Re: [PacketFence-users] Multi-site PF and clustering?

Hi Jason, That's a tricky one. The closest I can think of that would match your requirements is setting up separate instances with two mariadb databases, and then setting up circular replication on the person and password tables between the two databases. You might also want to replicate the

[PacketFence-users] DNS Passthrough not workin in OOB setup

Hello guys, Got a quick question regarding the passthrough setup. I have enabled dns passthrough and configured some websites allowed for passthrough. I have an internal dns server setup and configured on PF. And also a firewall that allows access to the internet for the users by assigning dhcp

Re: [PacketFence-users] Packetfence in webauth enforcement

Many thanks for the reply. I will give it a go and see how I get on. Regards Aaron Sent from my iPhone > On 17 Jul 2017, at 14:40, Antoine Amacher via PacketFence-users > wrote: > > Hello Aaron, > > WebAuth will be almost look like the VLAN

Re: [PacketFence-users] Provisioner Setup necessary for hidden and non-hidden SSIDs??

I mean "I'll try the pki setup". And is this not also possible with local usernames and passwords? Because when I tried it, the Provisioner in the Connection Profile wasn't hit when client was authenticating. On 17 Jul 2017 5:06 PM, wrote: Thanks for your swift reply Antoine. If the ssid is

Re: [PacketFence-users] Provisioner Setup necessary for hidden and non-hidden SSIDs??

Thanks for your swift reply Antoine. If the ssid is hidden, how then do you connect at first time to the ssid. Don't think that is possible, except maybe if you download the PF agent first and use to configure the ssid. Or what's the order of setup? Don't really understand. I will try the point

Re: [PacketFence-users] Packetfence RADIUS and Unifi Out of Band

> De: "Michael Westergaard via PacketFence-users" > Hi Michael, > I am trying to see if Packetfence is a proper way to do NAC with Unifi UAP-AC > with dynamic VLAN. According to the new Unifi Controller 5.5.19 release, > Dynamic Wireless VLAN with

Re: [PacketFence-users] email registration always remains status "incomplete"

Hi Fabrice, list, On 13-7-2017 2:23, Durand fabrice via PacketFence-users wrote: when it happen, can you check in the database just after the duration has been extended ? select * from node where mac="9c:2a:70:31:9b:9f'; ok, here it is: after the link in the registration email has been

Re: [PacketFence-users] Provisioner Setup necessary for hidden and non-hidden SSIDs??

Hello Kehinde, It depends what you need the provisioner for, but to be honest, the best use case of the provisioner is to provide client with certificates to then authenticate on a EAP-TLS connection. If you are using hidden SSID, I think it is nice for the client to not have to configure

[PacketFence-users] Error communicatin with Nessus

Hallo Guys, Quick one.. I get this error when PF tries triggering a violation: Checked line 96 and seems it's an error with the creds, but creds seems right. Or is the creds not supposed to be that on the Nessus server? Jul 8 13:57:58 pfence pfqueue: pfqueue(10450) INFO:

[PacketFence-users] rsyslog.conf and syslog-ng.conf files not found on PF 7.x

Hello guys, I'm trying to adjust the syslog-ng.conf and ryslog.conf files for the logs reception for Suricata MD5 and Snort setup, but I can't find these files in PF. I can only find the packefence.conf and listen.conf files in the rsyslog.d folder. Is it save to add these lines for Suricata in

[PacketFence-users] Provisioner Setup necessary for hidden and non-hidden SSIDs??

Hello guys, First would like to thank the Packetfence team for the great work done so far and the continuous effort put in to make the solution even better. I have a quick question regarding the Provisioner configuration and how to set it up with mobile phones. Assuming SSID is not hidden,

Re: [PacketFence-users] Packetfence in webauth enforcement

Hello Aaron, WebAuth will be almost look like the VLAN enforcement, what will changed is mainly what we returned to the switch request and the fact that PF is NOT the DHCP/DNS while registering. The part you are looking for is mainly how to configure your controller to work in WebAuth, i.e.

Re: [PacketFence-users] Authentication Source question

Hello Will, The source EAP-TLS is here just to validate that the certificate client and server have the same issuer, that is it, nothing else. Now it will allow you to establish rules based on certificates attributes, CN for instance. Thanks On 07/14/2017 09:29 AM, Will Halsall via

Re: [PacketFence-users] R: radius rejected.

Hello Alessandro, You need to use eapol_test for eap test: %eapol_test -c -a -p -s Example config file: network={ ssid="test" key_mgmt=IEEE8021X eap= pairwise=CCMP TKIP group=CCMP TKIP WEP104 WEP40 phase2="auth=MSCHAPV2" identity="" password="" }

[PacketFence-users] Web Interface Problem

Hi I installed PacketFence Zen 7.1. The system gets the ip address but I can't enter the web interface It looks like https://:1443 . 6.5 doesn't have this problem Thanks Metin-- Check out the vibrant tech community on

[PacketFence-users] R: radius rejected.

Hello Fabrice, test are made with local radtest (I've switch configured and...unaccessible... and a Windows Radius test tool too) as I seen from log. (2) Thu Jul 13 15:27:49 2017: Debug: EXPAND %{Packet-Src-IP-Address} (2) Thu Jul 13 15:27:49 2017: Debug: --> 127.0.0.1 Da:

[PacketFence-users] web

I installed PacketFence Zen 7.1 The system gets the ip address but I can't enter the web interface It looks like https://:1443 6.5 doesn't have this problem thanks-- Check out the vibrant tech community on one of the