Re: [PacketFence-users] Fortinet VPN Support.

Hello, Did you declare your Fortinet device as a Network Device (FortiGate) in PacketFence with CLI option enabled ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] Packetfence captive portal with external DHCP server

Hello, I recommend you to keep PacketFence as DNS and DHCP server in registration VLAN. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] Failing to authenticate

Hello, 1. Do you join your PacketFence server to an AD domain ? From my point of view, you should use an encapsulated method on supplicant side (EAP-PEAP in your case) in place of using EAP-MD5. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca

Re: [PacketFence-users] Upgrade PF 9.3 to 10.1 - recompile Netflow kernel module

Hello Chris, Try to reinstall iptables-netflow-dkms package. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] Fingerbank is not starting

Hi, Did you configure a Fingerbank API key during inital setup ? If you don't remember, take a look at /usr/local/fingerbank/conf/fingerbank.conf. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu),

Re: [PacketFence-users] Zen 10.1.0 on ESXi VM, No Initial Setup Wizard or configurator

Hello dpsguard On 20/08/2020 22:41, dpsguard-ca--- via PacketFence-users wrote: I am new to the packetfence. I downloaded and installed the latest ZEN appliance and everything went well, but when I go to https://:1443 , I was expecting to run a setup

Re: [PacketFence-users] Problem with Suricata

Hello, According to [1], you certainly need to adjust your regex defined in Syslog Parser section. [1] https://packetfence.org/doc/PacketFence_Installation_Guide.html#_suricata_ids -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. ::

Re: [PacketFence-users] Unregister user upon linkdown

Hi, On 18/08/2020 15:02, Tomasz Karczewski via PacketFence-users wrote: MAB should take care of radius accounting stop. That's not the case at the moment as described in [1]. If you enable this setting in a MAB scenario with a captive portal registration, your network device will send a

Re: [PacketFence-users] Unable to find packetfence android agent on google´s play store

Hi, On 18/08/2020 23:28, Rokkhan via PacketFence-users wrote: I am unable to find packetfence android agent on google´s play store. I have tried on different devices. Last week I did install it on a device. ¿has it been removed? It should be available now:

Re: [PacketFence-users] mab authentication

Hello, On 19/08/2020 13:14, Summons Wu via PacketFence-users wrote: The mab authentication cannot be restricted, and the mab authorization cannot be passed or rejected based on the whitelist method. How to achieve this requirement? I'm not able to understand what you mean, could you rephrase

Re: [PacketFence-users] Node deletion prohibited

Hello, On 14/08/2020 11:50, Summons Wu via PacketFence-users wrote: 70:c9:4e:dd:25:e3 has an open locationlog entry. Node deletion prohibited node/70%3Ac9%3A4e%3Add%3A25%3Ae3 If you want to delete nodes, you need to enable node_cleanup task in Configuration -> System configuration ->

Re: [PacketFence-users] Debian 10 support?

Hi David, On 15/08/2020 21:20, David Harvey via PacketFence-users wrote: Hey folks, couldn't find anything to easily track this with, just curious as to if there's an ETA on this? Nothing has been decided right now but it should come within the v10 lifecycle. Feel free to create an issue

Re: [PacketFence-users] Unregister user upon linkdown

Hi Aimen, On 17/08/2020 18:37, Aimen Asfour via PacketFence-users wrote: Hello, I began testing packetfence recently using captive portal via Ethernet-NoEAP and RADIUS authentication and I was wondering if it’s possible to unregister a user as soon as they are physically disconnected from

Re: [PacketFence-users] Understanding error message after joining domain

Hi Neal, On 17/08/2020 19:16, 'van Rooij Neal' via PacketFence-users wrote: Join output: kerberos_kinit_password Administrator@NVAN failed: Cannot find KDC for requested realm DNS update failed: NT_STATUS_INVALID_PARAMETER Using short domain name -- NVAN Joined 'LOCALHOST' to dns domain

Re: [PacketFence-users] Device registration module is notenabled

Hello Emanuele, On 29/07/2020 16:55, Emanuele Gabrielli via PacketFence-users wrote: How may I enable the device registration module? You need to assign a self service portal policy on connection profile matched. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] Ruckus - DPSK Support

Hello, On 02/08/2020 23:18, Colton Conor via PacketFence-users wrote: Anyways, it seems the Packetfence does support Ruckus, but does packetfence support Ruckus DPSK technology? https://www.ruckuswireless.com/content/dynamic-pre-shared-key-dpsk PacketFence doesn't support DPSK for Ruckus. --

Re: [PacketFence-users] Packetfence v.10 Administration guide

Hello, Unfortunately, there is no more administration guide for PacketFence. Take a look in Installation and Cluster guides, there is some instructions related to administration. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. ::

Re: [PacketFence-users] Upgraded to 10.1.0 and Winbind stopped working.

On 10/07/2020 20:30, Robert McNutt via PacketFence-users wrote: Did an upgrade from 10.0.0 to 10.1.0 and now 802.1X auth doesn't work when using PEAP. The audit log shows error reading winbind reply. Any thoughts on what could cause this? mschap: Program returned code (1) and output 'Reading

Re: [PacketFence-users] Citrix support for authentication authorization and session recording

Hello, On 11/07/2020 15:51, Jitendra Gondaliya via PacketFence-users wrote: We are exploring packetfence for our NAC deployment and one of our core requirement is integration of Citrix with NAC for authentication, authorization and session details recording. I was looking at the features list

Re: [PacketFence-users] UPN Authentication for 802.1x

Hello, On 15/07/2020 15:55, Nick Payne via PacketFence-users wrote: Is it possible to have PacketFence authenticate by UPN instead of samAccountName? Yes, you can specify other LDAP attributes to use for authentication on your authentication source using "Search Attributes" field. --

Re: [PacketFence-users] Cisco Catalyst 9800 Wireless Controller

Hi, On 20/07/2020 09:27, Enrico Becchetti via PacketFence-users wrote: Does Packetfence work with these controllers ? I would say: if these controllers support RADIUS, PacketFence can support them. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca

Re: [PacketFence-users] R: Warning after update to 10.1.0

I opened following bug regarding your issue: https://github.com/inverse-inc/packetfence/issues/5671 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and

Re: [PacketFence-users] R: Warning after update to 10.1.0

Hello, Thanks for you report. I'm able to replicate this bug. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] Clustering Guide Sanity Check

If I was you, I will: - break the `--force-new-cluster` command - completely stop any MariaDB service - restart at this step: #v+ systemctl stop packetfence-mariadb /usr/local/pf/bin/pfcmd generatemariadbconfig /usr/local/pf/sbin/pf-mariadb --force-new-cluster #v- -- Nicolas Quiniou-Briand

Re: [PacketFence-users] R: Authentication Rules mismatch

Hello, It's simply because your first rule match and PacketFence stop at first match. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] PacketFence, UniFi and Fortigate

Hello Jeff, On 02/07/2020 20:31, Jeff Goodman via PacketFence-users wrote: I have packetfence configured for SSO and configured it to send the auth to my fortigate which is receiving the information but the username that I am receiving is the MAC Address not the username. 1. Could you share

Re: [PacketFence-users] Give users the opportunity to enter their credentials

Hello Leonardo, Could you describe why you want a wired user to be able to register using 802.1X and MAC auth at different moment ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] Machine Authentication

And don't forget to restart RADIUS services after your update your REALMS ;-) -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] R: 10.1.0 Connection profile doesnt match.

Hello Giacinto, We just fixed this issue [1]. Website will be updated ASAP. Meanwhile, you can read updated instructions on your forge [2] [1] https://github.com/inverse-inc/packetfence/issues/5621 [2]

Re: [PacketFence-users] 10.1.0 Connection profile doesnt match.

On 22/06/2020 13:44, Tomasz Karczewski wrote: I forget to use update scripts in /usr/local/pf/addons/upgrade/to-10.1 Patches applied and started to work. That's not your fault, see [1] [1] https://github.com/inverse-inc/packetfence/issues/5621 -- Nicolas Quiniou-Briand n...@inverse.ca

Re: [PacketFence-users] 10.1.0 Connection profile doesnt match.

Hi, On 22/06/2020 12:13, Tomasz Karczewski via PacketFence-users wrote: Hi, After update to 10.1.0 version my connection profiles doesnt match. Only Default is matching. Not able to reproduce on my side on a clean setup with a minimal configuration. -- Nicolas Quiniou-Briand

Re: [PacketFence-users] Print AUP

Hello, On 18/06/2020 17:12, Franklin, Adam via PacketFence-users wrote: Is anyone able to check this out? The print off slip is blank for our User Managers. It's a shame to lose this functionality that we once had with version 8 From what I see, it's more a bug than a loose of

Re: [PacketFence-users] Print AUP

Hello, On 14/05/2020 16:49, Franklin, Adam via PacketFence-users wrote: In packetfence V10 is there a way to print the AUP when creating a new user? By default, only content of html/captive-portal/templates/emails/emails-guest_local_account_creation.mjml is displayed. But you can certainly

Re: [PacketFence-users] Zero Effort NAC and VMware 7

Hi Louis, I reopened your issue [1]. Could you tell me if you got same error message than previously ? [1] https://github.com/inverse-inc/packetfence/issues/5522 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo

Re: [PacketFence-users] Zero Effort NAC and VMware 7

On 18/06/2020 15:19, Louis Scaringella wrote: Do you know when it’ll be available on the website? I’ll send it over to my client to try ASAP. It has been updated 20 minutes ago: https://packetfence.org/download.html#/zen -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140

Re: [PacketFence-users] Zero Effort NAC and VMware 7

Hello Louis, On 17/06/2020 23:20, Louis Scaringella via PacketFence-users wrote: I may install in ESXI 6.7 and then export OVA and import to VMware 7. This issue has been fixed yesterday by removing PIIX4 from OVA [1]. Could you make a try with PacketFence-ZEN 10.1.0 ? Thanks [1]

Re: [PacketFence-users] Pcketfence 10 MS-Chap does not working

Hello, On 02/05/2020 01:06, evren korkmaz via PacketFence-users wrote: If you remember, i wrote you about this issue. Fabrice helped me about this issue for pf v9.3 Solution: /cd /usr/local/pf/ /curl https://github.com/inverse-inc/packetfence/compare/feature/vpn_mschap.diff | patch -p1/

Re: [PacketFence-users] BUG in WEB GUI - Connection Profiles

Certainly related to https://github.com/inverse-inc/packetfence/issues/5458 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] API - /config/switch POST

Hello Talan, I have gone through the API documentation and I cannot see anywhere for a /config/switch as a POST request. Is there a reason behind this? Is this something that will be implemented in an upgrade? API call exists but is not documented. You can use your web browser console to

Re: [PacketFence-users] Reeavulate Access Log Warning

On 22/05/2020 16:59, Chad Jemison wrote: I get the following when using the Aruba templates May 22 10:58:08 nac pfqueue: pfqueue(13316) WARN: [mac:64:16:7f:57:cb:b8] Unable to perform RADIUS Disconnect/CoA Request: Timeout waiting for a reply from 192.168.101.30 on port 3799 at

Re: [PacketFence-users] user creation form - specify mandatory fields (admin gui)

Hello, On 25/05/2020 10:47, Schaller, Amin via PacketFence-users wrote: I'm not able to manually create a user object in the admin GUI because of the mandatory fields. If a user registers himself via captive portal, the only fields set will be "Username (PID)" (his tel nr) and "Telephone

Re: [PacketFence-users] (no subject)

Hello, On 26/05/2020 05:06, Summons Wu via PacketFence-users wrote: Hi: May I ask how to configure authorization acl in PF, the configuration document does not introduce this part of the content, please also guide, thank you. You can find an example here [1] [1]

Re: [PacketFence-users] SAML Authentication with GoogleSuite return Error

Hello, On 24/05/2020 06:54, BornTo Die via PacketFence-users wrote: Hi Nicolas,     I found that the issue maybe related to the lasso operation with idp, not from my configuration https://dev.entrouvert.org/issues/29663 . Already checked this post in the past, not sure it's related. Could

Re: [PacketFence-users] SAML Authentication with GoogleSuite return Error

According to your error message, it seems that PacketFence is not able to validate Identity Provider message [1]. I suggest you to double check your source and certificate configuration. [1]

Re: [PacketFence-users] Reeavulate Access Log Warning

Hello Chad, On 19/05/2020 17:02, Chad Jemison via PacketFence-users wrote: From troubleshooting, I am able to get the proper VOICE VLAN assignment if I use the Packetfence::Standard switch template, but some other features are not functioning on the Aruba 2930 switches I have. Which other

Re: [PacketFence-users] user creation form - specify mandatory fields (admin gui)

Hello Amin, I read you problem description but at the end I'm not able to understand what you really want to achieve with PacketFence. Could you tell us in short what you want to do with PacketFence ? Thanks. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] Reeavulate Access Log Warning

On 19/05/2020 13:50, Chad Jemison wrote: 1. What do you see in RADIUS Audit Log (RADIUS reply) when you connect a VoIP device on your switch that use Procurve_2920.pm switch template ? May 19 07:46:26 nac auth[136359]: [mac:64:16:7f:57:c6:f5] Accepted user: and returned VLAN May 19 07:46:26

Re: [PacketFence-users] Inquiry

Hello, On 12/05/2020 18:02, abel sekibaala via PacketFence-users wrote: Hello , please advise ,i have just deployed packetfence ,everything seems fine but when i connect a device to a port on which configurations are applied 1.the machine is detected in the nac server but it does not receive 

Re: [PacketFence-users] Reeavulate Access Log Warning

Hello, On 18/05/2020 17:22, Chad Jemison via PacketFence-users wrote: May 18 11:18:09 nac packetfence_httpd.aaa: httpd.aaa(2311) WARN: [mac:64:16:7f:57:c7:a3] Illegal hexadecimal digit ' ' ignored at /usr/local/pf/lib/pf/Switch/HP/Procurve_2920.pm line 57.

Re: [PacketFence-users] packet fence security event manual trigger or trigger through command line

On 18/05/2020 20:06, Jean Matar wrote: Dear Nicolas, Thank you for getting back to me regarding the matter ! would you be kind enough to explain how to use pfcmd security_event ? as Take a look at [1]. pfcmd is located in /usr/local/pf/bin/pfcmd. Try: `/usr/local/pf/bin/pfcmd

Re: [PacketFence-users] Print AUP

Hello, On 14/05/2020 16:49, Franklin, Adam via PacketFence-users wrote: In packetfence V10 is there a way to print the AUP when creating a new user? You mean having AUP printed with username/password of user when you create user(s) and click on "Preview" ? -- Nicolas Quiniou-Briand

Re: [PacketFence-users] firefox print issue

On 14/05/2020 14:17, Schimanski Tobias via PacketFence-users wrote: I’ve got an issue, if I create multiple user accounts everything works fine, but when I want to print the user list, firefox print only the first page. In Chrome or Opera the print is fine. I'm able to reproduce the issue. I

Re: [PacketFence-users] Packetfence pass auth but not assigning Role.

Hello, On 15/05/2020 18:36, Fetakungen Virtual Adventurer via PacketFence-users wrote: why does the username not match any policy for the role assignment ? According to logs provided, your machine is doing MAC Authentication (in place of 802.1X): May 15 01:31:47 RADIUS-1

Re: [PacketFence-users] packet fence security event manual trigger or trigger through command line

Hello Jean, There is several ways to trigger a security event: - using web admin: you can trigger a security event on a node using Security Event tab - using REST API [1], you can find an example here [2] - using `pfcmd security_event` on CLI - [1] https://packetfence.org/doc/api/ - [2]

Re: [PacketFence-users] Fwd: PF 10.0.0 Zen Web admin can't log in after setting timezone

Hello, You need to run this command connected to your database. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] PF10 Inactive since bug

For the record : https://github.com/inverse-inc/packetfence/issues/5386 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] PF 10.0.0 Zen Web admin can't log in after setting timezone

Hi Carey, Thanks for your report. It a bug in PacketFence, I reported it here [1]. Feel free to add comments. As a workaround after you reboot your server, you can run: #v+ UPDATE password SET valid_from = NOW() where pid='admin'\G; #v- [1]

Re: [PacketFence-users] OpenVAS - Greenbone Security Assistant

Hello, Could you describe which OpenVAS setup you have ? (GSM/GSA/GOS/GVM/GCE) -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] Packetfence iptables-restore issues and windbind domain join not working after upgrade to 10

Hello Tomasz, On 23/04/2020 11:52, Tomasz Karczewski via PacketFence-users wrote: There is missing kernel module dkms-ipt-netflow in packetfence-zen installation Solution is to reinstall module. yum reinstall dkms-ipt-netflow --enablerepo=packetfence After reinstallation iptables started

Re: [PacketFence-users] pfacct crash after update to 10.0

On 22/04/2020 14:49, Robert McNutt via PacketFence-users wrote: How do I get the patched binary, I cant find pf-maint.pl and yum update doesnt find any new packages. Robert McNutt /usr/local/pf/addons/pf-maint.pl -- Nicolas Quiniou-Briand n...@inverse.ca ::

Re: [PacketFence-users] PF 10.0.0 webadmin won't start after Upgrade

On 22/04/2020 12:44, felix13890--- via PacketFence-users wrote: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.20.5.14. Set the 'ServerName' directive globally to suppress this message This message doesn't mean that web admin is not

Re: [PacketFence-users] Packetfence iptables-restore issues and windbind domain join not working after upgrade to 10

Hello Robert, On 20/04/2020 21:47, Robert McNutt via PacketFence-users wrote: Anyine else having issues? It's certainly an issue with your kernel packages. Are you sure you followed these instructions [1] before upgrading your PacketFence packages ? [1]

Re: [PacketFence-users] pfacct crash after update to 10.0

Hello Cristian, Thanks for reporting this issue. It has been fixed in maintenance and we are uploading a new pfacct binary. When following pipeline [1] passed, you can run pf-maint.pl to get a patched pfacct. [1]

Re: [PacketFence-users] PF 10.0.0 Zen Web admin can't log in after setting timezone

Hello Carey, On 18/04/2020 04:11, Carey Pillar via PacketFence-users wrote: If I set my timezone when first configuring the new PF 10 Zen, then reboot CentOS, I cannot log back in.  Admin portal says "wasn't able to authenticate those credentials".  Nothing looks off in pf.conf compared to

Re: [PacketFence-users] SAML Authentication Failing - httpd_portal_err Could not read KeyInfo

For the record, the issue was not with Lasso 2.5.1 but with IDP certificate file on PF side that don't have: "BEGIN/END" tags. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] SAML Authentication Failing - httpd_portal_err Could not read KeyInfo

Hi Jonathan, PacketFence is shipped with lasso 2.5.1, it seems lasso 2.6 add supports for SHA256 certificates. Could you try to upgrade lasso packages to 2.6 using following procedure: #v+ # cat >> /etc/yum.repos.d/lemonldap-ng.repo << EOF [lemonldap-ng-extras] name=LemonLDAP::NG extra

Re: [PacketFence-users] Issues with logging into admin portal via AD group membership

Hello, On 03/02/2020 21:37, Christian McDonald via PacketFence-users wrote: So, I'm guessing authentication sources operate on a first-match basis? Meaning, that if I had an authentication source that matched the user but *didn't apply* an administration access level at say priority 1, any

Re: [PacketFence-users] PF 9.3.0 Clean Install / unable to assign role to a new device

On 10/02/2020 19:26, Rokkhan wrote: Let me know if it happens the same on your deployment to verify if its just my servers or a bug. When you make a manual edit in a conf file, you should run: `pfcmd configreload hard` on CLI. -- Nicolas Quiniou-Briand n...@inverse.ca ::

Re: [PacketFence-users] Packetfence Cluster, one member not authenticating clients

Hi, On 11/02/2020 09:17, Franck Rakotonindrainy via PacketFence-users wrote: but when radius (AD) authentication is send to the node I call 9-1, it never succeed 1. Did you see something interesting in packetfence.log or radius.log on 9-1 node ? 2. If you use EAP-PEAP, are you sure 9-1 is

Re: [PacketFence-users] PF 9.3.0 Clean Install / unable to assign role to a new device

Hi, You identified a bug, reported here [1]. As a workaround, you can replace id of role in portal_modules.conf by **name** of you role: #v+ actions=set_role(BYOD-Role),set_unregdate(2030-02-05) #v- [1] https://github.com/inverse-inc/packetfence/issues/5133 -- Nicolas Quiniou-Briand

Re: [PacketFence-users] customizing security event email notifications

Hello MJ, HTML files are generated from MJML files using a Makefile in yout Git repository. Unless you know how to re-generate HTML files from MJML files, you should edit HTML files. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. ::

Re: [PacketFence-users] Auegas configuration of switches.conf

Hello, On 07/02/2020 15:38, Pär Stolpe via PacketFence-users wrote: yes we have considered templates but: With templates the configuration file becomes static, with Auegas we may modify only the changes we need to be controlled and may use the gui for everything else. I understand but you

Re: [PacketFence-users] PF 9.3.0 Clean Install / unable to assign role to a new device

Hello, On 07/02/2020 18:45, Rokkhan wrote: Do you mean to configure manually in the portal_modules.conf file? I will try to reproduce this issue and give you a feedback. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind

Re: [PacketFence-users] Admin interface not loading on new install.

Hello, Try to run `systemctl status packetfence-httpd.admin`. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] Inline - cluster 9.1

Hello, On 10/02/2020 09:31, Daniele Rosati via PacketFence-users wrote: or each node should have a different one? Each node should have a different IP. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo

Re: [PacketFence-users] Auegas configuration of switches.conf

Hello, On 04/02/2020 17:16, Pär Stolpe via PacketFence-users wrote: We see that it might be feasible to check for a variable first and if set accept a description as the key otherwise default to the standard behavior. Could you rephrase because I'm not sure to understand what you mean ? Did

Re: [PacketFence-users] PF 9.3.0 Clean Install / unable to assign role to a new device

Hello, You should not use category_id of role in your authentication rule but role name. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] [External] Re: Parking troubles

Hello Peter, On 05/02/2020 20:31, Truax, Peter via PacketFence-users wrote: Hello Nicolas, I ran the pf-maint.pl as requested and copied the httpdispatcher.conf file. I went to github (https://github.com/inverse-inc/packetfence/commit/33b43f8576637c2ae154fbfbee81cd1e6ea95bc0 ) and verified

Re: [PacketFence-users] CLI /usr/local/pf/bin/pfcmd node view all output

It has been backported to maintenance branches. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] CLI /usr/local/pf/bin/pfcmd node view all output

Hello Dmitry, I reported this bug [1], thanks for your report. [1] https://github.com/inverse-inc/packetfence/issues/5116 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

Re: [PacketFence-users] CLI /usr/local/pf/bin/pfcmd node view all output

Hello, 1. Why PF version are you running ? 2. Could you provide output of: `show tables` at MariaDB prompt ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org)

Re: [PacketFence-users] customizing security event email notifications

Hello MJ, On 04/02/2020 10:39, lists via PacketFence-users wrote: We could of course customize the files there, but we are unsure how well this would work with packetfence updates. Plus: do we edit the html or the mjml file? Or both? Can this be done from the GUI? You can directly edit HTML

Re: [PacketFence-users] Parking troubles

Hello Peter, On 03/02/2020 19:03, Truax, Peter via PacketFence-users wrote: We are having trouble getting our parking portal working after upgrading to 9.2 from 9.0.1. When a user tries to go to the registration portal and they have been parked, the browser just displays and error of

Re: [PacketFence-users] device profiling discrepancy | security event

For the record, it's a bug in PF: https://github.com/inverse-inc/packetfence/issues/5106 -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank

Re: [PacketFence-users] Allowing different access levels for MAB vs EAP-TLS clients

Hello David, On 30/01/2020 15:54, David Harvey via PacketFence-users wrote: I currently have a functional setup where users get allocated their VLANs properly regardless of if they do MAB or EAP, but I've not for love nor money been able to work out how to discriminate between the two

Re: [PacketFence-users] Inline Guest Network Registration Certificate Issues

Hello Charles, 1. Which error message did you get in Firefox ? -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org)

Re: [PacketFence-users] change enforcement

Hello, On 20/01/2020 13:15, saskatooner Canada via PacketFence-users wrote: How can I change the enforcement mode? I want to reject the unknown requests, I dont want to accept them and put them in registration vlan... In your network devices, on Roles tab, under "Roles by VLAN ID", replace

Re: [PacketFence-users] Problem with scan

Hello, On 24/01/2020 10:18, Liborio La Fortezza via PacketFence-users wrote: Hi i have the following problem. After logging in through the captive portal or directly from the 802.1x supplicant (the behavior is the same) I am not redirected to the page for scanning but directly to the page

Re: [PacketFence-users] R: Fingerbank and softnet_stat issues with version 9.2

On 24/01/2020 16:51, Serhiy Morhun via PacketFence-users wrote: Do you still want a tcpdump? Yes. Peter, feel free to send me a tcpdump too. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu),

Re: [PacketFence-users] cloned security event, untriggerable

Hi MJ, On 24/01/2020 12:08, mj via PacketFence-users wrote: What is required for a security event to show up there? I'm not able to replicate your issue on a 9.3 setup. Try to refresh your browser cache. When you click on Nodes menu, an API call is made to get all security events. Web

Re: [PacketFence-users] Maintenance patches

For the record, take a look at this thread [1] on packetfence-devel mailing-list. [1] https://www.mail-archive.com/packetfence-devel%40lists.sourceforge.net/msg01322.html -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind

Re: [PacketFence-users] R: Fingerbank and softnet_stat issues with version 9.2

Hello, On 23/01/2020 17:07, Serhiy Morhun via PacketFence-users wrote: Not for us. My fingerbank.log is not filling up with errors anymore, but I still get hourly limit emails within minutes (2-5) of each hour. 1. How many endpoints do you have on your network ? 2. Could you send me in

Re: [PacketFence-users] Possibilty running 802.1x with PacketFence without AD

On 23/01/2020 16:13, Mochamad Ryan Ridwan wrote: username and password , I used from tab Users is it right ? Yes but as mentioned in Install Guide, you need to have passwords stored in DB using NTLM hash. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] Microsoft hardening AD/LDAP connections in March updates

Hello, I tested those changes today with a PacketFence server. If your AD authentication sources don't use a LDAPS or StartTLS connection, these changes will break them. You need to switch to StartTLS or LDAPS. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 ::

Re: [PacketFence-users] Possibilty running 802.1x with PacketFence without AD

Hello, On 23/01/2020 08:52, Mochamad Ryan Ridwan via PacketFence-users wrote: Should it 802.1x integrated with AD or not? No, you can use a local users if you prefer [1]. [1] https://packetfence.org/doc/PacketFence_Installation_Guide.html#_eap_local_user_authentication -- Nicolas

Re: [PacketFence-users] R: Fingerbank and softnet_stat issues with version 9.2

Hello, Julien has fixed a bug that generate too many API requests with fingerbank-collector in fingerbank-collector 1.2.3. You can upgrade your package. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo

Re: [PacketFence-users] Ver 9.3 - BUG on INTERFACE --- NEW VLAN

Hello Giacinto, Issue was: https://github.com/inverse-inc/packetfence/issues/5067 It has been fixed in maintenance branch, run pf-maint.pl and restart PF services to get a fix. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders

Re: [PacketFence-users] Ver 9.3 - BUG on INTERFACE --- NEW VLAN

Hello Giacinto, Thanks for your report. I just created an issue on your bug tracker [1], feel free to add comments. As a workaround, use old admin to configure your network interface. [1] -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc.

Re: [PacketFence-users] Clients not disconnecting when deregistered

Hi Andrew, 1. Is it possible this device was already disconnected from WLC ? 2. Could you try with another client that is connected to WLC when you unreg from PF ? 3. After you test 2, provide us packetfence.log with lines related to MAC of your other client and WLC logs. Thanks. -- Nicolas

Re: [PacketFence-users] R: Fingerbank and softnet_stat issues with version 9.2

Hello, We are checking if it possible to disable feature that increase API requests. We will keep you informed. -- Nicolas Quiniou-Briand n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence

  1   2   3   4   >