Re: [PacketFence-users] VLAN Filter

Hello Jason, Try to rename your second action [autoreg:aruba_aps] to [autoreg_aruba_aps:aruba_aps]. Action names need to be unique and you define two actions with same name "autoreg". -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. ::

[PacketFence-users] VLAN Filter

I am trying to setup a couple of VLAN Filters to autoregister devices and put them in the correct roles and VLANs I have the below which works perfectly. It registered the phones and drops then in the correct role and vlan [yealink_phones] filter = node_info.mac operator = regex value =

Re: [PacketFence-users] VLAN filter rule to temporarily allow specific switch

Hello Yan, you also need to register the device. so something like that: [pf_ssid] filter = ssid operator = is value = PF-Wireless [SG1_switch] filter = switch._ip operator = is value = 172.11.5.121 [reg_by_switch:pf_ssid_switch] scope = RegistrationRole action = modify_node action_param =

[PacketFence-users] VLAN filter rule to temporarily allow specific switch

Hi users, I want to add a VLAN filter rule to temporarily pass one specific switch (IP 172.11.5.121) and keep the others as normal. Is below rule okay to do this ? [pf_ssid] filter = ssid operator = is value = PF-Wireless [SG1_switch] filter = switch._ip operator = is value =

Re: [PacketFence-users] VLAN Filter for MAB devices

Hi Hello Kehinde, MAB is exactly what you need , also for that create a violation that will autoreg printer, it will be easier than vlan filters. Regards Fabrice Le 2017-06-08 à 07:51, Akala Kehinde via PacketFence-users a écrit : > Hallo, > > Hallo guys, > > Want to knw if it's possible to

[PacketFence-users] VLAN Filter for MAB devices

Hallo, Hallo guys, Want to knw if it's possible to do MAB authentication for non-manageable devices like printers. Don't want to do Hybrid setup, prefer OOB setup instead. Or is it possible to define a VLAN filter that auto-registers these devices and assigns them a registered role? Something

Re: [PacketFence-users] Vlan filter matching radius realm?

Changing Null to a internal auth source and mapping the DEFAULT realm to the null source "eduroam" accomplished what I wanted. On Tue, Sep 6, 2016 at 12:46 PM, Tim DeNike wrote: > Yeah.. No go. Im not doing this in tunnel. This is for requests going > out to eduroam. > >

Re: [PacketFence-users] Vlan filter matching radius realm?

Yeah.. No go. Im not doing this in tunnel. This is for requests going out to eduroam. The end goal is to end up getting the user a valid role in PF for external eduroam users. I had this working before in vlan/custom.pm before other changes were implemented that caused it to not work the way

Re: [PacketFence-users] Vlan filter matching radius realm?

Looks like it works for me. btw it should be: "update request { Realm := DEFAULT }" in packetfence-tunnel in post-auth before rest. Fabrice Le 2016-09-06 à 09:13, Fabrice Durand a écrit : Ok i will try it on my side. Le 2016-09-06 à 08:47, Tim DeNike a écrit : [realmdefault] filter =

Re: [PacketFence-users] Vlan filter matching radius realm?

Ok i will try it on my side. Le 2016-09-06 à 08:47, Tim DeNike a écrit : [realmdefault] filter = radius_request attribute = User-Name operator = is value = mcc_t...@eduroam.us Works [realmdefault] filter = radius_request attribute = Realm operator = is value =

Re: [PacketFence-users] Vlan filter matching radius realm?

[realmdefault] filter = radius_request attribute = User-Name operator = is value = mcc_t...@eduroam.us Works [realmdefault] filter = radius_request attribute = Realm operator = is value = DEFAULT Does not. I did try filter = radius_reply as well... Are you saying I need to use the freeradius

Re: [PacketFence-users] Vlan filter matching radius realm?

The filter is something like that ? : [DEFAULT] filter = radius_request.Realm operator = is value = DEFAULT Le 2016-09-06 à 08:32, Tim DeNike a écrit : Even if I manually defined it by update reply { Realm := DEFAULT } in the post-auth section before calling packetfence module, it still

Re: [PacketFence-users] Vlan filter matching radius realm?

Even if I manually defined it by update reply { Realm := DEFAULT } in the post-auth section before calling packetfence module, it still wouldn't match. It showed in the radius audit log, but just wouldn't match. On Tue, Sep 6, 2016 at 8:28 AM, Fabrice Durand wrote: > Hello

Re: [PacketFence-users] Vlan filter matching radius realm?

Hello Tim, you can use raddebug (raddebug -f /usr/local/pf/var/run/radiusd.sock) to check if the realm attribute is there. But if it's DEFAULT, it's probably undefined. Regards Fabrice Le 2016-09-05 à 19:13, Tim DeNike a écrit : > Fwiw. This is for eduroam and is being proxied to 2 local

[PacketFence-users] Vlan filter matching radius realm?

I'm trying to get a vlan filter to work by matching an ssid and radius attribute Realm is DEFAULT in order auto register and assign a role/duration. For some reason I just can't get it to match the Realm in the radius reply. Is there some trick to it? Sent from my iPhone

Re: [PacketFence-users] Vlan filter matching radius realm?

Fwiw. This is for eduroam and is being proxied to 2 local externally facing radius servers that in turn send it to eduroam. Sent from my iPhone > On Sep 5, 2016, at 6:47 PM, Tim DeNike wrote: > > I'm trying to get a vlan filter to work by matching an ssid and radius >

[PacketFence-users] vlan filter - node expiration

Hi all, I'm looking to find a way to add a node expiry time, or access duration to my vlan filter config. I currently have a working vlan_filter which autoregisters a device and sets the normal vlan and category based upon the eduroam realm name in the username, but if possible I'd like to

Re: [PacketFence-users] VLAN Filter and User Attributes

Thanks for the replay. Your example was helpful and helped me to make a few modifications to the packetfence code so I can accomplish my objectives. (I would put up the code myself, however I am not as familiar with the github process yet) Attached are a modified filer.pm and person.pm files

Re: [PacketFence-users] VLAN Filter and User Attributes

Hi Lupe, i will check your code and probably include it in PacketFence. Regards Fabrice Le 2014-06-30 18:13, Lupe Silva a écrit : Thanks for the replay. Your example was helpful and helped me to make a few modifications to the packetfence code so I can accomplish my objectives. (I would put

Re: [PacketFence-users] VLAN Filter and User Attributes

Hi Lupe, [category] filter = node_info operator = is attribute = category value = guest [robert] filter = node_info operator = is attribute = pid value = robert [arnaud] filter = node_info operator = is attribute = pid value = arnaud [ludovic] filter = node_info operator = is attribute = pid

Re: [PacketFence-users] VLAN filter in PF 4.3

-users@lists.sourceforge.net Subject: Re: [PacketFence-users] VLAN filter in PF 4.3 :FORMERLY: Cisco WLC, Private and Public WLANs Hi Jake, you can play with devel which is very close to the 4.3 release. Fabrice Le 2014-06-18 14:09, Sallee, Jake a écrit : Fabrice: That sounds great

Re: [PacketFence-users] VLAN filter in PF 4.3

: [PacketFence-users] VLAN filter in PF 4.3 :FORMERLY: Cisco WLC, Private and Public WLANs Hi Jake, you can play with devel which is very close to the 4.3 release. Fabrice Le 2014-06-18 14:09, Sallee, Jake a écrit : Fabrice: That sounds great and exactly what I am looking for. Do you have

[PacketFence-users] VLAN filter in PF 4.3 :FORMERLY: Cisco WLC, Private and Public WLANs

Fabrice: That sounds great and exactly what I am looking for. Do you have an ETA for 4.3, and is there a beta I can play with? : ) Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: