Re: [PacketFence-users] Lost managment connection

Hello, Check your config in console. When PacketFence is running, you can reach the server through SSH or HTTPS (1443 port) only on management interface. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo

Re: [PacketFence-users] EAP-MD5 & Active Directory?

Hello John On 2019-07-22 11:34 a.m., John Sayce via PacketFence-users wrote: Mon Jul 22 10:13:31 2019 : Auth: (13018) Login incorrect (eap_md5: Cleartext-Password is required for EAP-MD5 authentication): [asd\switch1] (from client 10.8.4.2 port 31 cli 54:80:28:9c:50:50) Try to change

Re: [PacketFence-users] Configuration help for Aruba Instant controller needed (guest access)

Hello Jona, On 2019-07-22 11:58 a.m., Stegmaier, Jona via PacketFence-users wrote: Jul 22 11:04:32 packetfence pfqueue: pfqueue(28927) ERROR: [mac:ac:7b:a1:55:25:9e] Error handling desAssociate : Undefined subroutine ::Switch::Aruba::Instant_Access::perform_coa called at

Re: [PacketFence-users] PROBLEM DURING LOGIN PHASE FROM PORTAL

Hello, Did you create your user "packettest" in packetfence DB with a role ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] Bypass VLANs

Hello Max, On 2019-07-03 12:33 a.m., Max McGrath via PacketFence-users wrote: What are bypass VLANs and Roles for? Bypass VLANs and bypass roles will always override roles or VLAN IDs compute by rules. Specifically, what is a scenario where one would use a bypass VLAN or role? I never

Re: [PacketFence-users] Manual device registration to allow it to the network

Hello Eugene, On 2019-07-03 8:10 a.m., E.P. via PacketFence-users wrote: Does it seem doable ? Yes. When you say (via WPA2-Enterprise/RADIUS), you mean with 802.1X ? I compared two endpoints, one of them is registered with a role and the other one is unregistered without a role and both

Re: [PacketFence-users] [PF 9.0.1] Admin Interface language

Hello, I'm able to reproduce this issue. I opened a bug: https://github.com/inverse-inc/packetfence/issues/4622 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] Android and Windows agent xml

Hello, On 2019-06-19 8:03 p.m., Rankin, Cory wrote: I've been trying all sorts of things to get this working. I did have the profile generating but it is broken again. I've noticed radiusd isn't starting: Unable to open file "/etc/raddb/certs/server.pem" Retry with a fresh install.

Re: [PacketFence-users] Android and Windows agent xml

Hello, On 2019-06-17 3:47 p.m., Rankin, Cory wrote: Hey Nicolas, Thanks for the reply. I have an android provisioner setup with a broadcast SSID, no EAP, WPA2 with psk (to test). In connection profile I have android provisioner as the number one. I have not adjusted any Portal Modules so

Re: [PacketFence-users] Let's Encrypt issue

Hello Lupe, On 2019-06-18 12:07 a.m., Lupe Silva via PacketFence-users wrote: Is there anything else I can check? Yes, check your browser console and packetfence.log to see if you have more details. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca

Re: [PacketFence-users] configure hp procurve 2530 with ACL radius

Hello, On 2019-06-18 2:24 a.m., William VANDAL via PacketFence-users wrote: */IPv6 ACLs enabled (HP-Nas-Rules-Ipv6): FALSE/* According to this line, my guess will be that "IPv6 ACLS" are disabled. Take a look at the manual of your switch to be sure. -- Nicolas Quiniou-Briand n...@inverse.ca

Re: [PacketFence-users] unsubscribe

Hello, In order to unsubscribe, write an email to packetfence-users-requ...@lists.sourceforge.net -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and

Re: [PacketFence-users] Android and Windows agent xml

Hello Cory, Could you provide us which steps did you perform to configure android or windows provisioning ? Which PF version are you using ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu),

Re: [PacketFence-users] Error on WebGUI after patching

Hello Ivan, On 2019-06-14 2:34 p.m., Ivan Saliu via PacketFence-users wrote: Hi Guys, Today i’ve patched PacketFence 9.0.1 from pf-maint.pl and I noticed that both the Nodes and Users tab are not working properly from the WebAdmin interface. Try to re-apply maintenance patches and restart

Re: [PacketFence-users] [PF 9.0.1] Disable Notifications

Hello, On 2019-06-17 10:55 a.m., pro fence via PacketFence-users wrote: hello, does anybody know how to disable the annoying notifications on the admin interface ? Not possible right now in my opinion. You can open a feature request on your bug tracker:

Re: [PacketFence-users] PF 9 update problem with netdata

Hello Hubert, Disable EPEL repo anytime on a PF server and enable it only when necessary. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] Question about Insufficient space to store pair string

Hello, I already saw that error but it should not prevent an authentication by FreeRADIUS. Could you provide packetfence.log and radiusd.log lines for a specific MAC address which had issue ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse

Re: [PacketFence-users] PacketFence API does not seem to be working correctly

Hello Ben, On 2019-05-28 3:55 p.m., Brenek, Benjamin via PacketFence-users wrote: curl -k -X POST "https://packetfence.domain.com:/api/v1/nodes/search; -H  "accept: application/json" -H "Authorization: " -H  "Content-Type: application/json" -d

Re: [PacketFence-users] PacketFence: adding/deleting nodes

Hello, On 2019-05-28 10:37 a.m., Sajawal Ghani via PacketFence-users wrote: Secondly, I want to import a CSV file of nodes to my PacketFence. There is an option to do so, but when I try to upload the file it just does nothing. Neither it gives an error nor adds my mac addresses into the

Re: [PacketFence-users] captive portal customization

Hi, On 2019-05-21 10:45 a.m., Domingos Varela wrote: I used this path in the url /usr/local/pf/html/common/mylogo.png Replace by /common/mylogo.png -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo

Re: [PacketFence-users] captive portal customization

Hello, On 2019-05-20 4:11 p.m., Domingos Varela via PacketFence-users wrote: Hi, Can someone help me customize the captive portal logo and the background color, I tried via webpage to change the url of the logo, but it does not work, is there another way to add the logo on the portal?

Re: [PacketFence-users] Unable to manually apply a custom violation (security event) to a node

Hello Andrew, On 2019-05-20 5:03 p.m., Torry, Andrew via PacketFence-users wrote: This does not work in 9.0 as the onloy SE’s that show up in the list of options are the built-in ones. You're right, thanks. I report the issue here: https://github.com/inverse-inc/packetfence/issues/4550 As

Re: [PacketFence-users] Per AP VLAN assignment

On 2019-05-20 1:29 p.m., Enrico Pasqualotto wrote: Thanks, I'll try it. any chance to manage it through the admin GUI? I'm sure customer ask me that :-) Already the case ! Go in Configuration -> Advanced Access Configuration -> Filter engines I will add more details in docs. -- Nicolas

Re: [PacketFence-users] Captive Portal Not Working

Hello Ibrahim, 1. Did you get IP address in 10.10.26.0/24 network when your devices are unregistered ? 2. If yes, are you able to reach captive portal from this subnet (http://pf01.trumpet.org) ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca

Re: [PacketFence-users] Per AP VLAN assignment

Hello Enrico, On 2019-05-20 10:29 a.m., Enrico Pasqualotto via PacketFence-users wrote: Anyone has already done something like this? Can I make a custom VLAN assignment to match that value (Called-Station-ID)? Yes, you can use VLAN filters, see [0]. You will find some examples in

Re: [PacketFence-users] OS Update breaks Captive Portal

Hello, On 2019-05-15 9:58 p.m., Kalcho via PacketFence-users wrote: Thank you on your promptly answer. Yes static content is not working. httpd.dispatcher was not running. And I could not start it, it was failing. Can you point me where I can find more info about httpd.dispatcher and its

Re: [PacketFence-users] MACauth authentication source

Hello David, In order to test MAC Auth, you need to specify additional attributes. What you can do: 1. Create a mac-authentication.test file: ``` User-Name = "00:11:22:33:44:55" User-Password = "00:11:22:33:44:55" NAS-IP-Address = 192.168.0.1 NAS-Port = 0 NAS-Port-Type = Ethernet Service-Type

Re: [PacketFence-users] How to avoid Anonymous identity.... 802.1x/radius issue

Hello Enrico, Could you provide me a full example ? 1. a MAC address which has issue 2. Actual results 3. Expected results 4. packetfence.log for this MAC address -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo

Re: [PacketFence-users] How is the provisioning of new radius users

Hello, On 2019-05-01 12:25 a.m., Miguel Miranda via PacketFence-users wrote: Hi, i want to load a large list of usernames/passwords so our customers will receive of of them via email and be ready to autenticate with packetfence, this will be one time event so i don't need the

Re: [PacketFence-users] Avaya ERS 3500 Vlan issue

Hello Adrian, 1. What PacketFence displays in Audit log for a RADIUS request sent by your Avaya switch ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and

Re: [PacketFence-users] How to avoid Anonymous identity.... 802.1x/radius issue

Hello, On 2019-04-28 9:53 p.m., Enrico via PacketFence-users wrote:  Dear all, I’ve been writing lots of emails to this list, but I think this one is a very important one, because I’d like to find better information about the question of access logging. Packetfence is a software that

Re: [PacketFence-users] Internet Facing Packetfence

Hello Jason, On 2019-04-24 9:49 a.m., HALL, Jason (CITY HEALTH CARE PARTNERSHIP CIC - NNF) wrote: Hi Nicolas, No, we do use this design currently for some sites connected via a VPN, The design I require is for AP's not connected via a VPN. Ok. Which can of enforcement do you plan to use

Re: [PacketFence-users] No-EAP Authentication issue with Avaya switches

Hello Adrian, On 2019-04-24 11:56 a.m., Adrian Dessaigne via PacketFence-users wrote: For RADIUS authentication of a Non-EAPOL host MAC address, the switch generates a pair as follow:  -The username is the Non-EAPOL MAC address in string format.  -The password is a string that combines the

Re: [PacketFence-users] Install on Google Cloud

Hello Jim, You can disable iptables management in pf.conf (or in webadmin). See below extract from pf.conf.defaults: ``` # services.iptables # # Should iptables be managed by PacketFence? iptables=enabled ``` -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] fingerbank

Hello Enrico, On 2019-04-19 8:41 a.m., Enrico Becchetti via PacketFence-users wrote: If I need how can I add devices to fingerbank ? You can go here (you need a GitHub login): https://api.fingerbank.org/combinations/new How long you have to wait to see it online ? Time for us to check

Re: [PacketFence-users] Internet Facing Packetfence

Hello Jason, Do you speak about such design: https://packetfence.org/doc/PacketFence_Installation_Guide.html#_routed_networks ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] add nodes through script

On 2019-04-23 11:26 a.m., Amjad Ali via PacketFence-users wrote: Nicolas, Kind of you to reply... Yes I checked the DB, the nodes are there but unregistered and Role is default instead of gaming. Nodes are added but role and status are not correctly set. 1. Did you get same behavior

Re: [PacketFence-users] add nodes through script

Hello, 1. Did you check in DB if you find your nodes ? 2. As a workaround, you can use GUI to directly import CSV file. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] Blank captive portal with cisco wlc 5508

Hello, On 2019-04-16 4:27 p.m., pro fence via PacketFence-users wrote: Also on the wlc i have configured " Auth Called Station ID Type = AP MAC address:SSID" Change this setting to: * "xx:xx:xx:xx:xx:xx:SSID" or * ":SSID" with xx:xx:xx:xx:xx:xx MAC address of node. You can

Re: [PacketFence-users] Dashboard charts

Hello Barry, PacketFence is shipped with its own netdata package: ``` # yum info netdata [..] Installed Packages Name: netdata Arch: x86_64 Version : 1.10.0 From repo : packetfence ``` If you use latest netdata packages, you will certainly have issues. -- Nicolas

Re: [PacketFence-users] Network detection issue

Hello, On 2019-04-11 7:26 p.m., Leandro Ude via PacketFence-users wrote: I still can't get to work es network detection http message I still get the red message "unable to detect network" : Check packetfence.log for your MAC address to see if PF is able to disconnect correctly your device

Re: [PacketFence-users] Node status triggering disauthentication

Hello, On 2019-04-11 12:29 p.m., Bram Wittendorp via PacketFence-users wrote: After enabling this option, lots of devices did deregister, is there somekind of explination for this kind of behavior? No. Check packetfence.log for a MAC which has issue. -- Nicolas Quiniou-Briand n...@inverse.ca

Re: [PacketFence-users] suricata "ET TOR" violation doesn't start

Hello Enrico, The P2P and "ET TOR" violations have been triggered for the same device (10.25.1.1) ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and

Re: [PacketFence-users] Can not start pfdhcp

Hello Olivier, On 2019-04-08 1:36 p.m., Olivier Gelin wrote: I applied the maintenance script and restarted right after. 1. Did you mean that pfdhcp broke after applying maintenance script ? Do you have done some customization in pfdhcp binary ? 2. Each time pfdhcp complains about it

Re: [PacketFence-users] Help developing perl module for FiberStore Switchs

Hello Adrian, On 2019-04-08 5:11 p.m., Adrian Dessaigne via PacketFence-users wrote: Do you want the MIB Files or is it enought to program the module ? If the generic module do the job, why do you want to develop a specific module ? -- Nicolas Quiniou-Briand n...@inverse.ca ::

Re: [PacketFence-users] Can not start pfdhcp

Hello Olivier, From what I see, pfdhcp is not able to "bind" on an IP address. Try to run command use by systemd to start pfdhcp directly from command line. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo

Re: [PacketFence-users] API question

Hello, On 2019-03-28 6:56 p.m., Thomas, Gregory A via PacketFence-users wrote: Is there any way to verify is this option is set? Try to use https://packetfence.org/doc/api/#/default/get_dhcp_stats__interface_ -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] PacketFence to Act as a DHCP Server for outofband networks.

Hello Etienne, On 2019-03-27 10:05 a.m., Etienne Vella via PacketFence-users wrote: My question is,  it possible to have packet fence act as a DHCP server for all subnets within the network. The idea is to have the DHCP server centralized and not having DHCP servers running on each satellite

Re: [PacketFence-users] DHCP Issues

Hello Sean, On 2019-03-21 4:32 p.m., Seán Mac Lochlainn wrote: I created an external DHCP server in Windows Server and also added the DHCP server to the ‘Production DHCP servers’ list in the Admin Interface. The user will now go to VLAN 10 (Production) when authenticated. Using WireShark, I

Re: [PacketFence-users] DHCP Issues

Hello, On 2019-03-20 5:09 p.m., Seán Mac Lochlainn via PacketFence-users wrote: Hi Everyone, I’m a student and doing a project, creating a small lab with 802.1x authentication. I’m facing issues with the DHCP from PacketFence assigning the client an IP address. (Client doesn’t get an IP

Re: [PacketFence-users] PacketFence cisco-avpair ip-inacl

Hello Carlos, Did you try directly with a Cisco module ? All Cisco modules that inherite from Catalyst_2960 support directly this feature [0]. ``` $ grep "sub supportsAccessListBasedEnforcement" lib/pf/Switch/Cisco/Catalyst_2960.pm sub supportsAccessListBasedEnforcement { return $TRUE } $

Re: [PacketFence-users] Device registration portal

Hello Enrico, On 2019-03-13 10:17 a.m., Enrico via PacketFence-users wrote: but what do you think about ip address ? Can ip address be displayed  ? In your situation, for what do you need this information ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] PacketFence 8.3.0 on Centos 7.6

Hello, On 2019-03-18 5:33 p.m., pro fence via PacketFence-users wrote: One more thing though, i don't understand why it is not mentionned in the installation doc that we should apply the maintenance patches; it could save some folks days, weeks of searching and trying to figure it out. The 

Re: [PacketFence-users] Packetfence-PKI

Hello, On 2019-03-15 9:35 p.m., Rankin, Cory via PacketFence-users wrote: I think I need to start over on the PKI. What is the best way to start over? I believe I deleted the only user (thought I was deleting an api user). Try: yum reinstall packetfence-pki

Re: [PacketFence-users] Cant modify/add/delete VLAN's on packetfence GUI

Hello, On 2019-03-17 4:53 a.m., Tony W wrote: > The question remains, is it possible, or supposed to be possible, to re-configure PF once initial "configurator" has been run? Yes, simply remove the file /usr/local/pf/conf/currently-at but don't forget to re-enable it. I could not find

Re: [PacketFence-users] PacketFence 8.3.0 on Centos 7.6

Hello, On 2019-03-15 5:42 p.m., pro fence via PacketFence-users wrote: do you know where this kind of error of unresponsive button can come from ? Apply maintenance patchs on your installation and retry. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] Cant modify/add/delete VLAN's on packetfence GUI

Hello Tony, Please give us minimal, complete, and verifiable example : https://stackoverflow.com/help/mcve -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org)

Re: [PacketFence-users] Odd Fingerbank profile

Hello Max, Did you try to refresh the device profiling with the button "Refresh Device profiling" ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and

Re: [PacketFence-users] issues with Email Authentication after upgrade to 8.3

You're welcome ;-) -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org) ___

Re: [PacketFence-users] issues with Email Authentication after upgrade to 8.3

Hello, Did you apply the maintenance patches after you upgrade (with pf-maint.pl) ? Try and give a feedback. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org)

Re: [PacketFence-users] Graphs not populating

Hello Max, For me, it's a bug. I reported it: https://github.com/inverse-inc/packetfence/issues/3973 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and

Re: [PacketFence-users] Issues with Multiple SSIDs and Multiple Connection Profiles

Hello Christian, On 2019-02-19 8:57 p.m., Christian McDonald via PacketFence-users wrote: Greetings, I want to make sure that registrations performed on one SSID aren't allowed on another SSID. For example, I have an 802.1X WPA2-Enterprise SSID for staff and students to use with their

Re: [PacketFence-users] POTD Changing Email Template

Hello Joe, According to this issue (and its fix): https://github.com/inverse-inc/packetfence/issues/3503 if you're running 8.3, it should be possible to edit email template directly in GUI. Did you see some errors in httpd.admin.log or in packetfence.log ? -- Nicolas Quiniou-Briand

Re: [PacketFence-users] Assigning role based on Active Directory name

Hello Adrian, What do you see in packetfence.log for a specific MAC address ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] PacketFence 8.x You do not have permission to register a device with this username

Hello, pftest show you that you didn't match any rules: Authenticating against 'htbAD' in context 'admin' Authentication SUCCEEDED against htbAD (Authentication successful.) Did not match against htbAD for 'authentication' rules Did not match against htbAD for 'administration' rules

Re: [PacketFence-users] Can't link PacketFence with AD Server.

Hello Adrian, On 2019-02-12 11:28 a.m., Adrian Dessaigne via PacketFence-users wrote: Hello Fabrice, Initially, my PacketFence projet where for a client with Fiberstore switchs ( S3900-48TS and S5850-32SQ ). For my sketch, I use a cisco 2950 but seems to be buggy. I've got a new switch, a

Re: [PacketFence-users] Out of HDD space

Hello Justin, To find which files use space on your disk you can use the ncdu tool. Otherwise, there was a bug in FreeRADIUS logrotate conf file included with PF (/etc/logrotate.d/radiusd) if you're running on CentOS 7, see https://github.com/inverse-inc/packetfence/issues/3979 -- Nicolas

Re: [PacketFence-users] Can't link PacketFence with AD Server.

Hello Adrian, Some troubleshooting steps: - Check log in PacketFence logs: # grep domain /usr/local/pf/logs/httpd.admin.log Check DNS configuration (in chroot): # cat /chroots//etc/resolv.conf Check syntax of your current domain config (in chroot): # testparm /etc/samba/.conf Check if you

Re: [PacketFence-users] How to get aboard fingerbank with httpproxy ?

On 2019-01-30 10:49 a.m., IT?? wrote: --3.?0?2Do?0?2you?0?2see?0?2logs?0?2in?0?2/usr/local/pf/logs/pfdhcplistener.log?0?2? You should see DHCP requests in this file. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind

Re: [PacketFence-users] How to get aboard fingerbank with httpproxy ?

1. Do you see DHCP incoming traffic coming on your management interface ? 2. Does pfdhcplistener is running on this interface ? 3. Do you see logs in /usr/local/pf/logs/pfdhcplistener.log ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc.

Re: [PacketFence-users] How to get aboard fingerbank with httpproxy ?

Hello, You can define Fingerbank settings in /usr/local/fingerbank/conf/fingerbank.conf like this: ``` [upstream] api_key=YOUR_API_KEY [proxy] host=myproxy.domain.lan port=3128 ``` Then do a `/usr/local/pf/bin/pfcmd configreload hard` -- Nicolas Quiniou-Briand n...@inverse.ca ::

Re: [PacketFence-users] How to get aboard fingerbank with http proxy ?

Hello, Skip this step in configurator. After that, go in Web admin and you will be able to configure a proxy for Fingerbank. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] Can't finish initial deployment for PF v8.3

`cat /usr/local/pf/conf/pf-release > /usr/local/pf/conf/currently-at` -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] Packet Fence email activation not working.

Hello Justin, This bug has been fixed in maintenance 8.3 branch [0] Apply the maintenance patches and restart pf services: ``` /usr/local/pf/addons/pf-maint.pl /usr/local/pf/bin/pfcmd service pf restart ``` [0]

Re: [PacketFence-users] LDAP Authentication Source Base DN and Scope are not followed.

Hello Benjamin, On 2019-01-10 3:54 p.m., Brenek, Benjamin wrote: Hi Nicolas, I did as requested. It looks like the authentication comes back with no matches, yet still authenticates the user. Attached is the part of the log that relates to authentication of the user. I saw this: ```

Re: [PacketFence-users] LDAP Authentication Source Base DN and Scope are not followed.

Hello Benjamin, On 2019-01-09 3:13 p.m., Brenek, Benjamin via PacketFence-users wrote: Can anyone possibly provide some insight into why this issue is occurring? Try to increase log level from INFO to DEBUG at first line of /usr/local/pf/conf/log.conf.d/httpd.aaa.conf. Then do a

Re: [PacketFence-users] Add the custom rule to packetfence iptables to open port for monitoring

Hello Kalcho, You added your rule in the correct file. In place of: `pf/bin/pfcmd service iptables restart`, try: ``` /usr/local/pf/bin/pfcmd service iptables generateconfig /usr/local/pf/bin/pfcmd service iptables restart ``` After first command, you should see your rule in

Re: [PacketFence-users] SMS for missing providers

On 2018-12-14 1:36 p.m., Nicolas Quiniou-Briand via PacketFence-users wrote: You have to find the domain name use to reach SMS-to-Gateway servers of your provider. SMTP-to-SMS Gateway (in place of SMS-to-Gateway). -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140

Re: [PacketFence-users] SMS for missing providers

On 2018-12-14 10:08 a.m., Wifi Guy via PacketFence-users wrote: 1. Where can I get the SMS carrier info needed to add to PF? You have to find the domain name use to reach SMS-to-Gateway servers of your provider.

Re: [PacketFence-users] SMS for missing providers

Hello, Check the `sms_carrier` table in `pf` DB. Example: https://github.com/inverse-inc/packetfence/blob/526ffa878d7a3e4366de9290df5ba87b128e33c9/db/upgrade-8.1.0-8.2.0.sql#L73 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders

Re: [PacketFence-users] character from ISO-8859-1 in password ...

Hello Virginie, On 2018-12-13 4:48 p.m., Virginie Girou via PacketFence-users wrote: Concerning password entered in Captiveportal authentication page (signin.html), if password include character deg "°",  for instance, packetfence send to our radius the octal code for "°" (\260). Do we have to

Re: [PacketFence-users] DOT1X MAC authentication

Hello Carlos, On 2018-12-13 9:15 a.m., Carlos Wetli via PacketFence-users wrote: - which database is it ? can the MAC be registered via scripts ? The `pf` database. You can do a massive import from Web Admin in Nodes -> Create. - Can the database be external to PF, meaning on another server

Re: [PacketFence-users] Captive Portal authorization failed "you do not have permission to register a device with this username"....

Hello, On 2018-12-12 7:46 a.m., Enrico Becchetti wrote: Hello ! "Configuration->Policies and Access Control-> Roles" I've added "PF-WEB", "Max Nodes per user" equal to 0 and default Traffic Shaping. You just create the role. To assign it, you need to create an authentication rule in your

Re: [PacketFence-users] Captive Portal authorization failed "you do not have permission to register a device with this username"....

Hello Enrico, Where did you assign the PF-WEB role ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] API Token

Hello, On 2018-12-02 1:47 p.m., Murilo Calegari via PacketFence-users wrote: Hi everyone, is the token for the API designed to expire? If so, after how much time? https://packetfence.org/doc/api/#/default/post_login "This will perform a login against the PacketFence system user, the

Re: [PacketFence-users] user access to nodes in the admin -> nodes web page

Hello Ian, On 2018-12-11 12:16 p.m., Ian Alder wrote: The issue is still there. Yes, keep an eye on this GitHub issue [0]. You can also post a comment to make things progress. [0] https://github.com/inverse-inc/packetfence/issues/3681 -- Nicolas Quiniou-Briand n...@inverse.ca ::

Re: [PacketFence-users] user access to nodes in the admin -> nodes web page

Hello Ian, I try to reproduce your issue but I found this bug: https://github.com/inverse-inc/packetfence/issues/3681 If I follow the steps you mentioned, I got: - partner1 user with tenant_id 1 - partner2 user with tenant_id 1 - nodes owned by partner1 user with tenant_id 1 - nodes owned by

Re: [PacketFence-users] Initial configuration fails

Hello Jona, I installed recently a 8.2.1 without any problems with the configurator. Try with the ZEN installation : https://sourceforge.net/projects/packetfence/files/PacketFence%20ZEN/8.2.1/PacketFence-ZEN-8.2.1.zip/download You can safely ignore errors related to DB before completing the

Re: [PacketFence-users] user access to nodes in the admin -> nodes web page

On 2018-12-06 3:46 p.m., Ian Alder wrote: [partner1 admin role] [..] description=partner1 admin role [partner2 admin role] [..] > description=partner1 admin role Not sure it's your issue but the description are the same. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140

Re: [PacketFence-users] user access to nodes in the admin -> nodes web page

Ian, Please give me the content of /usr/local/pf/conf/adminroles.conf for: -partner1 admin role -partner2 admin role -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] user access to nodes in the admin -> nodes web page

Hello Ian, Thanks for the report. I will try to reproduce this issue on 8.2.1. Which are the access level for your users partner1 and partner2 ? You can see this information in the "Actions" tab for each user. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] EAP-TLS Computer and User Auth

Hello Wifi On 2018-12-06 9:39 a.m., Wifi Guy via PacketFence-users wrote: Excuse my ignorance but I dont understand the context of this? Im not sure what VLAN filter does? See https://packetfence.org/doc/PacketFence_Installation_Guide.html#_vlan_filter_definition VLAN filters will be

Re: [PacketFence-users] EAP-TLS Computer and User Auth

On 2018-12-05 3:31 p.m., Fabrice Durand via PacketFence-users wrote: If the device already did a machine auth then the machine_account will be filled (https://github.com/inverse-inc/packetfence/blob/devel/conf/vlan_filters.conf.example#L258) so you can play with that to detect corporate

Re: [PacketFence-users] Applying correct VLAN to users

Hello Bram, On 2018-12-05 1:45 p.m., Bram Wittendorp wrote: I was trying this out on my iPad an I was also using CoA. But it didn't work from me. What say the packetfence.log when you use CoA ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca

Re: [PacketFence-users] Applying correct VLAN to users

Bram, On 2018-12-05 9:34 a.m., Bram Wittendorp wrote: [..] Dec 5 08:02:24 DRNAC01 pfqueue: pfqueue(26788) INFO: [mac:50:32:37:55:4f:38] [50:32:37:55:4f:38] DesAssociating mac on switch (10.10.10.51) (pf::api::desAssociate) Dec 5 08:02:24 DRNAC01 pfqueue: pfqueue(26788) INFO:

Re: [PacketFence-users] Applying correct VLAN to users

Hello Bram, You should not disable CoA but use it ! It will let you move your users from registration VLAN to production VLAN the smart way. Copy/paste here an extract from packetfence.log for a user that have the issue (filter on MAC address): ``` cat packetfence.log | grep

Re: [PacketFence-users] Inline enforcement and unauthenticated user's access

Hello Eric, On 2018-12-04 5:30 p.m., Eric Rolleman via PacketFence-users wrote: Does packetfence block all outside access to devices behind an inline configuration until the user has authenticated? I know it won’t resolve DNS for anything, but if a user attempts to connect somewhere by IP and

Re: [PacketFence-users] pfdhcp providing duplicates IP.

Hello Diego, On 2018-12-03 4:51 p.m., Diego Lopes da Cruz via PacketFence-users wrote: Has this fix been released  in "pf-maint.pl " for version 8.1? Only maintenance/8.2 https://github.com/inverse-inc/packetfence/commit/b8e6c19820fd03f8561955a71cc2fddf9080298d -- Nicolas

Re: [PacketFence-users] PF 8.2 and HP Procurve 2824

Hello Enrico, On 2018-11-15 10:15 a.m., Enrico Becchetti Gmail via PacketFence-users wrote: Dear All, I'm a newbie in PF and I'd like to make some tests to use it for 802.1x authentication and Freeradius to store users, but my old equipment aren't supported so what are you think about it ?

Re: [PacketFence-users] Issue Using vlan_filters.conf

Hi Matthew, Just to be sure to understand: you didn't succeed to auto-register your Polycom VoIP phones ? In the packetfence.log you pasted, MAC address doesn't belong to a Polycom device. Could you paste log for a Polycom device ? -- Nicolas Quiniou-Briand n...@inverse.ca ::

<    1   2   3   4   >