> $session->input_log(*STDOUT);
>
> and see if you obtain some useful output.
>
> Regards
>
> Fabrice
>
>
> Le 20-03-13 à 23 h 28, Nicholas Pier via PacketFence-users a écrit :
>
> Hello,
>
> Does anyone know a cli, log or other troubleshooting r
Hi Brandt,
>From the log message, it almost sounds to me like Packetfence doesn't know
the MAC of the device it's trying to move to the guest VLAN. I'm referring
to this:
"Unable to extract audit-session-id"
Maybe something isn't getting passed with WebAuth that would normally be
passed with
I think you can rule out an issue with the role mapping or your connection
profile since PF seems to be getting the correct role and VLAN:
(10.10.80.251) Added VLAN XXX_GUEST to the returned RADIUS Access-Accept
(pf::Switch::returnRadiusAccessAccept)
(10.10.80.251) Added role 255 to the returned
Hi Brandt,
It sounds like your Meraki device isn't getting a message from Packetfence
to switch the user's VLAN after authentication. This usually done through
a radius CoA or disconnect message. Did you catch this caveat on the
network configuration guide? It looks like you need to specify port
Hello,
Are you expecting to assign a role to the device based on rules in the
connection profile? I'd start there since the log says no role was
assigned. Without a role, I don't see how the device can be assigned to a
vlan with autoregistration.
When upgrading to 9.3, were the accompanying
gt;>>>
>>>>>> On Fri, Mar 13, 2020 at 1:27 PM Zacharry Williams <
>>>>>> zachar...@gmail.com> wrote:
>>>>>>
>>>>>>> Lol whoops! I was working on a couple firewalls and totally mixed up
>>>>>>
;>> *Nicholas P. Pier*
>>>>>> Network Architect
>>>>>> CCNP R, PCNSE, VCIX6-DCV, VCIX6-NV, RHCE, CEHv10
>>>>>>
>>>>>>
>>>>>> On Fri, Mar 13, 2020 at 11:48 AM Nicholas Pier <09np...@gmail.com>
Hello,
Does anyone know a cli, log or other troubleshooting resource for
packetfence's internal SSH client?
- Port 22 is open between the server and the switch.
- From the server, I can SSH into the switch with the same credentials
I've provided packetfence in the UI.
- I've also
8 AM Nicholas Pier <09np...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi Zachary,
>>>>>
>>>>> How does OSPF help in the scenario? Is that the right RFC?
>>>>>
>>>>> To answer your question, the OSPF VPN feature is n
later hardware (according to the following link).
>>>
>>> *Nicholas P. Pier*
>>> Network Architect
>>> CCNP R, PCNSE, VCIX6-DCV, VCIX6-NV, RHCE, CEHv10
>>>
>>>
>>> On Fri, Mar 13, 2020 at 11:21 AM Zacharry Williams
>>> wrote:
, 2020 at 11:21 AM Zacharry Williams
wrote:
> Do those switches support rfc 4576?
>
> On Thu, Mar 12, 2020, 5:42 PM Nicholas Pier via PacketFence-users <
> packetfence-users@lists.sourceforge.net> wrote:
>
>> Hello,
>>
>> The Juniper switches are properl
ier*
> Network Architect
> CCNP R, PCNSE, VCIX6-DCV, VCIX6-NV, RHCE, CEHv10
>
>
> On Fri, Mar 13, 2020 at 11:21 AM Zacharry Williams
> wrote:
>
>> Do those switches support rfc 4576?
>>
>> On Thu, Mar 12, 2020, 5:42 PM Nicholas Pier via Pack
Hello,
The Juniper switches are properly placing nodes on vlans based on roles if
there's an up/down port event. The problem is that, I can't seem to get
de-authentication devices to change their VLAN without an up/down event. We
have an important workflow where a user changes role after logging
Felipe,
What are you using to de-authorize the port? Radius? CoA? SNMP? Also,
what's the make of the switch?
I've had the best luck with physical ports using SNMP because it typically
"downs" the port before "upping" it. This causes the client to request a
new DHCP lease and avoids some of the
Hi Mike,
Did you leverage the Upgrade doc to make each of the tweaks required in
moving from 8.x to 9.x? They need to be run for each step between 8.0.1 and
9.0.1.
https://github.com/inverse-inc/packetfence/blob/stable/UPGRADE.asciidoc
There's numerous database schema changes required along the
Eugene,
I don't know exactly where the setup logs to. Perhaps packetfence.log ? It
might be worthwhile to watch the file sizes of the /usr/local/pf/logs
directory to see which file's sizes are growing during installation or just
"tail" them. Perhaps one can lead you towards a cause? That said,
Hi Ivan,
I think this is mostly likely a configuration issue. It sounds like you may
be expecting the controller to receive information about the captive
portal. This may be possible, but it's not how I've deployed packetfence in
the past. Instead, Radius and DNS do most of the work I've only
Hey Eugene,
Yes, your email is making the users mailing list.
I haven't been able to reproduce your problem in any recent installations
of the Zen appliance. Can you confirm that you set the root password,
created the pf database tables, and set the pf user credentials before
proceeding? In the
Hi Stuart
Yes, I've accomplished something similar in a few situations. AD
credentials can be leveraged for this purpose. I'd setup an AD
authentication source and point it to a local domain controller.
Configuration -> Policies and Access Control -> Authentication Sources ->
Internal -> Active
Hello,
I'm looking for some pointers in troubleshooting a radius accounting issue.
We're running a new installation of PF 9.0.1. CentOS 7. However, this is
not my first time deploying the solution.
The issue: nodes are displaying an "unknown" status within the UI.
The packetfence server is
Consider this one resolved.
I noticed that I was looking at the wrong table and radacct had its own
database table. This was empty and logs also indicated that it was
regularly being cleaned.
/usr/local/pf/logs/pfmon.log:Jun 5 17:36:51 pfmon:
pfmon(15935) INFO: [mac:unknown] deleted 0 entries
21 matches
Mail list logo