I?ve added rules and communication is working - using curl I have generate API key from PacketFence server.
Problem is I don?t see outgoing packets on interface to my PaloAlto firewall.
W dniu ?r., 11.03.2020 o 18:02 Tomasz Karczewski OLMAN <tkarczew...@man.olsztyn.pl> napisa?(a):
Please check if you PA doesnt filter packets.Hi,-------- Oryginalna wiadomo?? --------Od: Przemyslaw Zoltowski via PacketFence-users <packetfence-users@lists.sourceforge.net> Data: 11.03.2020 17:02 (GMT+01:00)Do: packetfence-users@lists.sourceforge.netDW: Przemyslaw Zoltowski <zo...@dzikakuna.net>Temat: [PacketFence-users] 9.3.0 - SSO PaloAlto doesn't work
I've configured SSO according to documentation. I also make sure that PacketFence has access to PaloAlto firewall.
In pfsso.log I can see that SSO is operational and sends info to PA:
Mar 11 14:13:26 packetfence pfsso[2238]: t=2020-03-11T14:13:26+0100 lvl=info msg="Processing SSO Start" pid=2238 request-uuid=1816cea7-639a-11ea-bf1a-0050569ad40d username=x...@gmail.com ip=10.201.6.184 mac=d4:a3:3d:xx:xx:xx role=guest firewall-id=x.x.x.x
But I don't see anything going to PaloAlto IP in tcpdump on uplnik interface.
Generating API key with curl from PacketFence works and I can see this packets in tcpudmp.
Did anyone has this problem ? PF version: packetfence-9.3.0-20200113144930.108928498.0007.el7.x86_64 on Centos 7
Thanks for advice!
zolty
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
