Re: [PacketFence-users] Multiple endpoints behind a single switchport

> dwuelfr...@inverse.ca > Inverse inc. :: Leaders behind SOGo (www.sogo.nu), PacketFence ( > www.packetfence.org) and Fingerbank (www.fingerbank.org) > > On Jun 16, 2017, at 16:14, Max McGrath via PacketFence-users < > packetfence-users@lists.sourceforge.net> wrote: > > He

[PacketFence-users] Utilize Google SMTP servers for guest access emails

Hello - We have a lot of guests at our site right now and it appears that a lot of times when someone registers as a guest with the email-registration option -- the email ends up being sent, but it goes to their spam and the user never sees it. Being a Google Apps organization, it would be nice

[PacketFence-users] PacketFence PKI

Is anybody currently using PacketFence's PKI? I'm curious how well it works and what the work flow for the end user looks like. Thanks! Max -- Max McGrath Network Administrator Carthage College 262-551- mmcgr...@carthage.edu

[PacketFence-users] Node history table sponsorship

Hello! Looking through the PacketFence repository on GitHub, I stumbled upon a feature that would be very useful to me -- and I'm sure to others as well! The feature is a 'node history table' for PacketFence -- https://github.com/inverse-inc/packetfence/issues/2654. It is currently listed under

[PacketFence-users] Administration Guide?

Hi all - Just wondering where the Administration Guide has gone...? It used to be on packetfence.org under Documentation... Thanks! Max -- Check out the vibrant tech community on one of the world's most engaging tech

Re: [PacketFence-users] Is this mailing list active ?

Yes, it is active. Just quiet for the holidays. -- Max McGrath Infrastructure and Security Manager Carthage College 262-551- mmcgr...@carthage.edu On Thu, Dec 28, 2017 at 12:51 AM, E.P. via PacketFence-users <

[PacketFence-users] Allowing access to Google reCaptcha

Hello - We have configured a passthrough domain to our password changer. This is so when people are registering their devices at the captive portal, but can't register due to a forgotten password, they might have a chance to reset their password and successfully register. However, our password

Re: [PacketFence-users] Allowing access to Google reCaptcha

> > Fabrice > > > > Le 2018-08-10 à 17:54, Max McGrath via PacketFence-users a écrit : > > Hello - > > We have configured a passthrough domain to our password changer. This is > so when people are registering their devices at the captive portal, but > can't regi

Re: [PacketFence-users] Switch Login Access for HPE ProCurve (Aruba)

gt; >> >> >> On Mon, Aug 13, 2018 at 12:49 AM, Meiser Tobias via PacketFence-users < >> packetfence-users@lists.sourceforge.net> wrote: >> >> Hi Max, >> >> >> >> have you tried switch type aruba 5400 ? This should work as mentioned >>

Re: [PacketFence-users] Switch Login Access for HPE ProCurve (Aruba)

ght > switch type. > > > > Best Regards > > Tobias > > > > *Von:* Max McGrath via PacketFence-users sourceforge.net> > *Gesendet:* Freitag, 10. August 2018 04:55 > *An:* ML PF > *Cc:* Max McGrath > *Betreff:* [PacketFence-users] Switch Login Access for H

Re: [PacketFence-users] Switch Login Access for HPE ProCurve (Aruba)

M, Meiser Tobias via PacketFence-users < > packetfence-users@lists.sourceforge.net> wrote: > > Hi Max, > > > > have you tried switch type aruba 5400 ? This should work as mentioned > here, https://github.com/inverse-inc/packetfence/pull/2965/commits/ > 0e89087feb18e38

[PacketFence-users] Switch Login Access for HPE ProCurve (Aruba)

Hello - I'm interested in the switch login access feature from PacketFence. I see that only Cisco is currently supported. Is it possible this feature will support HPE ProCurve (Aruba OS) in the future? Thanks! Max --

[PacketFence-users] Fingerbank accuracy

Hi all - I have a student trying to register a device via the /device-registration page, but is unable to. The device is showing up as 'Hardware Manufacturer' for its class and 'Private' for its type: [image: image.png] This is clearly not very accurate. For the time being I have allowed

[PacketFence-users] Updating CentOS

I feel like I should know the answer to this, but I don't... Is it generally safe to do a *yum update* on CentOS running PF and accepting all of the available updates? Or should I stay away from updating anything in particular?

[PacketFence-users] Alerting Recipient -- more than one address?

Hi all - Under *Configuration --> System Configuration --> Alerting* I've had one address for many years. I now need to have multiple addresses there. After entering a second address and saving it, early tests show that it might not be functioning appropriately. Does this field allow multiple

Re: [PacketFence-users] Alerting Recipient -- more than one address?

Aug 28, 2018 at 4:30 PM Nicolas Quiniou-Briand via PacketFence-users wrote: > Hi Max, > > On 2018-08-28 10:56 AM, Max McGrath via PacketFence-users wrote: > > Does this field allow multiple addresses? > > I look at the code. The field allow multiple addresses separate by

Re: [PacketFence-users] Alerting Recipient -- more than one address?

Perfect. Thank you! Max -- Max McGrath Infrastructure and Security Manager Carthage College 262-551- mmcgr...@carthage.edu On Wed, Aug 29, 2018 at 8:04 AM Nicolas Quiniou-Briand wrote: > Hello Max, > > On 2018-08-28 05:55 PM, Max McGrath

[PacketFence-users] Custom reports

Hi all - I'm trying to make a custom report to show all devices that have an empty unreg date. My custom report shows up under Reports but when I click it I get the 'error contacting server' error. This is what I've tried in my report.conf so far: [node] description=Nodes with no Unreg date #

Re: [PacketFence-users] Vlan Pooling Question

Peter - What NAC system are you replacing with PacketFence and why? Just curious... We've been happy PacketFence users for the last 5 years. On Jan 16, 2018 1:45 PM, "Truax, Peter via PacketFence-users" < packetfence-users@lists.sourceforge.net> wrote: > Hello everyone, > > > > We are

Re: [PacketFence-users] Re： How to bypass authentication when pfservice down ?

Fabrice - How can I check what my current monit configuration looks like (i.e., who it is currently set to send to and which configurations have been chosen)? Thanks! Max -- Max McGrath Infrastructure and Security Manager Carthage College

[PacketFence-users] Max Nodes Per User

Hello - I'm curious if there is a way to limit the max number of nodes by username? I know you can currently do it per role, but I have a lot of roles and a user may receive multiple roles on any number of devices. Thanks! Max -- Max McGrath

[PacketFence-users] Load testing PacketFence

Hello - I'm curious if there are any known ways to do load testing on PacketFence? We typically upgrade PacketFence during a break when no classes are in session, and the first actual load against PF is when students return. If there are issues with our PF instance it goes unnoticed until

Re: [PacketFence-users] Load testing PacketFence

udovic Marcotte via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > Hello Max, > > On 2018-03-20 10:52 AM, Max McGrath via PacketFence-users wrote: > >> I'm curious if there are any known ways to do load testing on PacketFence? >> >> We typical

Re: [PacketFence-users] [External] Connecting Google Home mini to my open network

run a radius debug to see exactly what is > happening when you try to connect. > > > > *Peter Truax* > > *Network Administrator* > > (360) 688-2240 > > Saint Martin’s University > > 5000 Abbey Way E > > Lacey, WA 98503 > > > > > > *From:* Max McGra

Re: [PacketFence-users] Custom reports

Thanks! My report works now! :) Max -- Max McGrath Infrastructure and Security Manager Carthage College 262-551- mmcgr...@carthage.edu On Fri, Sep 14, 2018 at 1:59 PM Nicolas Quiniou-Briand wrote: > Hello Max, > > On 2018-09-12 09:30 AM,

Re: [PacketFence-users] Custom reports

Thanks Nicolas - This is what it looks like now, but I still get the error: [node] description=Nodes with no Unreg date # The table to search from base_table=node # The columns to select columns=node.mac,node.pid,node.regdate,node.unregdate # The field that should be used for date ranges

Re: [PacketFence-users] Custom reports

Also, just in case you still want it. I would typically run something like this in SQL: select mac,pid,regdate,unregdate from node where regdate > '2010-01-01 00:00:01' and unregdate IS NULL and pid <> 'admin' and pid <> 'default' and pid <> '1'; Max -- Max McGrath

[PacketFence-users] NTLM Caching

Hello! I'm working on setting up NTLM Caching in order to optimize my PF setup even more. I've followed all instructions here -- https://packetfence.org/doc/PacketFence_Installation_Guide.html#_ntlm_authentication_caching -- however, all my attempts to start caching have failed. All of my

Re: [PacketFence-users] Graphs not populating

Thanks Nicolas. I believe I may have only restarted the Netdata service on my first node...and not my other two. I eventfully restarted Netdata on all three nodes and the graphs populated about 16 hours later... Max -- Max McGrath

Re: [PacketFence-users] Odd Fingerbank profile

Thanks Nicolas. I did. Based on the owner (one of our computer techs) my best guess is that it is a MacBook Pro running Windows in boot camp or something like that. Thanks! Max -- Max McGrath Infrastructure and Security Manager Carthage

[PacketFence-users] Odd Fingerbank profile

Hi all - I came across a node today with an odd fingerbank profile: [image: image.png] I've never seen this before. Apple is listed as the Device Manufacturer but it has a type and class of Windows (and a score of 73). Anybody else seen one like this before? Max -- Max McGrath

[PacketFence-users] NAC bypass

Hello - I've been looking into NAC Bypass lately and came across the following: *Most defensive tools exclusively look at IPv4 addresses. Forcing traffic over IPv6 yields a high chance you will go undetected and be unchallenged.* Would this be true in PacketFence, or would it depend on my

[PacketFence-users] Bypass VLANs

Hello - I've been running PacketFence for quite sometime (since 2013) -- and I feel like I should know the answer to this question, but I just don't! What are bypass VLANs and Roles for? Specifically, what is a scenario where one would use a bypass VLAN or role? Thanks! Max -- Max McGrath

Re: [PacketFence-users] Maintenance patches

Jake - You probably know, but you can follow the +1 (patch release) on Github -- https://github.com/inverse-inc/packetfence/milestone/20. Otherwise, what I do is run pf-maint.pl and look at what is going to be patched. Then follow the code path on Github --

[PacketFence-users] Nessus scans with PacketFence

Hi all - I'm looking to hear from anybody who is successfully performing Nessus scans via PacketFence. I'm interested to hear how well it's working for you, what settings you are using and how many endpoints you are able to scan at any given time. I am wondering about two scenarios: 1. We

Re: [PacketFence-users] Packetfence Graphs

I believe they are based on Netdata -- https://www.netdata.cloud/. Max -- Max McGrath Infrastructure and Security Manager Carthage College 262-551- mmcgr...@carthage.edu On Wed, Jan 15, 2020 at 8:47 AM Austin Lawrence via PacketFence-users

[PacketFence-users] API for Security Events

Hello - I'm curious if there is a way to trigger and clear Security Events for nodes in PacketFence? I don't see anything related to Security Events here -- https://packetfence.org/doc/api/. But I do see GitHub issues related to API and Security Events (

[PacketFence-users] Security Event templates

Hello - I've just created a new security event (in PF 9.3.0) and am looking to use a new template I've made. Within /usr/local/pf/html/captive-portal/templates/security_events, I've copied malware.html to c2.html and have modified c2.html as needed. I was expecting c2.html to be an available

Re: [PacketFence-users] Packetfence integration with Wazuh

Jean - I am triggering the built-in Malware security event (ID 200) and a custom Command-and-Control security event (ID 201). This is all done on the Security Onion master node with Elastalert. The Elastalert rules are set up to call a python script which triggers the security event via

Re: [PacketFence-users] Packetfence integration with Wazuh

Jean - I'm not sure if this fits your use case or not, but we run Security Onion (SO) and PacketFence (PF) on our network and have them work together. SO comes with the ELK stack built in. I am currently using Elastalert (part of Elasticsearch) to trigger security events in PF via its API. I

[PacketFence-users] Local users in PacketFence

Hello - Can locally created PF users be used to connect to secure SSIDs? In our testing, they can't. But perhaps we're missing something...? Thanks! Max -- Max McGrath Infrastructure and Security Manager Carthage College 262-551-

[PacketFence-users] MAC Randomisation

Hi all - I'm seeing a lot of chatter on the web and mailing lists that I'm on as it relates to MAC randomisation being adopted: https://globalreachtech.com/blog-mac-randomisation-apple/ https://support.apple.com/en-qa/HT211227 Admittedly, I don't fully understand it (though it seems pretty

Re: [PacketFence-users] Local users in PacketFence

2020, at 7:03 PM, Tomasz Karczewski OLMAN via PacketFence-users < > packetfence-users@lists.sourceforge.net> wrote: > > Yes they can. But you can use plaintext or ntlm-hash passwords only at > this moment. What EAP type are you using for dot1x? > > Oryginalna wiadomość -