Re: [PacketFence-users] eduroam

Hello Will, Le 2018-04-28 à 18:09, Will Halsall via PacketFence-users a écrit : > > Hi Folks > >   > >   > > Having a problem getting packetfence 7.4 to work with .ac.uk radius > servers > >   > > 1.   Server 1 and server 2 have different secrets and I cannot see > a way of configuring this

Re: [PacketFence-users] Portal fqdn resolution from isolation and registration vlan

Hello Cristian, pfdns is suppose to resolv the portal fqdn if the device is unreg or if there is a violation. Also if there is a passthrough that match the portal fqdn name then it will forward the request to another server. Portal interface is just an interface with the portal on it, it

Re: [PacketFence-users] Cant' Start FreeRadius on PacketFence

Hello Xavier, you are dealing with the wrong radiusd service , the correct one is packetfence-radiusd-auth. Also what you can try is the following (in /usr/local/pf/) radiusd -d raddb/ -n auth -fxx -l stdout And paste me the result. Regards Fabrice Le 2018-04-26 à 05:00, Xav Tauran via

Re: [PacketFence-users] PacketFence 8

Hello Jeimerson, it looks that your authentication source doesn't return any role. Create a rule and assign a role and an access duration in your authentication source. Regards Fabrice Le 2018-05-02 à 11:59, Jeimerson C. Chaves via PacketFence-users a écrit : Hi, all. In tests with

Re: [PacketFence-users] Portal fqdn resolution from isolation and registration vlan

%]     # Default to system resolv.conf file     proxy . /etc/resolv.conf     log stdout     errors } resolv.conf contains my corp dns servers Regards C. Il 30/04/2018 14:59, Fabrice Durand via PacketFence-users ha scritto: Hello Cristian, pfdns is suppose to resolv the portal fqdn if the device is unreg

Re: [PacketFence-users] Bug PacketFence 8

Can you share authentication.conf (remove sensible information) Le 2018-05-02 à 12:52, Jeimerson C. Chaves via PacketFence-users a écrit : Hello, I installed PackerFence 8 on my lab, and I can not access the vlans. As the logs and prints follow. Thank you. May 2 16:40:43 PacketFence-ZEN

Re: [PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Hello Luca, did it worked before ? Can you see some specific messages in packetfence.log when PacketFence try to reevaluate the access ? Regards Fabrice Le 2018-04-26 à 02:52, luca comes via PacketFence-users a écrit : > > Anyone who can help me about this problem? > > > Luca > > > >

Re: [PacketFence-users] Bug PacketFence 8

the sender and delete and destroy all copies immediately. 2018-05-02 17:58 GMT+01:00 Fabrice Durand via PacketFence-users <packetfence-users@lists.sourceforge.net>: Can you share authentication.conf (remove sensible information) Le 2018-05-02 à 12:52, Jeimerson C. Chaves via PacketFence-users a

Re: [PacketFence-users] New go binaries and pf-maint

Hello Cristian, we are on the way to change the pf-maint.pl script to add the way to patch the go binary. Regards Fabrice Le 2018-05-03 à 05:39, Cristian Mammoli via PacketFence-users a écrit : Before 8.0 I simply run addons/pf-maint.pl, applied the patches and restarted the services How

Re: [PacketFence-users] Problem with Fingerbank Gui

Hello Tobias, it looks that your fingerbank db is corrupted, try to reinstall fingerbank: yum reinstall fingerbank --enablerepo=packetfence Regards Fabrice Le 2018-05-03 à 02:26, Meiser Tobias via PacketFence-users a écrit : Hello, we have updated our ZEN to PF 8.0 last week. Since then

Re: [PacketFence-users] Portal fqdn resolution from isolation and registration vlan

/resolv.conf     log stdout     errors } Regards C. Il 02/05/2018 18:54, Fabrice Durand via PacketFence-users ha scritto: Hello Cristian, you don't have to allow the portal ip for the registration and isolation vlan. Can you share your pf.conf and networks.conf and /usr/local/pf/var/conf/

Re: [PacketFence-users] Bandwidth statistics make no sense (Cisco 2960x)

Hello Cristian, which version are you running ? Regards Fabrice Le 2017-10-19 à 09:48, Cristian Mammoli via PacketFence-users a écrit : > Hi, I received an alert from packetfence with the following content: > > Detect  : No Antivirus software installed > > Last Session   : >     Session

Re: [PacketFence-users] Username format for portal and automatically registered devices

IOS switches but I agree this should be handled by PF. > > Il 18/10/2017 17:22, Fabrice Durand via PacketFence-users ha scritto: >> Hello Cristian, >> >> It is but because the supplicant send DOMAIN\Username and the portal use >> the sAMAccountName. >> >>

Re: [PacketFence-users] Can't download and update fingerbank DB

Hello Yan, it mean that it worked, the importation can be long, there is 5M combinations in the database. Regards Fabrice Le 2017-10-18 ?? 22:17, Yan via PacketFence-users a ??crit?0?2: > Oh 2 more tables, "dhcp_vendor" and "user_agent" appeared lately. And > there is corresponding data in

Re: [PacketFence-users] Radiusd don't start after upgarde

Hello Luca, Can you paste /usr/local/pf/raddb/auth.conf ? Regards Fabrice Le 2017-10-19 à 10:28, Luca Messori via PacketFence-users a écrit : > >   > > Hi, > > after upgrading to PF 7.3, the Radius daemon don’t start > >   > > Running it in debug mode, I have this error: > > Thu Oct 19 14:25:27

Re: [PacketFence-users] local database authentication fail

Hello Nicolay, did you define a role and an access duration for the user ? Regards Fabrice Le 2017-10-26 à 04:09, Nicolay Rytchev via PacketFence-users a écrit : > Hello All, > > I can`t get access to the network by local Packetfence authentication > , but the authentication process is

Re: [PacketFence-users] MAC authentication

Hello Luca, when you do mac authentication, PacketFence will return access-accept but depending of the status of the device it will return the registration vlan or a prod vlan. When it return the registration vlan then the device will hit the portal to register. Regards Fabrice Le

Re: [PacketFence-users] local database authentication fail

Can you do that: bin/pftest authentication user password and give me the output Le 2017-10-26 à 09:09, Nicolay Rytchev via PacketFence-users a écrit : > Yes , I did. > > Встроенное изображение 1 > > 2017-10-26 15:00 GMT+02:00 Fabrice Durand via PacketFence-users >

Re: [PacketFence-users] Problem with Reports in PF 7.3.0

Hello Hubert, PacketFence need to have the accounting data from the switch to show you reports. Regards Fabrice Le 2017-10-26 à 03:29, Hubert Kupper via PacketFence-users a écrit : > Hello, > > I have a new PF 7.3.0 server running in production. In the REPORTS tab > only node states are

Re: [PacketFence-users] Can't select attributes after upgrade to v7.3

Hello Yan, it looks a javascript issue. Did you refresh the browser cache (ctrl + f5) ?, is there any adblock extension installed ? Regards Fabrice Le 2017-10-26 ?? 05:20, Yan via PacketFence-users a ??crit?0?2: > Hi dear users, > > My previous PF was v7.2 and I just upgrade it to v7.3 as

Re: [PacketFence-users] R: MAC authentication

ntain information which is confidential or > privileged. if you are not the intended recipient, please immediately > notify us > and destroy this message and any attachments without retaining a copy. > Any unauthorized use of this message can expose the responsabile party > to civil an

Re: [PacketFence-users] Need an advice and maybe assistance with FreeRADIUS

For me it looks that 172.19.254.2 is define twice. Can you do in /usr/local/pf/raddb: grep 172.19.254.2 * -r  Also can you try to run radiusd in debug mode and see if you can see 172.19.254.2 (radiusd -d /usr/local/pf/raddb -n auth -X) Regards Fabrice Le 2017-12-29 à 01:26, E.P. a écrit :

Re: [PacketFence-users] Need help solving a problem with vlan enforcement

Hello André, First you need to check on the switch side if the mac address of the device is in the vlan 300. Next a registration vlan is a vlan managed by PacketFence, so you need to enable dhcp on the vlan 300 and 600. Another thing i can see is that the interface enp0s8.300 (vlan 300) use the

Re: [PacketFence-users] Successfully passed 802.1x auth but no networkaccess

Hello Yan, you need to check on the PacketFence side what happen: run that (raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000) , try to connect and paste the result Also take a look in audit in packetfence gui and check for a mac address where you have the issue. Regards Fabrice Le

Re: [PacketFence-users] Assistance with nessus

gt; > > > 2018-01-10 20:50 GMT-03:00 Durand fabrice <fdur...@inverse.ca > <mailto:fdur...@inverse.ca>>: > > Hello André, > > so you have to choose nessus6 and not nessus. > > Restart > > Fabrice > > > > Le 2018-01-10 à

Re: [PacketFence-users] packetfence 7.3 configuration wizard - radius?

Hello Ivan, what you can do is the following: /usr/local/pf/bin/pfcmd service radiusd generateconfig /usr/sbin/radiusd -d /usr/local/pf/raddb  -n auth -fxx -l stdout And paste the debug if the service is not able to start. Regards Fabrice Le 2018-01-03 à 09:31, Auger, Ivan (ITS) via

Re: [PacketFence-users] Need help solving a problem with vlan enforcement

"useStrongerSecret" > exit               > radius-server host auth 172.16.0.2 > name "PacketFence" > usage 802.1x       > key "useStrongerSecret" > exit               > !                  > interface Gi1/0/11 > switc

Re: [PacketFence-users] packetfence 7.3 configuration wizard - radius?

secret = <<< secret >>> > >     nas_type = "other" > >     proto = "*" > >   limit { > >     max_connections = 16 > >     lifetime = 0 > >     idle_timeout = 30 > >   } > > } > > cl

Re: [PacketFence-users] Re： Successfully passed 802.1x auth but nonetworkaccess

Hello Yan, i checked the logs and all looks to be ok, 802.1x authentication works correctly. What i can imagine that you maybe lost the connection between PacketFence and the AP/Controller or maybe a cache on the AP/Controller. What you can do to check that is to install netdata on the

Re: [PacketFence-users] Device authentication with client TLS certificate issued by PKI

Hello Eugene, you probably need to import the CA certificate or uncheck verify server certificate in your supplicant config. Regards Fabrice Le 2018-01-10 à 03:57, E.P. via PacketFence-users a écrit : > > And here comes the culmination of my saga with PKI ;) > > Actually, I was slowly going

Re: [PacketFence-users] Assistance with nessus

Hello André, what is the version of nessus ? Regards Fabrice Le 2018-01-10 à 15:59, André Scrivener via PacketFence-users a écrit : > Hey guys! > > > I'm enabling nessus to scan hosts, but I'm trying out these logs below: > > > Jan 10 18:33:25 packetfence pfqueue: pfqueue(12693) INFO: >

Re: [PacketFence-users] Device authentication with client TLS certificate issued by PKI

alidating server certificate, same results, > reason - eap_tls: SSL says error 20 : unable to get local issuer > certificate > >   > > Eugene > >   > > *From:*Fabrice Durand via PacketFence-users > [mailto:packetfence-users@lists.sourceforge.net] > *Sent:* Wedne

Re: [PacketFence-users] PKI installation

Hello Eugene, Le 2018-01-09 à 03:01, E.P. a écrit : > > Couple of questions on PKI, Fabfice > >   > > 1.   How would I change the password for admin user in PKI. The > “User Management” section gives me the option of editing the admin > user but I can’t see the password change option > >   >

Re: [PacketFence-users] Assistance with AD dot1x

Hello All, just to clarify some points. First realmd can't be used because we have to use ntlm_auth in Freeradius to authenticate user for eap/peap mschap v2. Next, Configuration → Policies and Access Control → Domains → Active Directory Domains – Add Domain is only to join the machine to a

Re: [PacketFence-users] R: no httpd portal in a Cluster

t; ip=172.27.17.3 > type=management,high-availability > mask=255.255.255.0 > > [pfnac03 interface ens192.2445] > enforcement=vlan > ip=10.255.20.10 > type=internal > mask=255.255.255.0 > > [pfnac03 interface ens192.2446] > enforcement=vlan > ip=10.255.30.10 > ty

Re: [PacketFence-users] R: R: no httpd portal in a Cluster

e?  > > Luca > > > > *Da:* Fabrice Durand <fdur...@inverse.ca> > *Inviato:* lunedì 15 gennaio 2018 15:10 > *A:* luca comes; Fabrice Durand via PacketFence-users > *Oggetto:* Re: R: [PacketFence-users] no httpd portal in a Cluster >

Re: [PacketFence-users] Re： Successfully passed 802.1x auth but no network access

Hello Yan, does AD1 and AD2 are the same ? (same domain/users ...) Regards Fabrice Le 2018-01-15 ?? 00:41, Yan a ??crit?0?2: > Hi Durand, > > I installed a netdata in my pf server and not found any network issue > yet(I'm learning to use it). But there is another case I'm not sure if > it is

Re: [PacketFence-users] Successfully passed 802.1x auth but no network access

Hello Yan, sorry for the delay. So why don't you joined pf2 to ad2 , i think it will be simpler and probably fix your issue. Regards Fabrice ?0?2 Le 2018-01-15 ?? 11:17, Yan a ??crit?0?2: > > Yes. They have the same domain/users but on different servers. Both of > them can authenticate our

Re: [PacketFence-users] Successfully passed 802.1x auth but nonetwork access

Hello Yan, in Freeradius if you want to authenticate a user with 802.1x peap/mschapv2 then you need to use ntlm_auth and you need to join the domain to the active directory. (http://deployingradius.com/documents/protocols/compatibility.html) I don't know exactly how they do with acs but i

Re: [PacketFence-users] PKI provisioning configuration for Apple OS/iOS

Hello Eugene, Le 2018-01-13 à 02:59, E.P. via PacketFence-users a écrit : > > Folks, > > Our two big shots in the organization live their lives with Apple > macbooks and we need to get them on the secure WiFi. > > Can someone explain me where and how to get the content of > certificates that are

Re: [PacketFence-users] no httpd portal in a Cluster

Hello Lucas, can i have the cluster.conf file ? Regards Fabrice Le 2018-01-15 à 05:10, luca comes via PacketFence-users a écrit : > > Hi all, > > I've successfully migrated a single node infrastructure to a full 3 > node cluster, all things has gone well but I have only one problem. > After

Re: [PacketFence-users] Number of devices to connect to the network

Hello Eugene, this is exactly where you have to control that. So just set a limit on the roles where you want to limit the number of devices per users. Regards Fabrice Le 2018-01-16 à 02:01, E.P. via PacketFence-users a écrit : > > It sounds close to the number of devices/nodes a user can

Re: [PacketFence-users] pf with ruckus smartzone not working for me

Hello Barry, when the error happen , is it when you try to do web-auth or out of band ? (if you have the httpd.portal.access lines when you hit the portal) Because it looks that packetfence is not able to fetch your ip address. Also to reevaluate an access on Ruckus SmartZone packetfence use

Re: [PacketFence-users] PKI provisioning configuration for Apple OS/iOS

t;   > > *From:*Fabrice Durand via PacketFence-users > [mailto:packetfence-users@lists.sourceforge.net] > *Sent:* Monday, January 15, 2018 6:01 AM > *To:* packetfence-users@lists.sourceforge.net > *Cc:* Fabrice Durand > *Subject:* Re: [PacketFence-users] PKI provisioning conf

Re: [PacketFence-users] Number of registered devices notification

Hello Raphael, can you try that: in /usr/local/pf/ patch -p1 --dry-run < status.diff and if there is no error: patch -p1 < status.diff and restart packetfence. Let me know if it works, i will push it in the main code. Regards Fabrice Le 2018-01-15 à 18:01, Raphael Dias via

Re: [PacketFence-users] firewalling for inline on the packetfence server

Hello, you can play with iptables.conf in the conf directory in order to add your custom rules. Regards Fabrice Le 2018-01-15 à 11:18, lists via PacketFence-users a écrit : > Hi, > > We're using packetfence in inline modus for our wifi (10.10.10.0/24) > segment. The external packetfence

Re: [PacketFence-users] Number of devices to connect to the network

gt; > Then, the end-user just connects to SSID, authenticates and gets > on the network. How would I assign the user to the “staff” role? > > Is this where provisioners come to help ? > >   > > Eugene > >   > > *From:*Fabrice

Re: [PacketFence-users] Number of devices to connect to the network

  > > Le 2018-01-17 à 01:07, E.P. a écrit : > > Great! > > That confirms my train of thought. But it is still not > clear to me how will it affect the user that authenticates > against AD. > > Yes, I h

Re: [PacketFence-users] NULL realm

Hello Eugene, in fact the REALM is used in 2 cases, if you add the option STRIP in the realm config and restart radius then you will see that radius will strip it. When you assign a REALM to a domain then if the realm match then it will use the domain you define (options.bc.ca -> use AD OPTIONS)

Re: [PacketFence-users] Problem getting Radius MacAuth to work.

Le 2018-01-25 à 05:41, Schenkelberg, Martin via PacketFence-users a écrit : > > Hello all, i hope you can give me a hint of what im doing wrong. > >   > > We are evaluating to use PacketFence 7.3.0 Zen to authenticate users > connecting to our lan and wifi infrastructure and to assign them the >

Re: [PacketFence-users] Problem with Certificates

Hello Hubert, it will be cat server.crt intermediate1.cert intermediate2.crt server.key > server.pem Regards Fabrice Le 2018-01-25 à 08:40, Hubert Kupper via PacketFence-users a écrit : > Hello Fabrice, > > thanks. I did: cat server.crt server.key > server.pem. Now packetfence > starts and the

Re: [PacketFence-users] Re： Image broken in PF status dashboard

yum update libdrm is suppose to fix the issue. Le 2018-01-25 ?? 09:00, Yan a ??crit?0?2: > Hi Fabrice, > It seems to be the same issue you said. The error is as below. I run > "yum?0?2--exclude=collectd*?0?2update" but the image is still broken. Is > there any other way to fix it ? > > Python

Re: [PacketFence-users] Read Only Unregistered Nodes

Hello Jeremy, i am not sure to understand , you mix device role and administration access that is completely different. Regards Fabrice Le 2018-01-25 à 08:48, Jeremy Plumley via PacketFence-users a écrit : > > Wanted to follow up on this and see if there is a way to add “no role” > access so I

Re: [PacketFence-users] Read Only Unregistered Nodes

ns to a handful of roles. Hope > that makes more since. > >   > > Jeremy Plumley > > ITS Network Administrator > > Ext 50024 > >   > > *From:*Fabrice Durand via PacketFence-users > [mailto:packetfence-users@lists.sourceforge.net] > *Sent:* Thursday, Jan

Re: [PacketFence-users] Packetfence Authentication Issue.

Hello Rana, In fact you need first to choose clear text ot mschap to store the local user password (it's bcrypt by default). Next if it still not working then run radius in debug mode and send me the debug. Regards Fabrice Le 2018-01-30 à 09:28, Rana, Vijaykumar via PacketFence-users a

Re: [PacketFence-users] Packetfence 7.4

Hello Will, this is a limitation of your OS, https://www.cyberciti.biz/faq/linux-increase-the-maximum-number-of-open-files/ Regards Fabrice Le 2018-01-30 à 09:19, Will Halsall via PacketFence-users a écrit : > > Hi Folks, > >   > >   > > I just noticed these errors reported in our logs. I am

Re: [PacketFence-users] packetfence 7.4 + Authentication Sources

Hello Will, yes i saw that on my setup and we will push a fix in the maintenance. Regards Fabrice Le 2018-01-31 à 08:00, Will Halsall via PacketFence-users a écrit : > > Hi Folks, > >   > > Adding an Associated Realms to any of my Authentication Sources causes > the test connection to fail

Re: [PacketFence-users] All authentication failed with error "No EAPsession matching state xxxx"

Hello Yan, Le 2018-01-31 ?? 00:28, Yan a ??crit?0?2: > > Hi dear users, > > After a whole night??s analysis, we found it??s pf that takes too much > time processing authentication request if the QPS is too high and > hangs all radius requests later and then Aruba AC meets the radius > timeout

Re: [PacketFence-users] R: R: R: No client IP update in cluster

Hello Luca, dhcp is udp traffic so it's not really easy to load balance. Btw there is a pull request on github for that: https://github.com/inverse-inc/packetfence/pull/2887 Regards Fabrice Le 2018-01-31 à 03:40, luca comes via PacketFence-users a écrit : > Hi Fabrice, > I checked and

Re: [PacketFence-users] PFCMD Violation ADD & TRIGGER Clarification

Hello Scott, it looks a bug in PacketFence, can you open an issue on github ? https://github.com/inverse-inc/packetfence Regards Fabrice Le 2018-02-01 à 15:05, Scott Bodeen via PacketFence-users a écrit : > Hello all, > > I've spent a good part of the day looking through the PF manuals and >

Re: [PacketFence-users] users stay in registration VLAN after authentication success

Hello Tom, sorry, this is a really busy period. What we can try to find the issue is to put the log in debug, since it looks that is on the portal that you have the issue we can try it first. So in conf/log.conf.d/httpd.portal.conf , replace INFO per TRACE (2nd line) and restart the portal.

Re: [PacketFence-users] Restarting swicthports errors

Hello, the issue is open on github https://github.com/inverse-inc/packetfence/issues/2923 Regards Fabrice Le 2018-02-02 à 10:43, David Harvey via PacketFence-users a écrit : > Sorry for all the mailing list spam. I've been having a bit of a > packetfence tinkering week! > > Since upgrading

Re: [PacketFence-users] PKI installation

Hello Eugene, can you try that: sqlite3 db.sqlite3 UPDATE "auth_user" set password='pbkdf2_sha256$2$Z2Lhr1cW8QM0$mN9PtNhxneIDzApqFa4uG8V44IXqHe+r7yootSoSzJQ=' where username='admin'; the password is p@ck3tf3nc3 Regards Fabrice Le 2018-02-03 à 01:31, E.P. a écrit : > > Hi Fabrice, > >

Re: [PacketFence-users] Radius Filter

Hello John, something like that in the vlan filters should work: [ssid] filter = ssid operator = is value = OPENSSID [role] filter = node_info.category operator = match value = SOMEROLE [1:ssid] scope = RegisteredRole role = REJECT Regards Fabrice Le 2018-02-06 à 08:46, John Sayce via

Re: [PacketFence-users] Access to PF captive portal is blocked

Hello Eugene, yes you can, just add portal to the management interface. Regards Fabrice Le 2018-02-19 à 02:13, E.P. a écrit : > > I think it is slowly coming to me, Fabrice. > > My PF is pure for RADIUS enforcement and PF has only one IP address of > management type. > > Now if I want

Re: [PacketFence-users] OMAPI.pm errors

Hum if it's a cluster then omapi will not work on one of them (dhcpd only run on 2 of the 3 servers). What you can do is just to disable omapi. Regards Fabrice Le 2017-12-20 à 05:12, Luís Torres via PacketFence-users a écrit : > > I didnt..., and yes its a cluster. > > Should I use in all

Re: [PacketFence-users] Need an advice and maybe assistance with FreeRADIUS

t;> >>>> Just a thought, but can you change the deauthentication method to >>>> HTTPS and specify the UniFi controller IP? See my setup below: >>>> >>>>   >>>> >>>> https://i.imgsafe.org/0c/0cff2c7f19.png >>>> >>

Re: [PacketFence-users] Need help solving a problem with vlan enforcement

vlan 3 >> name "Isolation" >> exit >> vlan 4 >> name "Mac detection" >> exit >> vlan 5 >> name "Guest" >> exit >> vlan 100 >> na

Re: [PacketFence-users] Need an advice and maybe assistance with FreeRADIUS

bb5eafe.png > > https://i.imgsafe.org/05/05bbd86ab4.png > >   > > Also please make sure you have the latest UniFi AP and controller > firmware as they were just updated a few days ago.  > >   > > See my earlier post on the PacketFence-User

Re: [PacketFence-users] Aruba Switch Network Configuration

Hello Jeremy, do you have any documentation related to the support of the VoIP on the Aruba switch ? There is probably a vsa attribute to return when PacketFence detect that a phone is plugged on a switch port. If the vsa exist then it will be easy to add the VoIP support for the Aruba

Re: [PacketFence-users] Packetfence-pki restore/ovewrite admin password

Hello, what you can do is to connect in the sqlite db and update the password. sqlite3 db.sqlite3 UPDATE "auth_user" set password='pbkdf2_sha256$2$Z2Lhr1cW8QM0$mN9PtNhxneIDzApqFa4uG8V44IXqHe+r7yootSoSzJQ=' where username='admin'; the password is p@ck3tf3nc3 Regards Fabrice Le

Re: [PacketFence-users] PKI installation

Just for information, i uploaded a new version of the packetfence-pki for centos7 who fix all the install issues. Regards Fabrice Le 2017-12-12 à 23:58, E.P. a écrit : > > Well, I’m taking my hat off in front of you, no kidding and pun > intended ;) > > Do you need traceback from the error

Re: [PacketFence-users] 802.1x auth and local auth too?

Hello Steve, packetfence-local-auth {     packetfence-set-tenant-id     # Disable ntlm_auth (Active DIrectory)     update control {     := No     }     # Check password table for local user     pflocal     if (fail || notfound || noop) {     # Check password table with email and

Re: [PacketFence-users] Feedback

Hello Richard, it's what PacketFence does by default. You just need to enable mac-auth on the switch, create registration and isolation vlan and span them on all your switches. After that add the radius server in all your switches and you should be good. Regards Fabrice Le 2018-08-16

Re: [PacketFence-users] Expiration time after first login

Hello František, no it's not possible right now in PacketFence. Regards Fabrice Le 2018-08-16 à 07:42, František Gössel via PacketFence-users a écrit : Hi, I'm wondering if it is possible to setup expiration time after first login for user accounts. Thank you in advance. Best regards,

Re: [PacketFence-users] Hi Fabrice

Pf is running under lxc ? Le 2018-08-15 à 21:51, Maile Halatuituia via PacketFence-users a écrit : I try to restart my server and now I got this after finding that I no longer access to it through the web interface root@LXCPF:/usr/local/pf/logs# systemctl status

Re: [PacketFence-users] Zombie home_server

Hello Bebbet, you can disable the eduroam test by unchecking monitor in the authentication source. Also you can ask for sponsored development to have the way to define username to use to test eduroam. (https://packetfence.org/support.html#/commercial) Regards Fabrice Le 2018-07-23 à

Re: [PacketFence-users] cisco WLC

Hi, yes Regards Fabrice Le 2018-07-23 à 01:54, Advancedata Network via PacketFence-users a écrit : Hi, Do packetfence support cisco WLC? Sent from Mail for Windows 10

Re: [PacketFence-users] Problem with WMI

Hello Xavier, first you need to forward a copy of the production dhcp traffic to the PacketFence management interface (it's mandatory and this will trigger the scan). After if it still doesn't work then create a connection profile with a filter based on the network (cird format

Re: [PacketFence-users] auto-registration of node failed max nodes per pid met or exceeded

So this is your issue , you need to have a rule that return a role for this username (a sort of catch all rule if you don't have any). Regards Fabrice Le 2018-07-23 à 03:18, Pizu a écrit : Hi, Thanks for your reply and sorry for not sending before. The role that is assigned to the users

Re: [PacketFence-users] Radius authentication failing

Hello Ali, you need to paste the raddebug output. raddebug /usr/local/pf/var/run/radiusd.sock -t 3000 Regards Fabrice Le 2018-07-19 à 02:43, Amjad Ali via PacketFence-users a écrit : Hi everyone, I have setup a packetfence server in lab environment with just one switch from edge core

Re: [PacketFence-users] users stay in registration VLAN after authentication success

Hello Tom, there : https://pf_mgmt:1443/admin/configuration#configuration/main/advanced Regards Fabrice Le 2018-01-20 à 19:03, tom lo a écrit : > Hi Durand, > > What change should I make on PF to "disable update locationlog on accounting"? > > > Regards, > Tom > > On Sun, Jan 21, 2018 at 4:31

Re: [PacketFence-users] [Packetfence] AD authentication with FreeRadius: "reading winbind reply failed!"

Hello Eugene, Le 2018-03-06 à 22:33, E.P. a écrit : > > Hi Jimmy and Fabrice, > > I would like to report the same experience. I have a realm > (OPTIONS-AD-REALM) and it is associated with the AD domain > (optionsad), i.e. > >   > > [OPTIONS-AD-REALM] > > domain=optionsad > > options=strip > >  

Re: [PacketFence-users] No roles assignment and no rules matching in the authentication source

Hello Eugene, i suppose you apply the PR 2735 on github. I have push 2 new commits so can you try to apply them and make another try ? curl https://github.com/inverse-inc/packetfence/pull/2735/commits/1eef967ad1ee589136a097166c440cb30107ddfb.diff | patch -p1 curl

Re: [PacketFence-users] Unknown Switch - Rejected User

Do you have a complete radius request ? because this one is just to test the if the radius server is still alive. Regards Fabrice Le 2018-03-07 à 11:42, ebrar via PacketFence-users a écrit : > > Hi Fabrice, > > But it doesn't. I'm trying to solve the problem for hours but could > not find

Re: [PacketFence-users] [Packetfence] AD authentication with FreeRadius: "reading winbind reply failed!"

Ok can you send me a complete radius request ? (raddebug -f var/run/radiusd.sock -t 3000) Regards Fabrice Le 2018-03-07 à 02:04, Jimmy Claes via PacketFence-users a écrit : > > Hello Fabrice > >   > > Realms are already created and associated with the AD. > >   > >   > > Regards > > Jimmy > >

Re: [PacketFence-users] Using Hostapd 17.01.4 with WISPr and a Captive Portal on PF 7.4.0

Hello Ian, if you can do a pull request on github with this change then it will be integrate to PacketFence for the next release. And also thank for the support :-) Regards Fabrice Le 2018-03-07 à 17:08, Ian MacDonald via PacketFence-users a écrit : > Below is a quick addendum to the

Re: [PacketFence-users] [Packetfence] AD authentication with FreeRadius: "reading winbind reply failed!"

A radius request in debug mode please. cd /usr/local/pf raddebug -f var/run/radiusd.sock -t 3000 Regards Fabrice Le 2018-03-08 à 00:39, E.P. a écrit : > > Good morning, Fabrice, > > I ran chroot /chroots/optionsad wbinfo -u and received the output of > all users and groups from AD where

Re: [PacketFence-users] [Packetfence] AD authentication with FreeRadius: "reading winbind reply failed!"

fdur...@mail.inverse.ca:143/fetch%3EUID%3E/PacketFence%20Users%20List%3E24241?header=quotebody=1.1.2=image001.png > >   > > Regards > > Jimmy > >   > > *Van:*Fabrice Durand via PacketFence-users > [mailto:packetfence-users@lists.sourceforge.net] > *Ver

Re: [PacketFence-users] No roles assignment and no rules matching in the authentication source

f' > >     [ > <=>        >            > > ] 831 --.-K/s   in 0s  > > 2018-03-08 05:45:35 (59.3 MB/s) -

Re: [PacketFence-users] Captive Portal Facebook redirection e Apple iOS 11+

Hello Fabricio, you will need to take a capture of the dns traffic of the Iphone and check when you try to register on facebook if one of the answer of the dns is the ip address of the captive portal. If it's the case then you will need to adapt the passthrough. Regards Fabrice Le

Re: [PacketFence-users] No roles assignment and no rules matching in the authentication source

67ad1ee589136a097166c440cb30107ddfb.diff > > Reusing existing connection to github.com:443. > > HTTP request sent, awaiting response... 200 OK > > Length: unspecified [text/plain] > > Saving to: '1eef967ad1ee589136a097166c440cb30107ddfb.diff' > >

Re: [PacketFence-users] [Packetfence] AD authentication with FreeRadius: "reading winbind reply failed!"

file, radius-request2 shows the session when I added a > named realm, i.e. > >   > > [OPTIONS-AD-REALM] > > domain=optionsad > > options=strip > >   > > Eugene > >   > > *From:*Fabrice Durand via PacketFence-users > [mailto:packetfence-users@li

Re: [PacketFence-users] [Packetfence] AD authentication with FreeRadius: "reading winbind reply failed!"

lm > >   > > [DEFAULT] > > domain=optionsad > > options=strip > >   > > And the second file, radius-request2 shows the session when I > added a named realm, i.e. > >   > > [OPTIONS-AD-REALM] > >

Re: [PacketFence-users] [Packetfence] AD authentication with FreeRadius: "reading winbind reply failed!"

do a: ps -edf|grep radius and paste me the result. Regards Fabrice Le 2018-03-09 à 08:46, Jimmy Claes via PacketFence-users a écrit : > > Hello Fabrice > >   > > Packetfence radius server is running: > >   > > Regards > > Jimmy > >   >

Re: [PacketFence-users] Bind PacketFence to Active Directory

Hello Xav, When you say bind , you mean join PacketFence to the domain ? Also what is your management interface and what is returned by : ip route get 192.168.6.200 Regards Fabrice Le 2018-04-18 à 03:39, Xav Tauran via PacketFence-users a écrit : > Hello,  > > I made a mock-up to set up

Re: [PacketFence-users] Problem with Samba 4 authentication

Hello Jeimerson, can you run: raddebug -f /usr/local/pf/var/run/radius.sock -t 3000 and paste the result when you try to connect. Regards Fabrice Le 2018-04-12 à 04:56, Jeimerson C. Chaves via PacketFence-users a écrit : > Hello everyone, I'm having problem with authentication, using Samba

Re: [PacketFence-users] LDAP Source Problem

Hello Nathan, does the LDAP server have the password in clear text or in nthash format ? If it's not the case then it will not work but if it's the case then it will be similar than an freeradius edirectory configuration. Regards Fabrice Le 2018-04-06 à 10:35, Nathan, Josh via

Re: [PacketFence-users] unable to process payments

Hello Dave, you have to enable the passthrough in Packetfence in order to allow your device in the registration vlan to reach the authorize.net web site. Regards Fabrice Le 2018-04-12 à 14:10, Dave Walsh via PacketFence-users a écrit : > Hello, > > I am running version 7.4.0 and I am unable

Re: [PacketFence-users] Do not see login screen after I accept the terms

Hello Ebrar, what is the root portal module you use on your connection profile ? And if it's the default what are the sources you defined ? Regards Fabrice Le 2018-02-23 à 03:22, EbrarLeblebici via PacketFence-users a écrit : > Hey All, > > I coud not see login page after I accept the terms

<    1   2   3   4   5   6   7   >