Jeimerson,
Try these commands on the 2960.
aaa accounting network default start-stop group packetfence
aaa accounting identity default start-stop group packetfence
aaa accounting dot1x default start-stop group packetfence
It worked for me.
Regards,
Peter
-Original Message-
From:
Hi there,
When we connect a device to a 2950 Cisco Switch, he gets to
authenticate and is authorized in the network. In the NODES section it
appears as ON (as it should be), but when we move it to a 2960 Cisco
Switch, it still authenticates and can connects to the network but
it's appearing as
Hello Fabrice,
this is indeed a proxy related issue. I've disabled proxy in fingerbank.conf
and the gui is working again with its corresponding warnings.
"Impossible to fetch Fingerbank account information: Can't connect to
api.fingerbank.org:443 Name or service not known at
It seems that trying to resolve a domain returns the registration vlan
IP (192.168.112.254) while trying to resolve the portal FQDN returns the
portal interface IP (*192.168.114.254*)
Probably the 2nd query is forwarded upstream for some reason
C:\Windows\system32>nslookup www.pippo.com
Hi Jeimerson,
I've checked our resolv.conf. There are our internal nameservers configured.
They can just resolve internal names. That's why we are using a proxy for web
requests.
Thanks for trying to help me.
Best Regards
Tobias
Hi,
I was having the same problem, it was missing the DNS
Hallo Fabrice,
thanks for your answer. I have reinstalled fingerbank and rebooted pf server.
After that the messages in packetfence.log are gone.
But I'm still not able to access fingerbank settings via gui.
There are just some proxy related errors in fingerbank.log like:
May 3 14:43:49
Hello Fabrice,
thank you so much.
Why with version 7.4, did the same setup work?
Even so, thank you.
May 3 12:37:56 PacketFence-ZEN packetfence_httpd.aaa: httpd.aaa(2251)
INFO: [mac:00:0c:29:39:76:21] handling radius autz request: from
switch_ip => (10.190.90.24), connection_type =>
Hi,
I was having the same problem, it was missing the DNS record in resolve.conf
Com os melhores cumprimentos.
Jeimerson Chaves
Aviso de Confidencialidade: Este e-mail e quaisquer ficheiros
informáticos com ele transmitidos são confidenciais, podem conter
informação privilegiada e destinam-se
Hello Cristian,
we are on the way to change the pf-maint.pl script to add the way to
patch the go binary.
Regards
Fabrice
Le 2018-05-03 à 05:39, Cristian Mammoli via PacketFence-users a écrit :
Before 8.0 I simply run addons/pf-maint.pl, applied the patches and
restarted the services
How
Hello Jeimerson,
can you try that:
[SAMBA.NAC]
cache_match=0
read_timeout=10
realms=
password=Zaq!2wsx
scope=sub
binddn=nacad...@samba.nac
port=389
description=Teste de Autenticacao
write_timeout=5
type=AD
basedn=DC=SAMBA,DC=NAC
monitor=1
set_access_level_action=
email_attribute=mail
Weird, it's suppose to return the portal ip.
Can you do this on a laptop:
nslookup nac.apra.it
and on the same time on the packetfence server : journalctl -f | grep dns
And give me the result.
Regards
Fabrice
Le 2018-05-03 à 03:44, Cristian Mammoli via PacketFence-users a écrit :
Indeed
Hello Tobias,
it looks that your fingerbank db is corrupted, try to reinstall fingerbank:
yum reinstall fingerbank --enablerepo=packetfence
Regards
Fabrice
Le 2018-05-03 à 02:26, Meiser Tobias via PacketFence-users a écrit :
Hello,
we have updated our ZEN to PF 8.0 last week. Since then
With version 7.4 is Okay.
pf/Switch.pm line 771.
(pf::Switch::getVlanByName)
May 3 08:26:12 PacketFence-ZEN packetfence_httpd.aaa: httpd.aaa(2227)
WARN: [mac:00:0c:29:75:9d:61] No parameter Vlan found in
conf/switches.conf for the switch 10.190.90.24
(pf::Switch::getVlanByName)
May 3 08:26:12
Hello,
we have updated our ZEN to PF 8.0 last week. Since then we are not able to
access Configuration ->Compliance-> Fingerbank Profiling General Settings. The
Gui keeps saying "Error! An error occured while contacting the server. Please
try again later".
I don't know if there is a relation
Before 8.0 I simply run addons/pf-maint.pl, applied the patches and
restarted the services
How do I do now that there are go binaries involved? I see pf-maint.pl
patches the sources in go/ and there is a addons/packages/build-go.sh
Do I have to run that?
Ty
15 matches
Mail list logo
