirm that the redirect message is being given by doing a telnet
to the
Francois,
Thanks for the reply! Good to know about the sub-interfaces vs VLAN
interfaces. And yes, as I started following what challenges others have been
facing I started thinking I might need to switch to an Inline configuration
instead. I'll try these over the next few days and see if
Hello, I'm new to PacketFence and am trying it out in a tiny sandbox
environment. Right now I have a proxy (gateway) server, my PF/DHCP server, and
then a laptop connected to a little 8-port ethernet switch. Right now, both
servers have two NICs each (one of which is connected to the sandbox
93 matches
Mail list logo
