Hello Darryl,
you are not suppose to have this file anymore
(/usr/local/pf/lib/pf/services/manager/dhcpd.pm) can you rename it to
/usr/local/pf/lib/pf/services/manager/dhcpd.pm.bak and retry ?
Regards
Fabrice
Le 2018-06-04 à 11:46, Sokolowski, Darryl a écrit :
Hi Fabrice,
Thanks, I’ll
Hello Will,
can you check the radius_audit_log table in the database ?
select count(*) from radius_audit_log;
Regards
Fabrice
Le 2018-06-04 à 06:19, Will Halsall via PacketFence-users a écrit :
Hi Folks
After upgrading to PF 8.01 the Auditing page is no longer being
updated See below:
Configure it to listen on a port...
Le 2018-05-31 à 08:57, Annibal Abreu via PacketFence-users a écrit :
radiusd: Opening IP addresses and Ports
The server is not configured to listen on any ports. Cannot start
Annibal
If you want to do 802.1x yes, if you want to use your ad as an
authentication source yes.
Btw it's not mandatory to have an AD.
But for network that packetfence manage (registration/isolation/inline)
you need to use the dhcp/dns from packetfence.
Le 2018-05-31 à 00:03, AdvBaxter a écrit :
Hello Hajar,
when you created the user you set "Login remaining" to a value and you
reached this value.
Set it to nothing and you will have an unlimited access.
Regards
Fabrice
Le 2018-05-30 à 09:14, hajar benjat via PacketFence-users a écrit :
Hello !
Sorry I wanna ask u again ; I
Hello Annibal,
it's a bug on the AP, even if you set /AeroHIVE::AP the name is cut to
/AeroHIVE.
Try that and it should be ok:
https://github.com/inverse-inc/packetfence/compare/fix/aerohive_url.diff
Regards
Fabrice
Le 2018-05-30 à 08:43, Annibal Abreu via PacketFence-users a écrit :
, but when third devices
login with the same username , user can still login but with blank
role in packetfence web.
On Tue, May 29, 2018 at 11:36 PM, Fabrice Durand via PacketFence-users
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Jabang,
ca
y Country.
attach my eduroam config file.
On Thu, May 24, 2018 at 7:43 PM, Fabrice Durand via
PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote:
What is 10.18.23.60 ?
can you share with me your file
/usr/local/pf/raddb/sites-enabled/eduroam
Hello Pedro,
what kind of enforcement are you using ?
Because with web auth PacketFence never disconnect the device.
But for vlan enforcement PacketFence deauth the device and apple stuff
never reconnect.
Regards
Fabrice
Le 2018-05-24 à 17:04, Pedro Trindade via PacketFence-users a
Hello Joël,
it's possible if you do machine authentication, only machine that have
been joined to the domain can do machine authentication.
So if PacketFence detect that then you can return a specific vlan (maybe
based on user auth) and if not then reject or return another vlan.
For Macs
https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_aerohive_networks
Le 2018-05-24 à 15:03, Annibal Abreu via PacketFence-users a écrit :
Hi
I have just installed packefence as Radius.
How do I change it to webauth enforment?
How to set aerohivew
Annibal
Ok there is a bug, i need to fix it.
Le 2018-05-24 à 11:33, jabang konate via PacketFence-users a écrit :
hi fabrice.
10.18.23.60 is ip National Roaming Operator eduroam in my Country.
attach my eduroam config file.
On Thu, May 24, 2018 at 7:43 PM, Fabrice Durand via PacketFence-users
e NTLM-Auth if
ldap return ok to avoid "ERROR: mschap: Program returned code (1)
and output 'Reading winbind reply failed! (0xc001)'".
> You have 3 scenarios:
yes i want like that,
I will try again and will share the results on this topic.
opic.
thank you for your advice fabrice.
On Thu, May 24, 2018 at 12:22 AM, Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Jabang,
so i am not sure what you try to do with the ldap modul
acketfence-tunnel ? or eduroam ?
6. restart freeradius and iptables
in step 5 im still confuse if i'm using 11812 so i must configure
eduroam file or still packetfence-tunnel ?
On Wed, May 23, 2018 at 10:55 PM, Fabrice Durand via PacketFence-users
<packetfence-users@lists.so
in
radius configuration for eduroam?
thank you
On Wed, May 23, 2018 at 7:33 PM, Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Jabang,
can you paste your packetfence-tunnel file ?
or entity to whom they are addressed. Their
contents may not be altered. lf you are not the intended recipient of
this communication please notify the sender and delete and destroy all
copies immediately.
2018-05-23 16:18 GMT+01:00 Fabrice Durand via PacketFence-users
<packetfence-us
The cronjob run a script to have the database and the files backuped in
/root/backup
addons/database-backup-and-maintenance.sh
Regards
Fabrice
Le 2018-05-23 à 11:01, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello,
How can I do a backup of the database and the files? What are
Hello Xavier,
You have to modify the iptables.conf template in orde to make it permanent.
/usr/local/pf/conf/iptables.conf
and restart iptables (pfmcd service iptables restart)
Regards
Fabrice
Le 2018-05-22 à 07:48, Xav Tauran via PacketFence-users a écrit :
Hello all,
I have something
Hello Hajar,
so first what do you want to do with PacketFence ?
Do you want to use inline enforcement/vlan enforcement ?
For information all services are not necessary, per example if you are
using radius only then no need to have a captive portal.
So first if you can do a screenshot of
Hello Raphael,
it looks that you system is not stable, do you run on a virtual machine ?
If yes then be sure to make a reservation for the memory and use thick
provisioning for the disk.
If it's not a vm then can you check what was the load before the crash
and does the system use the swap
Hello Annibal,
it's easy and you have multiples possibilities.
All the configuration is in the connection profile and you just have to
configure the correct filter.
Let say network 1 is 192.168.0.0/24 and network 2 is 192.168.1.0/24 then
you can create 2 connections profiles like:
and delete and destroy all
copies immediately.
2018-05-17 14:31 GMT+01:00 Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net>:
Le 2018-05-17 à 09:09, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello Fabrice,
In the how to, my interpretation is that w
or the
use of the individual or entity to whom they are addressed. Their
contents may not be altered. lf you are not the intended recipient of
this communication please notify the sender and delete and destroy all
copies immediately.
2018-05-17 13:39 GMT+01:00 Fabrice Durand via PacketFence-users
<pack
It's probably a javascript issue.
Check the javascript console or try to clear the cache of your browser.
Regards
Fabrice
Le 2018-05-17 à 07:20, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello,
Again, I am disturbing, but when configuring the registration
interface, it
Hello Jeimerson,
it looks that something is already listening on the port 3306.
Can you check with netstat ?
Regards
Fabrice
Le 2018-05-16 à 04:35, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello, I am configuring the Cluster, as it appears in how to, but,
after configuring
r/pass), this only did give me trouble with a
one or two users from the AD, I didn’t find why, but I work around
it by creating them internally on the pf.
Thank you.
*De:*Fabrice Durand via PacketFence-users
[mailto:packetfence-users@lists.sourceforge.net]
*Enviada em:* quarta-f
Hello Xavier,
it looks that it miss the calling-staion-id attribute in the radius request.
Can you use: raddebug -f /usr/local/pf/var/run/radiusd.sock
And paste the debug.
Regards
Fabrice
Le 2018-05-15 à 05:54, Xav Tauran via PacketFence-users a écrit :
Hello everyone,
I use PacketFence
-05-14T10:29:42+0200 lvl=eror msg="Error connecting to LDAP
source: LDAP Result Code 200 \"Network Error\": dial tcp: lookup
192.168.0.7,192.168.0.76: no such host" pid=2069
In the logs
Il 09/05/2018 16:32, Fabrice Durand via PacketFence-users ha scritto:
Hello Cristian,
Hello Jeimerson,
it looks that your server packetfence2 is down.
Regards
Fabrice
Le 2018-05-10 à 06:19, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello,
Sorry again, but you're experiencing the following sync error between
cluster nodes.
Thank you.
Com os melhores
# Make sure to adjust the FORWARD rules also to allow traffic back-in.
-A POSTROUTING -s 192.168.27.0/24 <http://192.168.27.0/24> -o eno1 -j
SNAT --to 192.168.254.113
#
# Routing for the hidden domain network
#
-A POSTROUTING -s 169.254.0.0/16 <http://169.254.0.0/16> -o eno1 -j
SNAT
. Thanks.
On 9 May 2018 at 18:21, Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Samuel,
can you restart rsyslog ?
Regards
Fabrice
Le 2018-05-08 à 10:27, Samu
Hello,
first for email registration, do you use the server as a relay or do you
use an external smtp server ?
For internet access, can you paste the command:
iptables -L -n -v
iptables -L -n -v -t nat
ipset -L
Regards
Fabrice
Le 2018-05-09 à 05:19, Dominix Public Relation via
Hello Rafael,
can you take a pcap when you try to bind the AD ?
I did some tests on my side and i am not able to reproduce the issue.
Also using a radius source for sponsor is not possible since PacketFence
need to do a search for the sponsor.
Regards
Fabrice
Le 2018-05-08 à 17:54,
Hello Cristian,
in fact you can set a comma delimited list of ip addresses in the source.
Regards
Fabrice
Le 2018-05-08 à 04:54, Cristian Mammoli via PacketFence-users a écrit :
Hi, what's the correct way to have redundant authentication sources?
There is no way to specify multiple hosts.
20> to 0.0.0.0:0 <http://0.0.0.0:0> length 20
(0) -: Expected Access-Accept got Access-Reject
I don't understand why I have an Access-Reject and not an
Access-Accept when I try my Radius in localhost connection.
Thank you in advance for your help.
Regards,
Xavier
2018-04-3
ms
May 03 15:17:33 srvpf.apra.it pfdns[2301]: 192.168.112.33 :
20:cf:30:36:88:15 passthrough
May 03 15:17:33 srvpf.apra.it pfdns[2301]: 192.168.112.33 -
[03/May/2018:15:17:33 +0200] " IN nac.apra.it. udp 29 false 512"
NOERROR qr,aa,rd,ra 87 3.211035ms
Il 03/05/2018 14:34, Fabrice
Hello Cristian,
we are on the way to change the pf-maint.pl script to add the way to
patch the go binary.
Regards
Fabrice
Le 2018-05-03 à 05:39, Cristian Mammoli via PacketFence-users a écrit :
Before 8.0 I simply run addons/pf-maint.pl, applied the patches and
restarted the services
How
the sender and delete and destroy all
copies immediately.
2018-05-02 17:58 GMT+01:00 Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net>:
Can you share authentication.conf (remove sensible information)
Le 2018-05-02 à 12:52, Jeimerson C. Chaves via PacketFence-users a
/resolv.conf
log stdout
errors
}
Regards
C.
Il 02/05/2018 18:54, Fabrice Durand via PacketFence-users ha scritto:
Hello Cristian,
you don't have to allow the portal ip for the registration and
isolation vlan.
Can you share your pf.conf and networks.conf and
/usr/local/pf/var/conf/
Hello Tobias,
it looks that your fingerbank db is corrupted, try to reinstall fingerbank:
yum reinstall fingerbank --enablerepo=packetfence
Regards
Fabrice
Le 2018-05-03 à 02:26, Meiser Tobias via PacketFence-users a écrit :
Hello,
we have updated our ZEN to PF 8.0 last week. Since then
Can you share authentication.conf (remove sensible information)
Le 2018-05-02 à 12:52, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello,
I installed PackerFence 8 on my lab, and I can not access the vlans.
As the logs and prints follow.
Thank you.
May 2 16:40:43 PacketFence-ZEN
%]
# Default to system resolv.conf file
proxy . /etc/resolv.conf
log stdout
errors
}
resolv.conf contains my corp dns servers
Regards
C.
Il 30/04/2018 14:59, Fabrice Durand via PacketFence-users ha scritto:
Hello Cristian,
pfdns is suppose to resolv the portal fqdn if the device is unreg
Hello Jeimerson,
it looks that your authentication source doesn't return any role.
Create a rule and assign a role and an access duration in your
authentication source.
Regards
Fabrice
Le 2018-05-02 à 11:59, Jeimerson C. Chaves via PacketFence-users a écrit :
Hi, all.
In tests with
Hello Xavier,
you are dealing with the wrong radiusd service , the correct one is
packetfence-radiusd-auth.
Also what you can try is the following (in /usr/local/pf/)
radiusd -d raddb/ -n auth -fxx -l stdout
And paste me the result.
Regards
Fabrice
Le 2018-04-26 à 05:00, Xav Tauran via
Hello Will,
Le 2018-04-28 à 18:09, Will Halsall via PacketFence-users a écrit :
>
> Hi Folks
>
>
>
>
>
> Having a problem getting packetfence 7.4 to work with .ac.uk radius
> servers
>
>
>
> 1. Server 1 and server 2 have different secrets and I cannot see
> a way of configuring this
Hello Cristian,
pfdns is suppose to resolv the portal fqdn if the device is unreg or if
there is a violation.
Also if there is a passthrough that match the portal fqdn name then it
will forward the request to another server.
Portal interface is just an interface with the portal on it, it
Hello Will,
it looks that the authentication fail in the chroot.
What you can try is the following:
chroot /chroots/RadiusAD
wbinfo -u
ntlm_auth --userbane=helpdesk --password=...
And let me know the result.
Regards
Fabrice
Le 2018-05-02 à 03:39, Will Halsall via PacketFence-users a
Hello Luca,
did it worked before ?
Can you see some specific messages in packetfence.log when PacketFence
try to reevaluate the access ?
Regards
Fabrice
Le 2018-04-26 à 02:52, luca comes via PacketFence-users a écrit :
>
> Anyone who can help me about this problem?
>
>
> Luca
>
>
>
>
Hello Dave,
you have to enable the passthrough in Packetfence in order to allow your
device in the registration vlan to reach the authorize.net web site.
Regards
Fabrice
Le 2018-04-12 à 14:10, Dave Walsh via PacketFence-users a écrit :
> Hello,
>
> I am running version 7.4.0 and I am unable
Hello Nathan,
does the LDAP server have the password in clear text or in nthash format ?
If it's not the case then it will not work but if it's the case then it
will be similar than an freeradius edirectory configuration.
Regards
Fabrice
Le 2018-04-06 à 10:35, Nathan, Josh via
Hello Xav,
When you say bind , you mean join PacketFence to the domain ?
Also what is your management interface and what is returned by : ip
route get 192.168.6.200
Regards
Fabrice
Le 2018-04-18 à 03:39, Xav Tauran via PacketFence-users a écrit :
> Hello,
>
> I made a mock-up to set up
Hello Jeimerson,
can you run:
raddebug -f /usr/local/pf/var/run/radius.sock -t 3000
and paste the result when you try to connect.
Regards
Fabrice
Le 2018-04-12 à 04:56, Jeimerson C. Chaves via PacketFence-users a écrit :
> Hello everyone, I'm having problem with authentication, using Samba
Hello Fabricio,
you will need to take a capture of the dns traffic of the Iphone and
check when you try to register on facebook if one of the answer of the
dns is the ip address of the captive portal.
If it's the case then you will need to adapt the passthrough.
Regards
Fabrice
Le
do a: ps -edf|grep radius
and paste me the result.
Regards
Fabrice
Le 2018-03-09 à 08:46, Jimmy Claes via PacketFence-users a écrit :
>
> Hello Fabrice
>
>
>
> Packetfence radius server is running:
>
>
>
> Regards
>
> Jimmy
>
>
>
lm
>
>
>
> [DEFAULT]
>
> domain=optionsad
>
> options=strip
>
>
>
> And the second file, radius-request2 shows the session when I
> added a named realm, i.e.
>
>
>
> [OPTIONS-AD-REALM]
>
>
67ad1ee589136a097166c440cb30107ddfb.diff
>
> Reusing existing connection to github.com:443.
>
> HTTP request sent, awaiting response... 200 OK
>
> Length: unspecified [text/plain]
>
> Saving to: '1eef967ad1ee589136a097166c440cb30107ddfb.diff'
>
>
file, radius-request2 shows the session when I added a
> named realm, i.e.
>
>
>
> [OPTIONS-AD-REALM]
>
> domain=optionsad
>
> options=strip
>
>
>
> Eugene
>
>
>
> *From:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@li
fdur...@mail.inverse.ca:143/fetch%3EUID%3E/PacketFence%20Users%20List%3E24241?header=quotebody=1.1.2=image001.png
>
>
>
> Regards
>
> Jimmy
>
>
>
> *Van:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@lists.sourceforge.net]
> *Ver
f'
>
> [
> <=>
>
>
> ] 831 --.-K/s in 0s
>
> 2018-03-08 05:45:35 (59.3 MB/s) -
A radius request in debug mode please.
cd /usr/local/pf
raddebug -f var/run/radiusd.sock -t 3000
Regards
Fabrice
Le 2018-03-08 à 00:39, E.P. a écrit :
>
> Good morning, Fabrice,
>
> I ran chroot /chroots/optionsad wbinfo -u and received the output of
> all users and groups from AD where
Hello Ian,
if you can do a pull request on github with this change then it will be
integrate to PacketFence for the next release.
And also thank for the support :-)
Regards
Fabrice
Le 2018-03-07 à 17:08, Ian MacDonald via PacketFence-users a écrit :
> Below is a quick addendum to the
Do you have a complete radius request ? because this one is just to test
the if the radius server is still alive.
Regards
Fabrice
Le 2018-03-07 à 11:42, ebrar via PacketFence-users a écrit :
>
> Hi Fabrice,
>
> But it doesn't. I'm trying to solve the problem for hours but could
> not find
Ok can you send me a complete radius request ? (raddebug -f
var/run/radiusd.sock -t 3000)
Regards
Fabrice
Le 2018-03-07 à 02:04, Jimmy Claes via PacketFence-users a écrit :
>
> Hello Fabrice
>
>
>
> Realms are already created and associated with the AD.
>
>
>
>
>
> Regards
>
> Jimmy
>
>
Hello Eugene,
i suppose you apply the PR 2735 on github.
I have push 2 new commits so can you try to apply them and make another
try ?
curl
https://github.com/inverse-inc/packetfence/pull/2735/commits/1eef967ad1ee589136a097166c440cb30107ddfb.diff
| patch -p1
curl
Hello Eugene,
Le 2018-03-06 à 22:33, E.P. a écrit :
>
> Hi Jimmy and Fabrice,
>
> I would like to report the same experience. I have a realm
> (OPTIONS-AD-REALM) and it is associated with the AD domain
> (optionsad), i.e.
>
>
>
> [OPTIONS-AD-REALM]
>
> domain=optionsad
>
> options=strip
>
>
In fact you need to restart the portal, haproxy and iptables to make it
available.
Le 2018-02-19 à 03:29, E.P. a écrit :
>
> And my further attempts to put two and two together and look back in
> time into this mailing list showed that Fabrice already answered this
> question before
>
> Yes,
It's like the port is not open on the interface (443)
Le 2018-02-18 à 22:19, E.P. a écrit :
>
> Here it is, Fabrice
>
> 10.0.254.3 is the WiFi client and 172.16.0.222 is PF.
>
> Tcpdump.pcap is attached and it is made right on PF
>
> The second capture is made on the laptop connected to guest
Hello Ebrar,
what is the root portal module you use on your connection profile ?
And if it's the default what are the sources you defined ?
Regards
Fabrice
Le 2018-02-23 à 03:22, EbrarLeblebici via PacketFence-users a écrit :
> Hey All,
>
> I coud not see login page after I accept the terms
Hello Eugene,
yes you can, just add portal to the management interface.
Regards
Fabrice
Le 2018-02-19 à 02:13, E.P. a écrit :
>
> I think it is slowly coming to me, Fabrice.
>
> My PF is pure for RADIUS enforcement and PF has only one IP address of
> management type.
>
> Now if I want
Hello John,
something like that in the vlan filters should work:
[ssid]
filter = ssid
operator = is
value = OPENSSID
[role]
filter = node_info.category
operator = match
value = SOMEROLE
[1:ssid]
scope = RegisteredRole
role = REJECT
Regards
Fabrice
Le 2018-02-06 à 08:46, John Sayce via
Hello Eugene,
can you try that:
sqlite3 db.sqlite3
UPDATE "auth_user" set
password='pbkdf2_sha256$2$Z2Lhr1cW8QM0$mN9PtNhxneIDzApqFa4uG8V44IXqHe+r7yootSoSzJQ='
where username='admin';
the password is p@ck3tf3nc3
Regards
Fabrice
Le 2018-02-03 à 01:31, E.P. a écrit :
>
> Hi Fabrice,
>
>
Hello,
the issue is open on github
https://github.com/inverse-inc/packetfence/issues/2923
Regards
Fabrice
Le 2018-02-02 à 10:43, David Harvey via PacketFence-users a écrit :
> Sorry for all the mailing list spam. I've been having a bit of a
> packetfence tinkering week!
>
> Since upgrading
Hello Tom,
sorry, this is a really busy period.
What we can try to find the issue is to put the log in debug, since it
looks that is on the portal that you have the issue we can try it first.
So in conf/log.conf.d/httpd.portal.conf , replace INFO per TRACE (2nd
line) and restart the portal.
Hello Scott,
it looks a bug in PacketFence, can you open an issue on github ?
https://github.com/inverse-inc/packetfence
Regards
Fabrice
Le 2018-02-01 à 15:05, Scott Bodeen via PacketFence-users a écrit :
> Hello all,
>
> I've spent a good part of the day looking through the PF manuals and
>
Hello Luca,
dhcp is udp traffic so it's not really easy to load balance.
Btw there is a pull request on github for that:
https://github.com/inverse-inc/packetfence/pull/2887
Regards
Fabrice
Le 2018-01-31 à 03:40, luca comes via PacketFence-users a écrit :
> Hi Fabrice,
> I checked and
Hello Will,
yes i saw that on my setup and we will push a fix in the maintenance.
Regards
Fabrice
Le 2018-01-31 à 08:00, Will Halsall via PacketFence-users a écrit :
>
> Hi Folks,
>
>
>
> Adding an Associated Realms to any of my Authentication Sources causes
> the test connection to fail
Hello Yan,
Le 2018-01-31 ?? 00:28, Yan a ??crit?0?2:
>
> Hi dear users,
>
> After a whole night??s analysis, we found it??s pf that takes too much
> time processing authentication request if the QPS is too high and
> hangs all radius requests later and then Aruba AC meets the radius
> timeout
Hello Rana,
In fact you need first to choose clear text ot mschap to store the local
user password (it's bcrypt by default).
Next if it still not working then run radius in debug mode and send me
the debug.
Regards
Fabrice
Le 2018-01-30 à 09:28, Rana, Vijaykumar via PacketFence-users a
Hello Will,
this is a limitation of your OS,
https://www.cyberciti.biz/faq/linux-increase-the-maximum-number-of-open-files/
Regards
Fabrice
Le 2018-01-30 à 09:19, Will Halsall via PacketFence-users a écrit :
>
> Hi Folks,
>
>
>
>
>
> I just noticed these errors reported in our logs. I am
ns to a handful of roles. Hope
> that makes more since.
>
>
>
> Jeremy Plumley
>
> ITS Network Administrator
>
> Ext 50024
>
>
>
> *From:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@lists.sourceforge.net]
> *Sent:* Thursday, Jan
yum update libdrm is suppose to fix the issue.
Le 2018-01-25 ?? 09:00, Yan a ??crit?0?2:
> Hi Fabrice,
> It seems to be the same issue you said. The error is as below. I run
> "yum?0?2--exclude=collectd*?0?2update" but the image is still broken. Is
> there any other way to fix it ?
>
> Python
Hello Jeremy,
i am not sure to understand , you mix device role and administration
access that is completely different.
Regards
Fabrice
Le 2018-01-25 à 08:48, Jeremy Plumley via PacketFence-users a écrit :
>
> Wanted to follow up on this and see if there is a way to add “no role”
> access so I
Hello Hubert,
it will be cat server.crt intermediate1.cert intermediate2.crt
server.key > server.pem
Regards
Fabrice
Le 2018-01-25 à 08:40, Hubert Kupper via PacketFence-users a écrit :
> Hello Fabrice,
>
> thanks. I did: cat server.crt server.key > server.pem. Now packetfence
> starts and the
Le 2018-01-25 à 05:41, Schenkelberg, Martin via PacketFence-users a écrit :
>
> Hello all, i hope you can give me a hint of what im doing wrong.
>
>
>
> We are evaluating to use PacketFence 7.3.0 Zen to authenticate users
> connecting to our lan and wifi infrastructure and to assign them the
>
gt;
> Then, the end-user just connects to SSID, authenticates and gets
> on the network. How would I assign the user to the “staff” role?
>
> Is this where provisioners come to help ?
>
>
>
> Eugene
>
>
>
> *From:*Fabrice
Hello Eugene,
in fact the REALM is used in 2 cases, if you add the option STRIP in the
realm config and restart radius then you will see that radius will strip it.
When you assign a REALM to a domain then if the realm match then it will
use the domain you define (options.bc.ca -> use AD OPTIONS)
>
> Le 2018-01-17 à 01:07, E.P. a écrit :
>
> Great!
>
> That confirms my train of thought. But it is still not
> clear to me how will it affect the user that authenticates
> against AD.
>
> Yes, I h
Hello Tom,
there : https://pf_mgmt:1443/admin/configuration#configuration/main/advanced
Regards
Fabrice
Le 2018-01-20 à 19:03, tom lo a écrit :
> Hi Durand,
>
> What change should I make on PF to "disable update locationlog on accounting"?
>
>
> Regards,
> Tom
>
> On Sun, Jan 21, 2018 at 4:31
Hello Yan,
in Freeradius if you want to authenticate a user with 802.1x
peap/mschapv2 then you need to use ntlm_auth and you need to join the
domain to the active directory.
(http://deployingradius.com/documents/protocols/compatibility.html)
I don't know exactly how they do with acs but i
Hello Yan,
sorry for the delay.
So why don't you joined pf2 to ad2 , i think it will be simpler and
probably fix your issue.
Regards
Fabrice
?0?2
Le 2018-01-15 ?? 11:17, Yan a ??crit?0?2:
>
> Yes. They have the same domain/users but on different servers. Both of
> them can authenticate our
Hello Barry,
when the error happen , is it when you try to do web-auth or out of band
? (if you have the httpd.portal.access lines when you hit the portal)
Because it looks that packetfence is not able to fetch your ip address.
Also to reevaluate an access on Ruckus SmartZone packetfence use
Hello Eugene,
this is exactly where you have to control that.
So just set a limit on the roles where you want to limit the number of
devices per users.
Regards
Fabrice
Le 2018-01-16 à 02:01, E.P. via PacketFence-users a écrit :
>
> It sounds close to the number of devices/nodes a user can
t;
>
> *From:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@lists.sourceforge.net]
> *Sent:* Monday, January 15, 2018 6:01 AM
> *To:* packetfence-users@lists.sourceforge.net
> *Cc:* Fabrice Durand
> *Subject:* Re: [PacketFence-users] PKI provisioning conf
Hello Raphael,
can you try that:
in /usr/local/pf/
patch -p1 --dry-run < status.diff
and if there is no error:
patch -p1 < status.diff
and restart packetfence.
Let me know if it works, i will push it in the main code.
Regards
Fabrice
Le 2018-01-15 à 18:01, Raphael Dias via
Hello,
you can play with iptables.conf in the conf directory in order to add
your custom rules.
Regards
Fabrice
Le 2018-01-15 à 11:18, lists via PacketFence-users a écrit :
> Hi,
>
> We're using packetfence in inline modus for our wifi (10.10.10.0/24)
> segment. The external packetfence
e?
>
> Luca
>
>
>
> *Da:* Fabrice Durand <fdur...@inverse.ca>
> *Inviato:* lunedì 15 gennaio 2018 15:10
> *A:* luca comes; Fabrice Durand via PacketFence-users
> *Oggetto:* Re: R: [PacketFence-users] no httpd portal in a Cluster
>
Hello Yan,
does AD1 and AD2 are the same ? (same domain/users ...)
Regards
Fabrice
Le 2018-01-15 ?? 00:41, Yan a ??crit?0?2:
> Hi Durand,
>
> I installed a netdata in my pf server and not found any network issue
> yet(I'm learning to use it). But there is another case I'm not sure if
> it is
t; ip=172.27.17.3
> type=management,high-availability
> mask=255.255.255.0
>
> [pfnac03 interface ens192.2445]
> enforcement=vlan
> ip=10.255.20.10
> type=internal
> mask=255.255.255.0
>
> [pfnac03 interface ens192.2446]
> enforcement=vlan
> ip=10.255.30.10
> ty
Hello Eugene,
Le 2018-01-13 à 02:59, E.P. via PacketFence-users a écrit :
>
> Folks,
>
> Our two big shots in the organization live their lives with Apple
> macbooks and we need to get them on the secure WiFi.
>
> Can someone explain me where and how to get the content of
> certificates that are
401 - 500 of 673 matches
Mail list logo