Hi Jason,
That's a tricky one.
The closest I can think of that would match your requirements is setting up
separate instances with two mariadb databases, and then setting up circular
replication on the person and password tables between the two databases.
You might also want to replicate the
Hello guys,
Got a quick question regarding the passthrough setup.
I have enabled dns passthrough and configured some websites allowed for
passthrough.
I have an internal dns server setup and configured on PF. And also a
firewall that allows access to the internet for the users by assigning dhcp
Many thanks for the reply.
I will give it a go and see how I get on.
Regards
Aaron
Sent from my iPhone
> On 17 Jul 2017, at 14:40, Antoine Amacher via PacketFence-users
> wrote:
>
> Hello Aaron,
>
> WebAuth will be almost look like the VLAN
I mean "I'll try the pki setup". And is this not also possible with local
usernames and passwords? Because when I tried it, the Provisioner in the
Connection Profile wasn't hit when client was authenticating.
On 17 Jul 2017 5:06 PM, wrote:
Thanks for your swift reply Antoine.
If the ssid is
Thanks for your swift reply Antoine.
If the ssid is hidden, how then do you connect at first time to the ssid.
Don't think that is possible, except maybe if you download the PF agent
first and use to configure the ssid. Or what's the order of setup? Don't
really understand.
I will try the point
> De: "Michael Westergaard via PacketFence-users"
>
Hi Michael,
> I am trying to see if Packetfence is a proper way to do NAC with Unifi UAP-AC
> with dynamic VLAN. According to the new Unifi Controller 5.5.19 release,
> Dynamic Wireless VLAN with
Hi Fabrice, list,
On 13-7-2017 2:23, Durand fabrice via PacketFence-users wrote:
when it happen, can you check in the database just after the duration has been
extended ?
select * from node where mac="9c:2a:70:31:9b:9f';
ok, here it is:
after the link in the registration email has been
Hello Kehinde,
It depends what you need the provisioner for, but to be honest, the best
use case of the provisioner is to provide client with certificates to
then authenticate on a EAP-TLS connection.
If you are using hidden SSID, I think it is nice for the client to not
have to configure
Hallo Guys,
Quick one..
I get this error when PF tries triggering a violation:
Checked line 96 and seems it's an error with the creds, but creds seems
right. Or is the creds not supposed to be that on the Nessus server?
Jul 8 13:57:58 pfence pfqueue: pfqueue(10450) INFO:
Hello guys,
I'm trying to adjust the syslog-ng.conf and ryslog.conf files for the logs
reception for Suricata MD5 and Snort setup, but I can't find these files in
PF.
I can only find the packefence.conf and listen.conf files in the rsyslog.d
folder. Is it save to add these lines for Suricata in
Hello guys,
First would like to thank the Packetfence team for the great work done so
far and the continuous effort put in to make the solution even better.
I have a quick question regarding the Provisioner configuration and how to
set it up with mobile phones.
Assuming SSID is not hidden,
Hello Aaron,
WebAuth will be almost look like the VLAN enforcement, what will changed
is mainly what we returned to the switch request and the fact that PF is
NOT the DHCP/DNS while registering.
The part you are looking for is mainly how to configure your controller
to work in WebAuth, i.e.
Hello Will,
The source EAP-TLS is here just to validate that the certificate client
and server have the same issuer, that is it, nothing else. Now it will
allow you to establish rules based on certificates attributes, CN for
instance.
Thanks
On 07/14/2017 09:29 AM, Will Halsall via
Hello Alessandro,
You need to use eapol_test for eap test:
%eapol_test -c -a -p -s
Example config file:
network={
ssid="test"
key_mgmt=IEEE8021X
eap=
pairwise=CCMP TKIP
group=CCMP TKIP WEP104 WEP40
phase2="auth=MSCHAPV2"
identity=""
password=""
}
Hi
I installed PacketFence Zen 7.1. The system gets the ip address but I can't
enter the web interface It looks like https://:1443 . 6.5 doesn't have this
problem
Thanks
Metin--
Check out the vibrant tech community on
Hello Fabrice,
test are made with local radtest (I've switch configured and...unaccessible...
and a Windows Radius test tool too) as I seen from log.
(2) Thu Jul 13 15:27:49 2017: Debug: EXPAND %{Packet-Src-IP-Address}
(2) Thu Jul 13 15:27:49 2017: Debug: --> 127.0.0.1
Da:
I installed PacketFence Zen 7.1
The system gets the ip address but I can't enter the web interface
It looks like https://:1443
6.5 doesn't have this problem
thanks--
Check out the vibrant tech community on one of the
17 matches
Mail list logo