Re: [PacketFence-users] R: R: R: R: network-access-detection

Hello Alessandro, what is the result of ? : cat /proc/sys/net/ipv4/ip_forward From the pf server are you able to do a query ? nslookup > server 153.47.30.113 > inverse.ca Regards Fabrice Le 2017-08-10 à 13:42, Alessandro Canella via PacketFence-users a écrit : Here some test: BEFORE

Re: [PacketFence-users] OpenVAS v9 integration

Not yet but probably in futur version. Le 2017-08-09 à 10:45, Cristian Mammoli via PacketFence-users a écrit : Does Packetfence work with OpenVAS-9 (Greenbone OS 4)? -- Check out the vibrant tech community on one

Re: [PacketFence-users] Compatibility double check for our environment

Hello Yan, Le 2017-08-09 à 04:11, Yan Kimiko via PacketFence-users a écrit : Hello Durand, Thank you very much for your reply. I have a question about you reply and hope I can get your further help. For identification part, you said we can use 802.1x+mab. I don’t understand why we need mab.

Re: [PacketFence-users] Guest Logins

Hello Jason, once you installed the script in crontab , then create an authentication source that use this file. After that go in Configuration -> Advanced Access Configuration -> portal module and create Authentication::Password and select the previous authentication source you created and

Re: [PacketFence-users] radius rejected.

Hello Alessandro, does the request is coming from a switch ? It miss the Calling-Station-Id attribute. Regards Fabrice Le 2017-07-13 à 13:01, Alessandro Canella via PacketFence-users a écrit : Hello, I’m using ZEN, latest download from site. I do not plan to join AD/LDAP but only to

Re: [PacketFence-users] Machine authentication

Hello Mj, Le 2017-07-10 à 09:54, mj via PacketFence-users a écrit : Hi, I noticed two ERROR lines in your packetfence.log: Jul 10 15:21:30 pfnac01 packetfence_httpd.aaa: httpd.aaa(23293) ERROR: [mac:00:9c:02:92:ea:b0] error creating SNMP v1 read connection to 10.10.10.4: No response from

Re: [PacketFence-users] Machine authentication

Hello Luca, You need to test this source with a machine account (UserPrincipalName), not a user account (sAMAccountName), this is why it failled. Try that: /usr/local/pf/bin/pftest authentication host/LAB3-NB.dm.loc /reallystrongpassword DM_Machine_Auth_PDC /Also capture the ldap traffic

Re: [PacketFence-users] why is my radius working? :-)

Hello Mj, Le 2017-07-10 à 09:38, mj via PacketFence-users a écrit : ghehe :-) Happy that after some fiddling with REALMS config, our 802.1x radius auth is working now, but I am seeing behaviour that I don't understand. I have _only_ configured the "DEFAULT" realm and left LOCAL and NULL

Re: [PacketFence-users] why is my radius working? :-)

, Thanks for your answer! On 07/11/2017 02:07 AM, Durand fabrice via PacketFence-users wrote: When you start your computer , before login with your user account the device authenticate with the machine account. (this is what you configured on the device). Yes, this I understand. And this is what

Re: [PacketFence-users] DLINK DGS3100

Hello Alessandro, your issue happen when packetfence try to deauth. Can you check in pfqueue.log for deauth issue ? Regards Fabrice Le 2017-07-12 à 04:05, Alessandro Canella via PacketFence-users a écrit : Hello All, I’m developing a solution with PF ZEN and a Dlink DGS3100

Re: [PacketFence-users] email registration always remains status "incomplete"

Hello MJ, when it happen, can you check in the database just after the duration has been extended ? select * from node where mac="9c:2a:70:31:9b:9f'; Regards Fabrice Le 2017-07-12 à 10:18, mj via PacketFence-users a écrit : Hi, Let me rephrase this question, and also add some log

Re: [PacketFence-users] Installing PacketFence Help?

Hello Thomas, yes it's possible to do that, just configure snat interface in network config. This will enable nating on the specific interface but you will need to use the router ip as the default gateway on packetfence. Also i prefer debian as centos (i do the debian packaging) and i did

Re: [PacketFence-users] Packetfence-ZEN-7.2.0 bandwidth violation not working

pfmon(5757) INFO: [mac:unknown] Found timeframed accounting policy : TOT2MBD for violation 1501 (pf::accounting::acct_maintenance) Regards Emmanuel On 7/25/17, 3:37 AM, "Durand fabrice via PacketFence-users" <packetfence-users@lists.sourceforge.net> wrote: Hello Emman

Re: [PacketFence-users] Compatibility double check for our environment

Hello Yan, my answer bellow. Le 2017-07-21 à 06:13, Yan Kimiko via PacketFence-users a écrit : Hi all, Our company has the intent to use PF in our office environment later this year. Since there are over 7000 people in our company(which means devices’ number is over 1.5w),we have to do

Re: [PacketFence-users] Can't upgrade pf 4.0.6-2

Hello Andre, it's probably a disconnection issue. Can you do : journalctl | grep pfqueue and paste what you have ? Regards Fabrice Le 2017-07-19 à 18:23, Andre Martini via PacketFence-users a écrit : Hey Guys! I got a legacy packetfence 4.0.6-2 with snmp integration with aruba 3200

Re: [PacketFence-users] Packetfence-ZEN-7.2.0 bandwidth violation not working

Hello Emmanuel, do you have something related to bandwidth violation in pfmon.log ? Regards Fabrice Le 2017-07-19 à 16:08, Emmanuel Togo via PacketFence-users a écrit : Hi All I have upgraded Packetfence-6.5.1 to Packetfence-7.2.0 and bandwidth violation of 100MB/Day stop working. Nothing

Re: [PacketFence-users] Clustering and interfaces.

Hello Michael, cluster.conf need to know each interfaces of each servers managed by packetfence. Regards Fabrice Le 2017-07-21 à 16:01, Michael via PacketFence-users a écrit : I am attempting to setup pf in vlan enforcement mode. I setup eth0 as management, and I added a few non-routed

Re: [PacketFence-users] Packetfence ZEN httpd.portal MAC 0

Hello Lee, who manage this network 10.3.4.0 ? If it's packetfence then check if pfdhcplistener is running. If no then check that packetfence receive the dhcp traffic for this network. Regards Fabrice Le 2017-07-24 à 03:49, Zihao Lee via PacketFence-users a écrit : Hi Everyone, Im currently

Re: [PacketFence-users] Portal Personalization

Hello Yohann, Yohann from Brittany ? Ok so since it's a string combined then it's probably not localize. What you can do (hack) is to edit html/captive-portal/lib/captiveportal/PacketFence/DynamicRouting/Module/Root.pm and change the string to french. Also i will have a look to fix it.

Re: [PacketFence-users] bandwidth violation remediation

Hi Diego, set the grace period of 24h for your current violation and create a new one for 1024M/Day. Regards Fabrice Le 2017-07-26 à 19:56, Diego Garcia del Rio via PacketFence-users a écrit : Hi, I have a quick question... I have a system setup with 7.2 where I am using bandwidth

Re: [PacketFence-users] Packetfence-ZEN-7.2.0 bandwidth violation not working

87e13406c5f5f | +--+---+--+--++-+-+--+-+--+ 13 rows in set (0.00 sec) Regards Emmanuel On 7/26/17, 1:22 AM, "Durand fabrice via PacketFence-users" <packetfence-users@lists.sourceforge.net> wrote: an you do that: select * from r

Re: [PacketFence-users] Packetfence-ZEN-7.2.0 bandwidth violation not working

0 | 0 | 0 | +---+---++---+ 24 rows in set, 1 warning (0.00 sec) On 7/25/17, 11:05 PM, "Durand fabrice via PacketFence-users" <packetfence-users@lists.sourceforge.net> wrote: Hello Emmanuel,

Re: [PacketFence-users] PF just refuses to join AD domain??

Hello Akala, what happen if you do that: chroot /chroots/MYDOMAIN wbinfo -u wbinfo -g if there is no usernames or groups displayed then try : dns_name=TESTMAWOH.DE and rejoin Regards Fabrice Le 2017-08-22 à 22:21, Akala Kehinde via PacketFence-users a écrit : Hello guys, I get this

Re: [PacketFence-users] Multiple Nessus scan policies possible on PF?

Hello Akala, yes, based on the os. Regards Fabrice Le 2017-08-18 à 15:44, Akala Kehinde via PacketFence-users a écrit : Hello guys. Will like to know if it's possible to have more than 1 nessus scan policy configured on PF. Regards, Kehinde

Re: [PacketFence-users] Captive portal SSL not using defined cert after PF7 upgrade

Hello Thomas, you just have to add it in the server.pem like that: cat /usr/local/pf/conf/ssl/server.crt /usr/local/pf/conf/ssl/intermediate1.crt /usr/local/pf/conf/ssl/intermediate2.crt /usr/local/pf/conf/ssl/server.key > /usr/local/pf/conf/ssl/server.pem Also what i use all the time to

Re: [PacketFence-users] R: R: R: R: R: R: R: network-access-detection

the default ip for network detection Le 2017-08-18 à 04:13, Alessandro Canella a écrit : Fabrice, whois 192.95.20.194 ? *Da:*Durand fabrice via PacketFence-users [mailto:packetfence-users@lists.sourceforge.net] *Inviato:* venerdì 18 agosto 2017 02.12 *A:* packetfence-users

Re: [PacketFence-users] Packetfence-ZEN-7.2.0 bandwidth violation not working

with timestamp +88706 *From: *Durand fabrice via PacketFence-users <packetfence-users@lists.sourceforge.net> *Reply-To: *"packetfence-users@lists.sourceforge.net" <packetfence-users@lists.sourceforge.net> *Date: *Friday, August 18, 2017 at 12:05 AM *To: *"packetfence-

Re: [PacketFence-users] R: R: R: R: R: R: R: network-access-detection

Le 2017-08-17 à 07:30, Alessandro Canella a écrit : Hello Fabrice: IP_forward (tested from MGMT ip) result is 1: so, enabled I think. ZEN seems not know DIG, HOST, NSlookup… so I use Ping “name” and cannot resolve nothing. *Da:*Durand fabrice via PacketFence

Re: [PacketFence-users] R: R: R: R: R: R: network-access-detection

I use Ping “name” and cannot resolve nothing. *Da:*Durand fabrice via PacketFence-users [mailto:packetfence-users@lists.sourceforge.net] *Inviato:* venerdì 11 agosto 2017 01.50 *A:* packetfence-users@lists.sourceforge.net <mailto:packetfence-users@lists.sourceforge.ne

Re: [PacketFence-users] Nessus Scan fails!!

Hello Kehinde, which nessus version are you running ? Regards Fabrice Le 2017-06-19 à 09:52, Akala Kehinde via PacketFence-users a écrit : Hi guys, Anyone got a Nessus scan configuration up and running? Followed the steps in the admin guide, but I get the following error when user

Re: [PacketFence-users] packetfence-pki EAP-tls users and certificate management

Hello Rokkhan, i need to check in the code why you have this error when the certificate already exist. Also the port for ocsp is 9292. Last thing, to have online/offline status you need to have the radius accounting enable. Regards Fabrice Le 2017-06-19 à 14:30, Rokkhan via

Re: [PacketFence-users] Fwd: WMI prereg and reg scans fail when user connects

Hello Kehinde, did you try to add the domain with the username ? Regards Fabrice Le 2017-06-19 à 12:51, Akala Kehinde a écrit : Hallo Fabrice, Below is the logs as requested.. Regards, Kehinde -- Forwarded message -- From: *Akala Kehinde*

Re: [PacketFence-users] nodes being unregistered after pf upgrade from 5.6 to 7.1

Hello Mj, Le 2017-06-19 à 16:17, lists via PacketFence-users a écrit : Hi, I just tried upgrading our production network from 5.6 to 7.1, and even though things seemed to have worked out, after a while we discovered that some nodes were 'unregistered' after the upgrade. (they were

Re: [PacketFence-users] Couple questions about RADIUS Filters

Hello Robert, it looks correct. To add debug, you can do that: Add that in the code : https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/radius.pm#L315 use Data::Dumper; $logger->warn(Dumper $args); then restart httpd.aaa Regards Fabrice Le 2017-10-06 à 16:59, Robert Meany

Re: [PacketFence-users] Captive Portal allow only selected usernames

It's in the source where you have to define the rules. Also you can use a regexp in the rule to match what you need. Last thing , keep in mind that there is an order in the rule, so the first match win and the last one can match by default. Le 2017-10-06 à 05:19, Tomasz Karczewski via

Re: [PacketFence-users] Packetfence working with WLC 8.3.122

Hello, can you try to set the redirect url in http instead of https ? Regards Fabrice Le 2017-10-06 à 16:02, bott via PacketFence-users a écrit : Hello, We have had packetfence working on older versions and are looking upgrade our WLC and Packetfence install. From a fresh install only

Re: [PacketFence-users] Fastest Restart After Changes to pf::role::custom ??

Hello John, if you use packetfence for radius authentication then you just have to restart httpd.aaa Regards Fabrice Le 2017-10-02 à 13:52, John Whitten via PacketFence-users a écrit : Howdy, I have a custom role module in my environment (pf::role::custom). If/when I make a change in

Re: [PacketFence-users] Captive Portal certificate

Hello Luís, you need to concatenate the certificates like that: cat conf/ssl/server.crt conf/ssl/server.key > conf/ssl/server.pem and restart haproxy Regards Fabrice Le 2017-10-02 à 10:57, Luís Torres via PacketFence-users a écrit : Hi, to stop the cert error on the captive portal,

Re: [PacketFence-users] radius failed to read from child output

Hello Stephen, does winbind run ? What happen if you do (replace with the correct values): /usr/bin/sudo /usr/sbin/chroot /chroots/%{PacketFence-Domain} /usr/local/pf/bin/ntlm_auth_wrapper --         --request-nt-key --username=%{%{Stripped-User-Name}:-%{mschap:User-Name:-None}}

Re: [PacketFence-users] PacketFence + Cisco WLC CoA problem

Hello Nicolay, first you need to enable "External portal enforcement" in the switch config (pf side). And after that i will need to see an entry in radius audit (the radius request and the answer in Audit -> Radius -> +) Regards Fabrice Le 2017-10-13 à 09:09, Nicolay Rytchev via

Re: [PacketFence-users] EAP-TTLS showing as connection type "Wireless-802.11-NoEAP"

Hello Matt, can you provide the result of raddebug -f var/run/radius.sock ? The answer will be in this debug and you will probably have to add some unlang code in packetfence-tunnel. Regards Fabrice Le 2017-08-21 à 19:27, Matt Munro via PacketFence-users a écrit : Hi all, I've

Re: [PacketFence-users] Multiple Nessus scan policies possible on PF?

; logo=/common/mawoh.png root_module=SNS_PORTAL access_registration_when_registered=enabled scans=ENGINE1,ENGINE2 Regards, Kehinde On Wed, Aug 23, 2017 at 4:47 AM, Durand fabrice via PacketFence-users <packetfence-users@lists.sourceforge.net <

Re: [PacketFence-users] Code fetched from PF gitub leads to HTTP 503 error, httpd.dispatcher service refusing to start.. Urgent please!!

Sorry i forgot the command: bin/pfcmd pfconfig get config::Pf Le 2017-08-28 à 17:05, Akala Kehinde a écrit : Hello Fabrice,. Thanks always for your quick responses. Funny enough, I never tampered with the proxy-passthrough configuration. Which command should run? On 28 Aug 2017 10:52

Re: [PacketFence-users] Packetfence-PKI / Setup Wizard Error

Hello Jason, i did a try and i am not able to reproduce the error. So it can be an issue with the keyUsage value or an issue with pyopenssl. What did you define for keyUsage and can you give me the version of pyopenssl you use ? rpm -qa|grep -i openssl Regards Fabrice Le 2017-11-14 à

Re: [PacketFence-users] 2 Q's: Radius Audit Log Status -AND- Auditing Reports

Hello Jon, Your custom role module will probably have to return another value , something like message and with that value you will be able to set the reply-message attribute with this value. With that change you will see in the radius audit log the reply message with the reason/status of

Re: [PacketFence-users] Cluster - no dhcp

Looks that your cluster is not a cluster anymore, can you do that: mysql -upf -p -e "show status like 'wsrep%'" and check wsrep_cluster_size if it's equal to 3. Regards Fabrice Le 2017-12-12 à 18:58, Luís Torres via PacketFence-users a écrit : Both of 3 are not showing even the dhcp Em

Re: [PacketFence-users] Cluster - no dhcp

?)  wsrep_incoming_addresses     | 10.252.2.141:3306,10.252.2.142:3306,10.252.2.140:3306 Em 2017-12-13 00:09, Durand fabrice via PacketFence-users escreveu: Looks that your cluster is not a cluster anymore, can you do that: mysql -upf -p -e "show status like 'wsrep%'" and check wsrep_cluster_size if it's

Re: [PacketFence-users] PKI installation

Ok let me try to install the pki on the zen and i will be back to you. i have installed the pki on 10 servers not a long time ago without any issue. Le 2017-12-12 à 20:52, E.P. a écrit : Yes, db.sqlite3 was owned by root [root@PacketFence-ZEN packetfence-pki]# ls -al total 56

Re: [PacketFence-users] PKI installation

ah ah don't worry , i like to have challenge like that to be able to fix the issue for better user experience. I coded the pki so i want to make it work. Le 2017-12-12 à 21:48, E.P. a écrit : Sure, take your time, Fabrice. I have a special knack of running into troubles in cases when others

Re: [PacketFence-users] OMAPI.pm errors

Hello Luís, did you set the OMAPI key in the PacketFence GUI  and restart pfqueue and dhcpd services ? Is it a cluster ? Regards Fabrice Le 2017-12-15 à 09:41, Luís Torres via PacketFence-users a écrit : Hello, getting always this erros on the PF. What could be the cause? "

Re: [PacketFence-users] Public key not available v7.3

Hello Sabrina, Did you tried that: sudo apt-key adv --keyserver keys.gnupg.net --recv-key 0x810273C4 or: sudo apt-key adv --keyserver hkp://keys.gnupg.net:80 --recv-keys 0x810273C4 Regards Fabrice Le 2017-12-18 à 05:42, Sabrina Louison-François via PacketFence-users a écrit : Hello,

Re: [PacketFence-users] Cluster - country distribution

Hello Luís, you can have multiples PacketFence instance running with a common db. After that it will depend of your need (registration vlan/ only radius ...) Regards Fabrice Le 2017-12-18 à 05:35, Luís Torres via PacketFence-users a écrit : Hi fellows, since in the 

Re: [PacketFence-users] R: Switch Compatibility

Hello Alessandro, you will need to edit the switch module and add this: =item returnAuthorizeWrite Return radius attributes to allow write access =cut sub returnAuthorizeWrite {     my ($self, $args) = @_;     my $logger = $self->logger;     my $radius_reply_ref;     my $status;    

Re: [PacketFence-users] Understanding VLAN Filter

Hello Charles, Le 2017-11-13 à 14:27, Charles Rumford via PacketFence-users a écrit : I'm currently working on getting some VLAN filters together, but have a couple of questions: 1) Order of Processing Is there a deterministic order to which the different filters are processed? If so, how do

Re: [PacketFence-users] auth request from wrong switch

Hi Darryl, can you also run radius in debug mode to see all the details ? Regards Fabrice Le 2017-11-13 à 16:22, Jason Sloan via PacketFence-users a écrit : A few questions. 172.16.0.196 - is that a switch at all? If so, is that switch on the same vlan? Have you reviewed your

Re: [PacketFence-users] Recommended Distribution / Version

Hello Jason, use Centos 7 , this is the version we use to develop. Also i did some fix on the pki to make it work under Centos 7, just tell me what is the issue and i will fix it. Le 2017-11-13 à 15:30, Jason Sloan via PacketFence-users a écrit : Wondering if there's a recommended

Re: [PacketFence-users] Bandwidth statistics make no sense (Cisco 2960x)

Hello Cristian, i will be back to you tomorrow, with details and sql request to do. Regards Fabrice Le 2017-11-13 à 07:59, Cristian Mammoli via PacketFence-users a écrit : Hi Fabrice, could you please give me an hint to start looking whats going wrong here? How is bandwidth calculated and

Re: [PacketFence-users] RADIUS 802.1x EAP-TLS + Machine Auth

Hello Jason, sorry for the delay to answer, i was a little bit busy these last days. Can you enable normalize_radius_machine_auth_username in advanced section and retry ? Because as you say, the username is stripped and it's probably because PacketFence use the TLS-Client-Cert-Common-Name

Re: [PacketFence-users] Captive Portal certificate

abrice, The ssl-certificates.conf should be like this as well? : /*SSLCertificateChainFile %%install_dir%%/conf/ssl/server.pem*/ cheers Em 2017-10-02 23:49, Durand fabrice via Pa

Re: [PacketFence-users] Captive portal not redirecting after registration

Hello Pedro, so it's an inline setup, if you do ipset -L , you should be able to see the mac of your device in the registration set. Also did you enabled ip_forward on the Packetfence server, and what is the dns server on your testing device ? Regards Fabrice Le 2017-11-20 à 09:13,

Re: [PacketFence-users] auth request from wrong switch

Just to be sure, the port 5/3 and 2/43 are switch port , no uplink ? Does "show cdp neighbors" return one of these ports ? Le 2017-11-16 à 17:46, Sokolowski, Darryl via PacketFence-users a écrit : Another thing I noticed is that if I go into PF and restart the switchport from the node

Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support

Ok it's better now. Now can you check on the packetfence.log, you are suppose to see different messages now. Le 2017-11-01 à 17:27, James Garcellano via PacketFence-users a écrit : It looks like the other test still showed the NAS IP as 192.168.1.5. I rebooted the switch and did another

Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support

Ok so you need to add support of 802.1x in the switch module. In this file, https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/Netgear/MSeries.pm#L19 add that: sub supportsWiredDot1x { return $TRUE; } Then restart packetfence. Paste me the packetfence.log after that.

Re: [PacketFence-users] Clustering

Hello Luís, if it's PacketFence 7.3 , try that: curl https://github.com/inverse-inc/packetfence/commit/fa866d14be0b16ef1af0ed849c85a481a4011048.diff | patch -p1 Regards Fabrice Le 2017-11-08 à 13:06, Luís Torres via PacketFence-users a écrit : Hi, getting this error: : Loaded

Re: [PacketFence-users] Cluster - Dhcp

Yes this is normal, the dhcp scope is divided by 2 so only 2 servers can run dhcpd. Le 2017-12-07 à 18:01, Luís Torres via PacketFence-users a écrit : Hello all, have 3 servers in cluster working now, but I realized that only server1 and 2 as dhcpd active. Is that normal? regards LT

Re: [PacketFence-users] PoC: Social Login from Captive Portal and Firewall (Checkpoint) Enforcement

Hello Benoît, my question is how the Checkpoint firewall will redirect the external devices on the captive portal ? Regards Fabrice Le 2017-12-06 à 11:58, Benoît Dubé via PacketFence-users a écrit : Hi everyone, I need to do a proof of concept to authenticate external users, in a

Re: [PacketFence-users] PoC: Social Login from Captive Portal and Firewall (Checkpoint) Enforcement

.ms/weboutlook> *De :* Durand fabrice via PacketFence-users <packetfence-users@lists.sourceforge.net> *Envoyé :* 7 décembre 2017 20:26 *À :* packetfence-users@lists.sourceforge.net *Cc :* Durand fabrice

Re: [PacketFence-users] PoC: Social Login from Captive Portal and Firewall (Checkpoint) Enforcement

Fabrice Benoît *De :* Durand fabrice via PacketFence-users <packetfence-users@lists.sourceforge.net> *Envoyé :* 7 décembre 2017 21:09 *À :* packetfence-users@lists.sourceforge.net *Cc :* Durand fabrice *Objet

Re: [PacketFence-users] Aruba Switch Network Configuration

Ok so it should work. When i did the code the Aruba switches were really new and there were bugs in the Aruba OS. Btw i think that it's fully supported by Clear Pass so it will work with PacketFence. Regards Fabrice Le 2017-12-06 à 11:30, Jeremy Plumley via PacketFence-users a écrit :

Re: [PacketFence-users] PKI installation

Ok what you can do now: rpm -Uvh --force http://inverse.ca/downloads/PacketFence/CentOS7/extra/x86_64/RPMS/python-cryptography-2.0.2-1.1.x86_64.rpm rpm -Uvh --force http://inverse.ca/downloads/PacketFence/CentOS7/extra/x86_64/RPMS/python-cryptography-vectors-2.0.2-1.1.noarch.rpm and retry.

Re: [PacketFence-users] Wireless hotspot creation - help

Hello Luca, it depend if your AP support web redirection. What is the type of your AP ? Regards Fabrice Le 2017-12-10 à 13:15, Luca Fois via PacketFence-users a écrit : Hi all, I would like to setup a free wireless hotspot. The ap is on my own home network but i would like to run

Re: [PacketFence-users] Cluster and access page

Hello, my answer bellow Le 2017-12-08 à 07:40, Roger Faria via PacketFence-users a écrit : Hi all, My packetfence 7.3 cluster works great but I have a couple questions and I hope you guys can help! 1. After my uses registers a device, it take a bit for my packetfence to talk to the

Re: [PacketFence-users] PKI installation

Yes i already seen that but it listen on IPv4 port, did you updated the file conf/iptables.conf to allow the port 9393 and restart iptables (pfcmd service iptables restart)? Regards Fabrice Le 2017-12-11 à 20:45, E.P. a écrit : Bingo! That made a trick. I was about to dig down to python

Re: [PacketFence-users] PKI installation

Looks that the db hasn't been initialized , can you do that in /usr/local/packetfence-pki rm db3.sqlite python manage.py migrate Regards Fabrice Le 2017-12-11 à 21:55, E.P. a écrit : I was a bit premature with my report that it worked ;) After logging into the PKI page I ended up with

Re: [PacketFence-users] Can PF return multiple VLANs in one time ?

Hello Yan, yes it can return a role but the code hasn't been merged yet. (it miss documentation about the Ruckus configuration) https://github.com/inverse-inc/packetfence/pull/2530 Regards Fabrice Le 2017-12-11 à 22:30, Yan via PacketFence-users a écrit : Hi users, One of our office

Re: [PacketFence-users] Portal fqdn resolution from isolation and registration vlan

So i did the change and the new binary will be available tomorrow there: http://inverse.ca/downloads/PacketFence/CentOS7/binaries/maintenance/8.0/ Regards Fabrice Le 2018-05-04 à 08:40, Fabrice Durand via PacketFence-users a écrit : Ok i probably know what happen. Let me do some test on

Re: [PacketFence-users] Cpative-portal trigger with IP

Hello Bahaa, what you can do is to edit the file iptables.pm https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/iptables.pm#L570 and add:     $rules .=     "-A $FW_PREROUTING_INT_INLINE --protocol $protocol --destination-port $port -s

Re: [PacketFence-users] RES: packetfence 8.0 not biding LDAP and maybe radius is not working with the sponsor.

tshark -i eth0 -f "port 389" -w /tmp/ldap.pcap Le 2018-05-10 à 14:56, Rafael Rocha a écrit : Hi Fabrice, I will try to do the pcap tomorrow for the LDAP source/Bind. Can you share instructions how to do it ? About the sponsor, How the sponsor module should be working ? How it know where to

Re: [PacketFence-users] 8.0 DHCP setup

Hello Thomas, Le 2018-05-10 à 16:26, Thomas, Gregory A via PacketFence-users a écrit : I have setup a test environment so that I can move to the new version of Packetfence (currently running 7.4) In this environment it is running as expected (with one concern), when I move it to

Re: [PacketFence-users] Captive portal not shown on registration vlan

Hello Ibrahim, Le 2018-05-10 à 21:06, Ibrahim Lubis via PacketFence-users a écrit : Hi, Im using packetfence as vlan enforcement mode, my testpc got into the right vlan-registration, any website ip ping from testpc redirected to the pf server. But when automaticly the ie browser

Re: [PacketFence-users] PF 8 DNS Bug

the dhcp set the dns server to the pf inline interface and when the device is reg it will proxy the request to 10.20.0.1. Le 2018-05-11 à 17:14, Raphael Brasil via PacketFence-users a écrit : **I have a PF 8 Inline mode. In inline inteface I set dns "10.20.0.1", but on a device is

Re: [PacketFence-users] How I set IP of nodes in VLAN of PacketFence?

Le 2018-05-20 à 07:35, 권혁일 via PacketFence-users a écrit : firstly, I installed PacketFence in VMware, and opened this ip. 192.168.232.128 is my PacketFence IP. then, I selected VLAN enforcement. In two step, I set eth0 as management, and added two VLANs as Virtual LAN ID : 20 IP Address

Re: [PacketFence-users] PF8 InlinePortal Error

/usr/local/pf/logs/mariadb_error.log Le 2018-05-18 à 23:40, Raphael Brasil via PacketFence-users a écrit : Wich log? Var/log/MySQL? Is there other log that would you like to look at? -- Check out the vibrant tech

Re: [PacketFence-users] "Dummy questions" regarding Radius and Captive Portal social login

Le 2018-05-19 à 16:03, Annibal Abreu via PacketFence-users a écrit : Hi, Sorry, it might be a stupid question. I want to do what is in this Fortinet Cookbook => http://cookbook.fortinet.com/using-an-external-captive-portal-for-wifi-security/ It is a external captive portal. I mean, we

Re: [PacketFence-users] PacketFence 8 installation problems

Hello Annibal, if the admin is not able to start then you probably miss some resources on the system. Can you share with me memory/number of cpus ? Also first step should be: top to see what is running on the system. And also have a look in packetfence.log when you restart packetfence with

Re: [PacketFence-users] I need a help

Hello Hajar, what happen when you start packetfence ? (pfcmd service pf start) Did you went through the configurator to configure packetfence in inline enfoecement ? Can you paste your pf.conf file ? Regards Fabrice Le 2018-05-22 à 18:31, hajar benjat via PacketFence-users a écrit :

Re: [PacketFence-users] Cannot connect to packetfence interfaces

Hello Dang, what kind of switch are you using because sometime vlan id started from 1000 are reserved ? Also did you try to capture on a vlan interface on the pf side to see if you have traffic ? What return ifconfig ? Regards Fabrice Le 2018-05-22 à 21:19, Dang Van Chuyen via

Re: [PacketFence-users] LDAP

I think about this one http://directory.fedoraproject.org/ who is coming with an admin interface. https://www.ehowstuff.com/setup-389-directory-server-on-centos-7/ Le 2018-05-23 à 15:56, Jason 'XenoPhage' Frisvold via PacketFence-users a écrit : Hi all, I’m looking for a quick and

Re: [PacketFence-users] webauth enforcement details

There is enough details in the documentation to be able to configure web-auth, so follow the guide and you should be good. https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_aerohive_networks

Re: [PacketFence-users] PacketFence in the cloud, is it possible?

If you use webauth https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_aerohive_networks section 5.3.2 then yes you should be able to use PacketFence in the cloud.

Re: [PacketFence-users] Social login (facebook etc...)

Le 2018-05-25 à 15:14, Annibal Abreu a écrit : Hi When you say WebAuth, do you mean a portal where users will log in with passwords? Right? when i say web auth it mean that it's the AP that forward the http/https traffic to a captive portal. What about social login through Facebook or

Re: [PacketFence-users] PacketFence in the cloud, is it possible?

Le 2018-05-25 à 22:54, Annibal Abreu via PacketFence-users a écrit : Thanks. Can't I use packetfence social login? Yes How do I do wall garden from the Access Point? Check the AP documentation. Annibal Abreu 48.3879.1652 Em Sex, 25 de mai de 2018 23:38, Durand fabrice via PacketFence

Re: [PacketFence-users] Redundant authentication sources

https://github.com/inverse-inc/packetfence/issues/3234 Le 2018-05-14 à 08:12, Fabrice Durand via PacketFence-users a écrit : Hello Cristian, i know what is the issue, it miss a split in the code. Follow this issue and you will know when it will be fixed. Regards Fabrice Le 2018-05-14 à

Re: [PacketFence-users] Certificate Invalid Display

Hello Pedro, haproxy terminate the tunnel, so you need to create a file server.pem with your certificate. (/usr/local/pf/conf/ssl/) To do that, let's say you have the certificate.crt, intermediate.crt and private.key , so you need to do the following: cat certificate.crt intermediate.crt

Re: [PacketFence-users] user does not have permission to see the print user credentials page

Hello Franklin, based on the code it's suppose to be USERS_UPDATE role. https://github.com/inverse-inc/packetfence/blob/devel/html/pfappserver/lib/pfappserver/PacketFence/Controller/User.pm#L441 Regards Fabrice Le 2018-06-11 à 08:03, Franklin, Adam via PacketFence-users a écrit : Hello

Re: [PacketFence-users] Switch CLI Access

Hello Tobias, thanks for testing it. Btw i have update the PacketFence code to take care of that for the next release. Regards Fabrice Le 2018-06-11 à 08:28, Meiser Tobias a écrit : Hi Fabrice, your solution works well. Thanks for your answer. Regards Tobias *Von:*Fabrice Durand

Re: [PacketFence-users] 802.1x authentication on Cisco WLC

Hello Steve, run : raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000 reconnect and paste the debug. Regards Fabrice Le 2018-06-11 à 16:05, Steve Pfister via PacketFence-users a écrit : I am trying to get 802.1x authentication working on a Cisco WLC 5520. The client machines are all

Re: [PacketFence-users] Auto-Register devices

Hello Wifi Guy, does the role changed in the admin (when you edit the device in the admin gui) ? If it's the case then the issue is with the deauth. Btw if you have logs it will help to understand what happen. Regards Fabrice Le 2018-06-16 à 09:31, Wifi Guy via PacketFence-users a écrit :

Re: [PacketFence-users] Auto-Register devices

packetfence.log will be perfect. Le 2018-06-16 à 11:31, Wifi Guy a écrit : Yes it works ok once manually changed! What logs are best to grab? On Sat, 16 Jun 2018 at 15:07, Durand fabrice via PacketFence-users <mailto:packetfence-users@lists.sourceforge.net>> wrote: Hello

Re: [PacketFence-users] Trying to join AD.... routing is having major issue

Hello Steven, 169.254.0.0 is a virtual interface to be able to link a virtual network namespace used by the chroot where winbind is running. Can you post the result of: ip a and the content of /usr/local/pf/var/conf/iptables.conf Regards Fabrice Le 2018-06-14 à 17:39, Steven Pfister

  1   2   3   4   5   6   7   >