Hello Marcus,
in the device registration page there is no way to allow the end user to
choose the role.
You define it or PacketFence use the same one of the user.
Also Julien did this sort of thing you want to use on the device
registration page but for the captive portal.
Ok i am able to replicate it, let me fix it and i will give you a patch.
Regards
Fabrice
Le 2017-11-14 à 22:41, Jason Sloan a écrit :
> Sorry, I should have included the values.
> I wasn't sure if the values should be comma delimited or not. I tried
> both comma and space delimited.
>
> KU:
>
Ok so here the patch
https://github.com/inverse-inc/packetfence-pki/commit/c66ef2ab34964caecda3d2cdff1c956656227ffc.diff
Regards
Fabrice
Le 2017-11-15 à 08:56, Fabrice Durand via PacketFence-users a écrit :
>
> Ok i am able to replicate it, let me fix it and i will give you a
Hello James,
can you run radius in debug mode and retry a connection, i would like to
see the radius request.
raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000
Regards
Fabrice
Le 2017-11-01 à 14:21, James Garcellano via PacketFence-users a écrit :
>
> Hello everyone,
>
>
>
> I would
Hello James,
little bit weird , the NAS-IP-Address is equal to 192.168.1.5 and should
be equal to 192.168.1.12.
Did you changed something the the Netgear config to set NAS IP Address
with the wrong value ?
Regards
Fabrice
Le 2017-11-01 à 16:48, James Garcellano via PacketFence-users a écrit
Hello Stephen,
it looks that there an issue to connect to the OMAPI socket.
Does the dhcp server is running ?
Also try to disable OMAPI in the admin gui and restart pfqueue.
Regards
Fabrice
Le 2017-11-02 à 10:20, Stephen Appleby via PacketFence-users a écrit :
>
> I've setup radius and
op works.
>
>
>
>
>
> *Da:*Fabrice Durand [mailto:fdur...@inverse.ca]
> *Inviato:* martedì 31 ottobre 2017 17.32
> *A:* Alessandro Canella <alessandro.cane...@itcare.it>
> <mailto:alessandro.cane...@itcare.it>;
>
Hello Nicolay,
not sure to understand , you mean in the admin gui ?
Regards
Fabrice
Le 2017-11-07 à 08:23, Nicolay Rytchev via PacketFence-users a écrit :
> Hello all,
>
> Is it possible to hide from the user or forbid to him see or change
> user's account in local database that is not
Hello Luís,
in
html/captive-portal/lib/captiveportal/PacketFence/DynamicRouting/Module/Authentication/Sponsor.pm
line 177 add cell_phone in the list
177 foreach my $key (qw(firstname lastname telephone company
cell_phone)) {
regards
Fabrice
Le 2017-11-07 à 05:10, Luís Torres via
Hello Tobias,
did you changed the html template files ?
Because the progress bar is there by default.
Regards
Fabrice
Le 2017-11-09 à 04:32, Schimanski Tobias via PacketFence-users a écrit :
>
> Hey guys
>
>
>
> my packetfence didn’t show the progress bar after login. It shows an
> error
Hello Michel,
did you define a device registration profile and did you assign it to
your connection profile ?
In 7.3 you can create multiples connection profile and assign one of
them to a connection profile.
Regards
Fabrice
Le 2017-11-09 à 01:20, Pedersen Michel via PacketFence-users a
ese accounts have only user management rights.
>
> Regards,
> Nicolay
>
>
> 2017-11-07 22:17 GMT+01:00 Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net>>:
>
> Hell
e shown only if I click "today" but "Operating
>> Systems" or "Bandwidth Consumers" show the "What's going on..."
>> message. When I click "7 days" or older, "Node States" is empty but
>> the other options show graphs. I am a l
;
> Done some tests. Cannot grant internet access to PF, so I’ve
> pasted diff content in a local diff file, but doesn’t work
> (remains freezed and needs a ctrl-c to return to prompt)
>
>
>
> Not too simply.. any ideas? Can I execute single lines of diff fi
Hello James,
cool it works, i will add the support of 802.1x for the Mserie in the
main code.
Regards
Fabrice
Le 2017-11-02 à 09:15, James Garcellano via PacketFence-users a écrit :
> Hello Fabrice,
>
> Adding the line "sub supportsWiredDot1x { return $TRUE; }" to
>
gt; *Inviato:* martedì 31 ottobre 2017 17.32
> *A:* Alessandro Canella <alessandro.cane...@itcare.it>
> <mailto:alessandro.cane...@itcare.it>;
> packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net
Hello Paul,
What i would do is to use the device registration page in this case.
When user want to register there IOT devices, they use there already
registered device to hit the device registration page and register the
IOT by his mac address.
At the end of the registration you will just have
Le 2017-12-08 à 09:45, Benoît Dubé via PacketFence-users a écrit :
>
> Merci beaucoup Fabrice,
>
>
> When external users are redirected to the PacketFence portal, IP
> packets contain the user's IP. I can install the DHCP remote sensor
> on the server, but question is why to do that if the IP
Hello Eugene,
can you try:
yum makecache --enablerepo=packetfence,packetfence-extra
yum install packetfence-pki --enablerepo=packetfence-extra, packetfence
Regards
Fabrice
Le 2017-12-11 à 16:03, E.P. via PacketFence-users a écrit :
>
> Hi guys,
>
> I’m trying to follow the guide published
hed Dependency Resolution
>
> Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
> (packetfence-extra)
>
> Requires: python-django-rest-framework
>
> Error: Package: packetfence-pki-1.1.1-1.el7.centos.noarch
> (packetfence-extra)
>
> Requir
Just change the owner of the sqlite file to pf and it should be ok.
Btw all these steps are made in the packaging, so it probably failled or
never finish correctly.
I will do a test on my side.
Regards
Fabrice
Le 2017-12-12 à 03:47, E.P. a écrit :
>
> Well, we are getting closer ;)
>
> Ran
Ok so it should work with coovachilli on openwrt.
There is a module in PacketFence for that.
Regards
Fabrice
Le 2017-12-12 à 07:36, Luca Fois via PacketFence-users a écrit :
> Hi;
>
> Thanks for your quick reply
> I will use a ubiquiti picostation m2 with openwrt.
>
> I think its better than
Hello Timothy,
you must enable that:
https://raw.githubusercontent.com/inverse-inc/packetfence/ae18f50b4879cc2d4132490fcee33f2fbe53b36f/docs/images/unifi-radius.png
Regards
Fabrice
Le 2017-12-12 à 01:37, Timothy Mullican via PacketFence-users a écrit :
> Hello all,
> I am trying to setup a
Hello Yan,
you need to patch packetfence:
cd /usr/local/pf
curl
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/2530.diff
| patch -p1
Then restart all the services.
On the Ruckus side i don't know, i have no documentation.
Btw if you have screenshot of how to set
n assignment on open SSIDs? For open networks it only lets me
> specify a static VLAN to use.
>
> Thanks!
>
> Sent from mobile phone
>
> On Dec 12, 2017, at 07:41, Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net
> <mailto:pa
Hello Jeremy,
does the Aruba Switch run Arubas OS or is it something like HP Os ?
Regards
Fabrice
Le 2017-12-06 à 09:07, Jeremy Plumley via PacketFence-users a écrit :
>
> I’m looking into possibly replacing some of our access layer switch
> needs with Aruba Networks switches. I notice in
Hello John,
i need a little bit of log.
First radius log when the device connect:
raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000
Then the packetfence.log.
Regards
Fabrice
Le 2017-10-30 à 07:33, john--- via PacketFence-users a écrit :
>
> Good day everyone,
>
>
>
> I have an
Hello Yan,
yes of course it's possible to move the db from local to remote.
When you export the db, be sure to export the procedures too, or use the
db schema in db directory then import your data.
Also don't forget to do a pfcmd configreload hard and to restart
packetfence-config.
Regards
uthentication' rules
> set_role : guest
> set_access_duration : 1D
> Did not match against null for 'administration' rules
>
> Authenticating against My_SMS
> Authentication FAILED against My_SMS ()
> Matched against My_SMS for 'authentication' rules
> set_role :
Hello Alessandro,
you also need to have a vlan interface on the system.
So in /etc/sysconfig/network-script you need to have a file ifcfg-eth0.50
Regards
Fabrice
Le 2017-10-24 à 08:29, Alessandro Canella via PacketFence-users a écrit :
>
> Hello,
>
>
>
> I’ve changed IP at my PF ZEN. From
Hello Diego,
you will need to remove facebook from the dns_filters.conf.default in
order to fix the fqdn graph.facebook.com.
Also the passthroughs for the OAuth sources are in the OAuth config
itself (pf side).
Regards
Fabrice
Le 2017-10-25 à 12:29, Diego Lopes da Cruz via PacketFence-users
, 2017 at 12:33 PM, Fabrice Durand via PacketFence-users
> <packetfence-users@lists.sourceforge.net
> <mailto:packetfence-users@lists.sourceforge.net>> wrote:
>
> Hello Matt,
>
> this is normal, PacketFence allowed the mac of the device and if
> you plug an
r when authenticating
> with google (see attachment).*
> *Do I need to generate or install a certificate?
> *
> *Can you solve this?*
> *Thank you!*
> *
> *
> *
> *
>
> 2017-10-25 14:37 GMT-02:00 Fabrice Durand via PacketFence-us
Hello Matt,
this is normal, PacketFence allowed the mac of the device and if you
plug another device in the switch port then a new security trap will be
sent to PacketFence.
Regards
Fabrice
Le 2017-10-25 à 10:33, Matt Mossholder via PacketFence-users a écrit :
> Hi everyone,
> What is
> Desauth Method : RADIUS / CoA is ticked , I dont know if there is
> anything else I should set ?
>
> For 802.1X I did not bind Packetfence to an AD, I thought it could use
> the local user database ?
>
> thanks
>
> On Mon, Oct 30, 2017 at 7:40 PM, Fabrice Durand via Pa
Hello Alessandro,
can you try this patch:
cd /usr/local/pf
curl
https://github.com/inverse-inc/packetfence/commit/fa866d14be0b16ef1af0ed849c85a481a4011048.diff
| patch -p1
Then restart packetfence.
Regards
Fabrice
Le 2017-10-31 à 07:59, Alessandro Canella via PacketFence-users a écrit :
>
Hello Samuel,
there is a pull request for that:
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/2683.diff
And i think it's close to what you did.
Regards
Le 2017-10-31 à 09:33, Samuel Chege via PacketFence-users a écrit :
> Hi Guys,
>
> I just set up PacketFence
a local diff file, but doesn’t work (remains freezed
> and needs a ctrl-c to return to prompt)
>
>
>
> Not too simply.. any ideas? Can I execute single lines of diff file?
>
>
>
> *Da:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@lists
ntication SUCCEEDED against local (Authentication successful.)
> Matched against local for 'authentication' rules
> set_access_duration : 5D
> set_access_level : NONE
> set_role : guest
> Matched against local for 'administration' rules
> set_access_duration : 5D
> set_acc
Hello Yan,
Le 2017-10-30 ?? 11:28, Yan via PacketFence-users a ??crit?0?2:
> Hi Fabrice,
>
> Thank you very much. You are right. It seems my problem was caused by
> not excuting "pfcmd configreload hard" and to "restart
> packetfence-config". After doing this, the nodes dashboard are loaded
>
Hello Gonzague,
it will not really complicate to add the CoA support for Meraki switches
in PacketFence.
Can you try the attached switch module and let me know.
Also for the 802.1x issue , did you joined the server to your AD ?
Did you created realm associated to your domain ?
Regards
i look in the log there is no traces about a registration process,
i can just see 2 wire mac authentication.
Regards
Fabrice
Le 2017-10-30 à 11:22, j...@momentumvr.co.uk a écrit :
>
>
>
>
>
> *From:*Fabrice Durand via PacketFence-users
> [mailto:packetfence-users@
20> to 0.0.0.0:0 <http://0.0.0.0:0> length 20
(0) -: Expected Access-Accept got Access-Reject
I don't understand why I have an Access-Reject and not an
Access-Accept when I try my Radius in localhost connection.
Thank you in advance for your help.
Regards,
Xavier
2018-04-3
-05-14T10:29:42+0200 lvl=eror msg="Error connecting to LDAP
source: LDAP Result Code 200 \"Network Error\": dial tcp: lookup
192.168.0.7,192.168.0.76: no such host" pid=2069
In the logs
Il 09/05/2018 16:32, Fabrice Durand via PacketFence-users ha scritto:
Hello Cristian,
Hello Cristian,
in fact you can set a comma delimited list of ip addresses in the source.
Regards
Fabrice
Le 2018-05-08 à 04:54, Cristian Mammoli via PacketFence-users a écrit :
Hi, what's the correct way to have redundant authentication sources?
There is no way to specify multiple hosts.
Hello Rafael,
can you take a pcap when you try to bind the AD ?
I did some tests on my side and i am not able to reproduce the issue.
Also using a radius source for sponsor is not possible since PacketFence
need to do a search for the sponsor.
Regards
Fabrice
Le 2018-05-08 à 17:54,
. Thanks.
On 9 May 2018 at 18:21, Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Samuel,
can you restart rsyslog ?
Regards
Fabrice
Le 2018-05-08 à 10:27, Samu
Hello,
first for email registration, do you use the server as a relay or do you
use an external smtp server ?
For internet access, can you paste the command:
iptables -L -n -v
iptables -L -n -v -t nat
ipset -L
Regards
Fabrice
Le 2018-05-09 à 05:19, Dominix Public Relation via
# Make sure to adjust the FORWARD rules also to allow traffic back-in.
-A POSTROUTING -s 192.168.27.0/24 <http://192.168.27.0/24> -o eno1 -j
SNAT --to 192.168.254.113
#
# Routing for the hidden domain network
#
-A POSTROUTING -s 169.254.0.0/16 <http://169.254.0.0/16> -o eno1 -j
SNAT
Hello Jeimerson,
it looks that your server packetfence2 is down.
Regards
Fabrice
Le 2018-05-10 à 06:19, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello,
Sorry again, but you're experiencing the following sync error between
cluster nodes.
Thank you.
Com os melhores
ms
May 03 15:17:33 srvpf.apra.it pfdns[2301]: 192.168.112.33 :
20:cf:30:36:88:15 passthrough
May 03 15:17:33 srvpf.apra.it pfdns[2301]: 192.168.112.33 -
[03/May/2018:15:17:33 +0200] " IN nac.apra.it. udp 29 false 512"
NOERROR qr,aa,rd,ra 87 3.211035ms
Il 03/05/2018 14:34, Fabrice
It's probably a javascript issue.
Check the javascript console or try to clear the cache of your browser.
Regards
Fabrice
Le 2018-05-17 à 07:20, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello,
Again, I am disturbing, but when configuring the registration
interface, it
or the
use of the individual or entity to whom they are addressed. Their
contents may not be altered. lf you are not the intended recipient of
this communication please notify the sender and delete and destroy all
copies immediately.
2018-05-17 13:39 GMT+01:00 Fabrice Durand via PacketFence-users
<pack
and delete and destroy all
copies immediately.
2018-05-17 14:31 GMT+01:00 Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net>:
Le 2018-05-17 à 09:09, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello Fabrice,
In the how to, my interpretation is that w
Hello Xavier,
it looks that it miss the calling-staion-id attribute in the radius request.
Can you use: raddebug -f /usr/local/pf/var/run/radiusd.sock
And paste the debug.
Regards
Fabrice
Le 2018-05-15 à 05:54, Xav Tauran via PacketFence-users a écrit :
Hello everyone,
I use PacketFence
r/pass), this only did give me trouble with a
one or two users from the AD, I didn’t find why, but I work around
it by creating them internally on the pf.
Thank you.
*De:*Fabrice Durand via PacketFence-users
[mailto:packetfence-users@lists.sourceforge.net]
*Enviada em:* quarta-f
Hello Jeimerson,
it looks that something is already listening on the port 3306.
Can you check with netstat ?
Regards
Fabrice
Le 2018-05-16 à 04:35, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello, I am configuring the Cluster, as it appears in how to, but,
after configuring
Hello Hajar,
so first what do you want to do with PacketFence ?
Do you want to use inline enforcement/vlan enforcement ?
For information all services are not necessary, per example if you are
using radius only then no need to have a captive portal.
So first if you can do a screenshot of
Hello Raphael,
it looks that you system is not stable, do you run on a virtual machine ?
If yes then be sure to make a reservation for the memory and use thick
provisioning for the disk.
If it's not a vm then can you check what was the load before the crash
and does the system use the swap
Hello Xavier,
You have to modify the iptables.conf template in orde to make it permanent.
/usr/local/pf/conf/iptables.conf
and restart iptables (pfmcd service iptables restart)
Regards
Fabrice
Le 2018-05-22 à 07:48, Xav Tauran via PacketFence-users a écrit :
Hello all,
I have something
https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_aerohive_networks
Le 2018-05-24 à 15:03, Annibal Abreu via PacketFence-users a écrit :
Hi
I have just installed packefence as Radius.
How do I change it to webauth enforment?
How to set aerohivew
Annibal
Hello Pedro,
what kind of enforcement are you using ?
Because with web auth PacketFence never disconnect the device.
But for vlan enforcement PacketFence deauth the device and apple stuff
never reconnect.
Regards
Fabrice
Le 2018-05-24 à 17:04, Pedro Trindade via PacketFence-users a
Hello Joël,
it's possible if you do machine authentication, only machine that have
been joined to the domain can do machine authentication.
So if PacketFence detect that then you can return a specific vlan (maybe
based on user auth) and if not then reject or return another vlan.
For Macs
e NTLM-Auth if
ldap return ok to avoid "ERROR: mschap: Program returned code (1)
and output 'Reading winbind reply failed! (0xc001)'".
> You have 3 scenarios:
yes i want like that,
I will try again and will share the results on this topic.
Ok there is a bug, i need to fix it.
Le 2018-05-24 à 11:33, jabang konate via PacketFence-users a écrit :
hi fabrice.
10.18.23.60 is ip National Roaming Operator eduroam in my Country.
attach my eduroam config file.
On Thu, May 24, 2018 at 7:43 PM, Fabrice Durand via PacketFence-users
Hello Annibal,
it's easy and you have multiples possibilities.
All the configuration is in the connection profile and you just have to
configure the correct filter.
Let say network 1 is 192.168.0.0/24 and network 2 is 192.168.1.0/24 then
you can create 2 connections profiles like:
in
radius configuration for eduroam?
thank you
On Wed, May 23, 2018 at 7:33 PM, Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Jabang,
can you paste your packetfence-tunnel file ?
The cronjob run a script to have the database and the files backuped in
/root/backup
addons/database-backup-and-maintenance.sh
Regards
Fabrice
Le 2018-05-23 à 11:01, Jeimerson C. Chaves via PacketFence-users a écrit :
Hello,
How can I do a backup of the database and the files? What are
or entity to whom they are addressed. Their
contents may not be altered. lf you are not the intended recipient of
this communication please notify the sender and delete and destroy all
copies immediately.
2018-05-23 16:18 GMT+01:00 Fabrice Durand via PacketFence-users
<packetfence-us
acketfence-tunnel ? or eduroam ?
6. restart freeradius and iptables
in step 5 im still confuse if i'm using 11812 so i must configure
eduroam file or still packetfence-tunnel ?
On Wed, May 23, 2018 at 10:55 PM, Fabrice Durand via PacketFence-users
<packetfence-users@lists.so
opic.
thank you for your advice fabrice.
On Thu, May 24, 2018 at 12:22 AM, Fabrice Durand via PacketFence-users
<packetfence-users@lists.sourceforge.net
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Jabang,
so i am not sure what you try to do with the ldap modul
Hello Will,
can you check the radius_audit_log table in the database ?
select count(*) from radius_audit_log;
Regards
Fabrice
Le 2018-06-04 à 06:19, Will Halsall via PacketFence-users a écrit :
Hi Folks
After upgrading to PF 8.01 the Auditing page is no longer being
updated See below:
edIn
From: Fabrice Durand via PacketFence-users
[mailto:packetfence-users@lists.sourceforge.net]
Sent: Thursday, 7 June 2018 12:02 AM
To: packetfence-users@lists.sourceforge.net
Cc: Fabrice Durand
Subject: Re: [PacketFence-users] Cant Connect to AD - Failed to join domain:
failed to connect to AD: Cl
Hello Tobias,
bte we don't have all the switches supported in PacketFence to be able
to test if the CLI access is wroking.
But if you tell me that the generic switch works with CLI access then
you can try to add that in the H3C.pm file:
=item returnAuthorizeWrite
Return a generic accept
Btw the new pfdns in go provide this information in the log.
Le 2018-06-14 à 03:15, mj via PacketFence-users a écrit :
Hi,
We have (kind of) solved this by logging dns requests done by the
inline clients, plus their mac address. We are using this:
https://github.com/gamelinux/passivedns
Hello Geert,
since wpa2-entreprise already authenticate the user (AD credential) then
you can auto register device in this case and no need to have the
captive portal.
Regards
Fabrice
Le 2018-06-14 à 02:52, Geert Heremans via PacketFence-users a écrit :
Hello everyone,
I'm wondering if
Hello Joshua,
i don't know your setup but what exactly are you trying to do ?
Based on the realm you want to forward to another radius server ?
Did you enabled packetfence-local-auth in Freeradius ?
Hello Murilo,
are you using PacketFence in inline mode ?
Regards
Fabrice
Le 2018-06-13 à 09:52, Murilo Calegari via PacketFence-users a écrit :
Hello,
I'm currently implementing PacketFence as our NAC in a institution for
guests. One of the features we are required by the federal
So since PacketFence is used as a gateway you can log the dns request
but you can't log the http request. (you need to use a proxy).
Le 2018-06-13 à 11:10, Murilo Calegari a écrit :
Yes, I am!
Em qua, 13 de jun de 2018 11:57, Fabrice Durand via PacketFence-users
<mailto:packetfence-us
Fabrice Durand via PacketFence-users
<mailto:packetfence-users@lists.sourceforge.net>>:
Hello Geert,
since wpa2-entreprise already authenticate the user (AD
credential) then you can auto register device in this case and no
need to have the captive portal.
Regards
#
eap
}
} # inner-tunnel server block
Joshua Nathan
*IT Supervisor*
Black Forest Academy
p: +49 (0) 7626 9161 630 m: +49 (0) 152 3452 0056
a:
w: Hammersteiner Straße 50, 79400 Kandern
bfacademy.de <http://bfacademy.de/>
On Wed, Jun 13, 2018 at 4:5
In PacketFence we do a person lookup (fetch info from ldap) when a
802.1x user connect on the network so indirectly you can have the google
information from the AD.
Le 2018-06-14 à 10:05, Steve Pfister via PacketFence-users a écrit :
I've heard that you can sync accounts between your Active
It looks that you have 2 ip on the interface eth0 and packetfence use
the first one to nat the chroot traffic (10.99.19.240/21)
You will probably need to remove the second one (10.99.21.1/21)
Can you try the following (replace 10.0.0.1 by the AD ip address):
ip netns exec dpsad ping 10.0.0.1
; -o eth0 -j
SNAT --to-source 10.99.19.240
This rule is mandatory to join the domain.
On Fri, Jun 15, 2018 at 10:12 AM, Fabrice Durand via PacketFence-users
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Steven,
var/conf/iptables.conf is a file generated f
ade to iptables.conf didn't work, so I
changed it back. Now, with iptables started, I can't get to the web
interface until I stop iptables.
On Fri, Jun 15, 2018 at 9:45 AM, Fabrice Durand via PacketFence-users
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Ok so if
, but when third devices
login with the same username , user can still login but with blank
role in packetfence web.
On Tue, May 29, 2018 at 11:36 PM, Fabrice Durand via PacketFence-users
<mailto:packetfence-users@lists.sourceforge.net>> wrote:
Hello Jabang,
ca
Hello Matthew,
are you doing wbinfo in the chroot ? (chroot /chroots/...)
Also (Error binding '80090308: LdapErr: DSID-0C0903D9, comment:
AcceptSecurityContext error, data 52e, v2580) looks to be an error
related to "Invalid credentials".
Hello Darryl,
you are not suppose to have this file anymore
(/usr/local/pf/lib/pf/services/manager/dhcpd.pm) can you rename it to
/usr/local/pf/lib/pf/services/manager/dhcpd.pm.bak and retry ?
Regards
Fabrice
Le 2018-06-04 à 11:46, Sokolowski, Darryl a écrit :
Hi Fabrice,
Thanks, I’ll
Hello,
You can use the internal PacketFence user database for authentication,
even for the portal or for 802.1x.
https://packetfence.org/doc/PacketFence_Installation_Guide.html#_eap_local_user_authentication
Regards
Fabrice
Le 2018-06-05 à 03:00, AdvBaxter via PacketFence-users a écrit
Hello Cristian,
what you can try is to upgrade the haproxy version.
Not really complicate to do:
cd /usr/local/pf
curl
https://patch-diff.githubusercontent.com/raw/inverse-inc/packetfence/pull/3209.diff
| patch -p1 --dry-run
If no conflicts:
curl
Hello Martin,
The difference between machine authentication and user authentication is
very minimal.
When you join a windows computer to the domain then in the AD computers
OU you will have a computer account and when you configure your
supplicant to do computer authentication then the
You need to define the role of each users in PacketFence.
Edit the user and set a role and an access duration in the PacketFence
gui interface.
Regards
Fabrice
Le 2018-06-06 à 00:17, AdvBaxter a écrit :
Ok,
So, if I decide to use Packetfence without AD, how do they assign vlan
Hello Jabang,
your issue is because in the Ruckus radius request it miss the
NAS-Port-Type attribute.
Can you try that:
diff --git a/lib/pf/Switch.pm b/lib/pf/Switch.pm
index 22bd94288..db9ee3921 100644
--- a/lib/pf/Switch.pm
+++ b/lib/pf/Switch.pm
@@ -3015,7 +3015,7 @@ sub parseRequest {
y Country.
attach my eduroam config file.
On Thu, May 24, 2018 at 7:43 PM, Fabrice Durand via
PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote:
What is 10.18.23.60 ?
can you share with me your file
/usr/local/pf/raddb/sites-enabled/eduroam
Hello Hajar,
when you created the user you set "Login remaining" to a value and you
reached this value.
Set it to nothing and you will have an unlimited access.
Regards
Fabrice
Le 2018-05-30 à 09:14, hajar benjat via PacketFence-users a écrit :
Hello !
Sorry I wanna ask u again ; I
Hello Annibal,
it's a bug on the AP, even if you set /AeroHIVE::AP the name is cut to
/AeroHIVE.
Try that and it should be ok:
https://github.com/inverse-inc/packetfence/compare/fix/aerohive_url.diff
Regards
Fabrice
Le 2018-05-30 à 08:43, Annibal Abreu via PacketFence-users a écrit :
Configure it to listen on a port...
Le 2018-05-31 à 08:57, Annibal Abreu via PacketFence-users a écrit :
radiusd: Opening IP addresses and Ports
The server is not configured to listen on any ports. Cannot start
Annibal
If you want to do 802.1x yes, if you want to use your ad as an
authentication source yes.
Btw it's not mandatory to have an AD.
But for network that packetfence manage (registration/isolation/inline)
you need to use the dhcp/dns from packetfence.
Le 2018-05-31 à 00:03, AdvBaxter a écrit :
Hello,
sorry a typo, this is:
curl https://github.com/inverse-inc/packetfence/pull/3209.diff | patch
-p1 --dry-run
curl https://github.com/inverse-inc/packetfence/pull/3209.diff | patch -p1
Regards
Fabrice
Le 2018-06-22 à 13:57, Gerllys Speroto Calvi a écrit :
HI,
The command you
Hello Will,
it looks that the authentication fail in the chroot.
What you can try is the following:
chroot /chroots/RadiusAD
wbinfo -u
ntlm_auth --userbane=helpdesk --password=...
And let me know the result.
Regards
Fabrice
Le 2018-05-02 à 03:39, Will Halsall via PacketFence-users a
101 - 200 of 673 matches
Mail list logo