Re: [PacketFence-users] Basic MAC authentication and vlan assignment

Check out Meraki's documentation: https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X) [https://a.mtstatic.com/@public/production/site_13505/1603418441-social-share.png] MS

[PacketFence-users] Captive portal customizations gone after upgrade

All: Hoping someone can shed some light on this. We did an upgrade to the latest maintenance patch of PF and the customizations we put on the captive portal were removed. All we did is change the logo (vis the web GUI) and slightly modify the CSS to fit our color scheme. Now our custom logo

Re: [PacketFence-users] Authentication Source HTTP

Are you looking for something like this? https://medium.com/beyond-the-helpdesk/configuring-packetfence-for-use-with-dpsk-6519aaf6fe4d Jake Sallee Godfather of Bandwidth System Engineer and Security Specialist University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513

Re: [PacketFence-users] (no subject)

254-295-4221 From: Abdi Ahmed Sent: Tuesday, August 10, 2021 10:19 AM To: Sallee, Jake Subject: Thank you, The module I want to implement is to register the users of my network and from what I understand from the pf documentation is when ever a user ent

Re: [PacketFence-users] (no subject)

Abdi: I am assuming you're new to the mailing list; if so, Welcome to the mailing list! Here you don't have to ask for help first, just post your question and if someone can help you, they will. A few things to keep in mind: 1) Remember this is FREE support. Most of the people here are

Re: [PacketFence-users] Captive Portal Issue on Mobile Devices

, 2021 1:06 PM To: packetfence-users@lists.sourceforge.net Cc: Sallee, Jake Subject: Re: [PacketFence-users] Captive Portal Issue on Mobile Devices EXTERNAL Exercise Caution not using packetfence for isolation/registration is quite surprising. Is that supported at all? Im guessing it works for you

Re: [PacketFence-users] Captive Portal Issue on Mobile Devices

U 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Diego García del Río Sent: Wednesday, July 7, 2021 5:47 PM To: packetfence-users@lists.sourceforge.net Cc: Sallee, Jake Subject: Re: [PacketFence-users] Captive Portal Issue on

[PacketFence-users] Captive Portal Issue on Mobile Devices

Hello all! This is a strange one and I hope someone out there has faced this demon before and can help. We are running PF 10.3 (with latest maintenance patches) in a 3 node cluster. TLDR: Captive portal issues on iPhones and some mobile devices, cant find any reason in the logs as to why it

Re: [PacketFence-users] MAC Randomisation

IIRC MAC randomization is only used for beacon frames by default which PF doesn't care about as far as I know. So hopefully it is not an issue at all. I do remember also seeing some devices give an option to randomize MAC on connect to a specific SSID so perhaps it would be possible to get

Re: [PacketFence-users] VLAN isolation and routed networks

What you are describing sounds similar to what we are doing. PF works great with routed networks and depending on the details of your VPN connection I think it should work in your situation. I have never setup a PF deployment like the one you are talking about however if your VPN is setup in a

Re: [PacketFence-users] POC Radius auth with Juniper switches

Did you configure the Windows box for 802.1x? Jake Sallee Godfather of Bandwidth System Engineer and Security Specialist University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Kevin

Re: [PacketFence-users] Request Support

Vincenzo: If you want professional support your best bet is to reach out to Inverse, they are the makers of PacketFence and are REALLY good. However, they do not work for free and there will be a cost associated if you engage their services. https://packetfence.org/support.html#/commercial

Re: [PacketFence-users] Fwd: Upgrade 9.1 to 9.3

, February 14, 2020 6:39 AM To: packetfence-users@lists.sourceforge.net Cc: Sallee, Jake Subject: Re: [PacketFence-users] Fwd: Upgrade 9.1 to 9.3 EXTERNAL Exercise Caution [root@vminednac01 ~]# systemctl status packetfence-httpd.webservices.service ● packetfence-httpd.webservices.service

Re: [PacketFence-users] Fwd: Upgrade 9.1 to 9.3

Domingos: I happy to try and help, but we will need more info. Lets start with your log files. When you try to start the PF services what do the logs say? You can put your log file on pastebin and link it here. If you did the upgrade, did you also do the database schema upgrade? Jake

[PacketFence-users] Pending changes to MS LDAP

Can anyone tell me if the pending changes to LDAP Microsoft announced are going to effect packetfence. Source: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023 We have out PF cluster using our AD servers as an authentication source. Will I need to set the LDAP

[PacketFence-users] Maintenance patches

Inverse peeps! I like getting the notifications about available maintenance patches, but is there a place where I can go to read the patch release notes? Thank you in advance. Jake Sallee Godfather of Bandwidth System Engineer and Security Specialist University of Mary Hardin-Baylor

Re: [PacketFence-users] Upgrade path from PacketFence 3.5.0 to current

I have to ask ... why not build a new box or cluster? Upgrading that many versions is going to be a challenge. Plus, according to the upgrade doc, you cant upgrade to PF7 or beyond running CentOS 6 or Debian Wheezy. So ... a rebuild may be your only option. Jake Sallee Godfather of Bandwidth

[PacketFence-users] Unable to perform RADIUS Disconnect-Request

Hello all! BG Info: New cluster install v9.2 Currently doing pre-production tests Xirrus APs RADIUS Deauth Routed mode I have run into an issue where my wireless clients are not getting disconnected correctly. Here is the snip from the log: ===

Re: [PacketFence-users] packetfence clustered environment

Forgive me for butting in, but do you have a specific reason for using an inline deployment? IMHO a routed / vlan deployment is better. Obviously, if you have a reason why you want to use an inline deployment you can ignore me : ) Jake Sallee Godfather of Bandwidth System Engineer and

Re: [PacketFence-users] Raspberry Pi and Packetfence

Running PF on a Pi sounds interesting … what use case are you going for? Jake Sallee Godfather of Bandwidth System Engineer and Security Specialist University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Zacharry Williams

Re: [PacketFence-users] NAC bypass

:07 PM To: packetfence-users@lists.sourceforge.net Cc: Sallee, Jake Subject: Re: [PacketFence-users] NAC bypass EXTERNAL Exercise Caution Out of curiosity, how are you prevent IPv6 addresses from flowing? Is this at the router/L3 switch or firewall level? What about non-routable link local add

Re: [PacketFence-users] NAC bypass

Max: This strikes me as an uninformed opinion. While a lot of tools don't speak IPv6, very little of the world runs IPv6 ... even though its over a decade old. Most IPv6 providers run an IPv6to4 gateway and technically all IPv6 traffic will run through a 6to4 gateway somewhere or else they

Re: [PacketFence-users] Packetfence 8.3 - AD source causes Radius go down

... can you post HOW you solved it? That way other who may search the list later can fix their similar issues too. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221

Re: [PacketFence-users] Lab setup without AD

Matt: Others may know better than me, but unless you are authenticating users from other domains you do not needs a realm. In your lab setup the realm will be either local or null if you are not using a user database backend (like AD). In FreeRADIUS land the realm is what you use to determine

Re: [PacketFence-users] Cisco 2960 802.1X and MAB

Where are you at in the process of setting up PF in your environment? The reason I ask is because this will vastly effect exactly what information you need at the moment. >What is needed to be configured in PF? Nothing special, just add a switch as you would normally according to the PF

[PacketFence-users] guest registration problems

All: BG Info: Packetfence v8.1.0 3 node cluster Two issues: 1) When using guest email registration: The link in the email points back to the server that generated the email and NOT the cluster so the link does not work. The link sent in the email points to: NAC-server-1.domain.tld, if I

[PacketFence-users] Setting device role based on computer AD membership or static roles

All: I would like to be able to check if the user's computer is joined to our AD and assign a role based on that membership or not. The issue I am attempting to address is this: Devices which are owned by the university and are used by university employees are assigned one role while personal

[PacketFence-users] 802.1x fall through authentication

All: (INFO: PF 8.1.0 three node cluster) Is it possible to configure fall through authentication with 802.1x? I have two AD realms and I want users to be able to login by providing their user name only (IE: UserName) and not require the full user name (IE: usern...@domain.tld). I have added

Re: [PacketFence-users] Problem to join my AD : client not found in kerberos database.

Was PF previously joined to AD? If so you may have some residual entries in your AD which need to be removed. also, what is in the logfile? Check out page 45 in the install guide. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College

Re: [PacketFence-users] Haproxy will always crash after a few hours

Thomas. On 04/07/2018 02:37, Sallee, Jake via PacketFence-users wrote: > Fabrice: > > I'm more than happy to give you access. > > I'm in the office tonight, but ... don't tell anyone ... since tomorrow is my > country's birthday (kinda) I will be celebrati

Re: [PacketFence-users] Haproxy will always crash after a few hours

=30MOxIo3uwuouni3FahWSIniOg_NUk6kGwM2svxdsEg=) Jake if you want, let me give an access to your setup and i will upgrade the haproxy version and adapt the code to see if it fix the issue. Regards Fabrice Le 2018-07-03 à 14:47, Sallee, Jake via PacketFence-users a écrit : > Yes I am, here is what I am see

Re: [PacketFence-users] Log spamming

From: Nicolas Quiniou-Briand via PacketFence-users Sent: Tuesday, July 3, 2018 3:02 PM To: packetfence-users@lists.sourceforge.net Cc: Nicolas Quiniou-Briand Subject: Re: [PacketFence-users] Log spamming Hello Jake, On 2018-07-03 11:52 AM, Sallee, Jake via PacketFence

Re: [PacketFence-users] Log spamming

System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Sallee, Jake via PacketFence-users Sent: Tuesday, July 3, 2018 10:52 AM To: packetfence Cc: Sallee, Jake Subject

Re: [PacketFence-users] Haproxy will always crash after a few hours

. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Murilo Calegari Sent: Tuesday, July 3, 2018 11:57 AM To: packetfence-users@lists.sourceforge.net Cc: Sallee, Jake Subject: Re: [PacketFence-users] Haproxy will always crash after a few hours Can you

Re: [PacketFence-users] Haproxy will always crash after a few hours

Sorry to butt in, but I wanted to say I think I am having the same issue. haproxy seems to crash after a few hours, but only on one of the servers in my cluster. Is there any test or logs I can provide to assist in the troubleshooting process? Jake Sallee Godfather of Bandwidth System

[PacketFence-users] Log spamming

All: my /var/log/messages file is getting spammed with several lines per second of the following: Jul 3 10:49:07 NAC-PFv8-02 /usr/local/pf/bin/pfdhcp[30276]: t=2018-07-03T10:49:07-0500 lvl=info msg="Setting log level to INFO" Jul 3 10:49:07 NAC-PFv8-02 /usr/local/pf/bin/pfdhcp[30276]:

[PacketFence-users] 802.1x auto de-register

All: How can I disable the feature that automatically de-registers an endpoint when they de-associate with an 802.1x SSID? I want them to be auto-registered when the associate, but when they drop off I want them to stay registered. In my environment we are setting up two SSIDs, one

Re: [PacketFence-users] Autoregistering thousand of Chromebooks

Fone: 254-295-4658 Phax: 254-295-4221 From: Steve Pfister via PacketFence-users Sent: Friday, June 29, 2018 8:59 AM To: Sallee, Jake via PacketFence-users Cc: Steve Pfister Subject: Re: [PacketFence-users] Autoregistering thousand of Chromebooks Actually

Re: [PacketFence-users] Autoregistering thousand of Chromebooks

ing any MAC filtering at all. It will let anyone at all in. Does MAC filtering really not do anything? On 6/25/2018 5:55 PM, Sallee, Jake via PacketFence-users wrote: > Do you have a test area you can use? > > PF has a mode you can use on your switch / AP that will auto-register any > de

Re: [PacketFence-users] Autoregistering thousand of Chromebooks

Do you have a test area you can use? PF has a mode you can use on your switch / AP that will auto-register any device you plugin / associate to that device. If you set up a switch or AP in PF and set its mode to registration it will do what you want. Where you set the role for the

[PacketFence-users] 802.1x confiuration instructions

All: The instructions for configuring 802.1x in the install guide are fine for testing but not really for a production install. Are there any instructions on configuring a production 802.1x deployment? I understand inverse can't talk about all the hundreds of different vendors, but it would

Re: [PacketFence-users] Replacing snake oil certs with production certs.

, hopefully someone else can learn from my mistake. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Sallee, Jake via PacketFence

[PacketFence-users] Replacing snake oil certs with production certs.

All: This is a new PFv8.0.1 3 node cluster install. Are there any instructions for installing new production certs on the PF servers in a cluster? I have a new cert that I am trying to install but when I do the httpd services fail to restart. I'm thinking the certs need to be processed into

[PacketFence-users] Cannot Remove Node Role

Gents: I am testing my new 8.0.1 cluster, I added a test role called you guessed it, test. I would like to remove the role now, but I cannot. How does one go about removing or renaming a node role in PFv8? Jake Sallee Godfather of Bandwidth System Engineer University of Mary

[PacketFence-users] Maintenance Patch Install Instructions for Clusters

I can't find any official documentation on how to install the available maintenance patches for PF, especially in an active/active cluster. Anyone have some pointers? Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas

Re: [PacketFence-users] New PF install trouble joining child domain

have more information. Change the file https://github.com/inverse-inc/packetfence/blob/devel/addons/AD/smb.tt and add : log level = 3 Regards Fabrice Le 2018-05-31 à 09:20, Sallee, Jake via PacketFence-users a écrit : > All: > > I'm setting up a new PFv8.1 cluster and I am at the poin

[PacketFence-users] New PF install trouble joining child domain

All: I'm setting up a new PFv8.1 cluster and I am at the point where I am joining the individual servers to the domains we have. The main / parent domain join went perfectly, but I am unable to join the child domain. Here is the error : Failed to join domain: Failed to set machine spn:

Re: [PacketFence-users] Clustering-nodes rebooted

Rebooting all nodes at once is ... less than desirable : ) What is the error you are getting in your maraidb logs? Also, look here: http://galeracluster.com/documentation-webpages/monitoringthecluster.html and here http://galeracluster.com/documentation-webpages/troubleshooting.html

Re: [PacketFence-users] Question about device-registration page

All: Forgive me for jumping in here but I wanted to put in my $.02. Generally the user's role is how you assign the user's level of network access. If you give the user a way to self assign a role you will need to find a way to verify that user has the necessary rights to that role. Guests

Re: [PacketFence-users] PacketFence FreeRADIUS only configuration

Matt: To elaborate on Fabrice's statements jut a bit: The RADIUS portion of PF can be thought of as just the mechanism PF uses to talk to the controllers / APs / Switches. All the logic of who and what devices get what role is defined in PF and those roles should correspond with some type

Re: [PacketFence-users] HP 1920 (JG1920-14G) support ?

According to HPs documentation the switch supports MAC auth and 802.1x https://www.hpe.com/h20195/v2/GetPDF.aspx/c04394247.pdf Have you tried using those? Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone:

Re: [PacketFence-users] RADIUS secret key mismatch

Check the radius secret on your cisco switch, I had the exact same issue and there was a space and the end of the secret when I pasted it into the config. Once I fixed that my problem was solved. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU

[PacketFence-users] Lets Encrypt compatability

Hello All! My current captive portal cert is through Comodo, suddenly all kinds of devices are very upset about this fact. Most mobile devices no longer trust my cert and now some desktop/laptop systems are complaining as well. Since it looks like I will need to be replacing my cert I was

Re: [PacketFence-users] PF on Ubiquity AP

on PacketFence that if we logged in one > > network > > then switched to the other the captive portal was not shown and > > access > > was automatically granted, now we have PacketFence managing only > > one of > > those networks and we came back to pfSense (the other

Re: [PacketFence-users] PF on Ubiquity AP

U ... I'm quite sure that is not how it works. PF runs A LOT of services and a database, it is designed for running on a server that will then contact and work with your APs. I may be mistaken, but that is my experience. Jake Sallee Godfather of Bandwidth System Engineer University of

Re: [PacketFence-users] SSL cert problem with mobile devices

p in mind that haproxy terminate the ssl tunnel so do : cat /usr/local/pf/conf/ssl/server.crt /usr/local/pf/conf/ssl/server.key > /usr/local/pf/conf/ssl/server.pem (with your own files) and restart haproxy Regards Fabrice Le 2017-01-04 à 18:06, Sallee, Jake a écrit : > Hello All! > >

Re: [PacketFence-users] Self Signed SSL

d SOGo (http://www.sogo.nu<http://www.sogo.nu/>) and PacketFence (http://packetfence.org<http://packetfence.org/>) Le 17 nov. 2016 à 15:54, Sallee, Jake <jake.sal...@umhb.edu<mailto:jake.sal...@umhb.edu>> a écrit : Fellow PF users: New setup, not yet in production

[PacketFence-users] Self Signed SSL

Fellow PF users: New setup, not yet in production PF v6.4.0 2 host Cluster I am getting several entries in my packetfence.log file like this: Nov 17 14:37:12 httpd.portal(130195) INFO: [mac:[undef]] Dealing with a endpoint / browser with captive-portal detection capabilities

[PacketFence-users] monitd going nuts

Hello all! I am in the final stages of testing our new PF cluster. I have noticed that pfmon only runs on the active node at any time. This is fine (I guess) but it is causing monitd to lose its ever loving mind. I am getting an email a minute about the pfmon process not running on the

Re: [PacketFence-users] Cluster setup: computer not found in database

abrice Le 2016-11-02 à 23:17, Sallee, Jake a écrit : > Hello All: > > quick rundown > > 1) 3 host cluster > 2) eth0 -> management > eth1 -> registration > eth2 -> isolation > 3) Cisco switch with vlan and IP helper setup > 4) PFDNS is running >

[PacketFence-users] Cluster setup: computer not found in database

Hello All: quick rundown 1) 3 host cluster 2) eth0 -> management eth1 -> registration eth2 -> isolation 3) Cisco switch with vlan and IP helper setup 4) PFDNS is running My MAC is not showing up in the DB when I try to test the portal. I have tried setting the ip helper address to

[PacketFence-users] Possible bug: Clustering with PF6.3.0

I am not 100% sure of this but there may be a bug concerning clustering in PF6.3.0. The clustering guide says to change the database section in the pf.conf file to include "host=127.0.0.1". However for some reason when I am trying to start the PF services I get an error about the user pf is

[PacketFence-users] monit setup guide for PF

Does anyone have a setup guide for using monit with Packetfence? I know it can be done, but I can't seem to find any docs on it. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax:

[PacketFence-users] web configurator - I dun goofed

I need to get to the web configurator ... but I kinda messed up. I went through the normal install procedure (Install OS -> install updates -> install PF) Here is where I goofed: I rebooted the server because it installed a new kernel. Now I can't get to the web configurator. I tried making

Re: [PacketFence-users] Active/Active PF cluster with Maria Galera

s request on both server, haproxy will do the same for http/https request. If you need more details fell free to ask more questions. Regards Fabrice Le 2016-10-11 à 17:46, Sallee, Jake a écrit : > I am reading through the Active/Active documentation and it mentions that the > DB port

[PacketFence-users] Active/Active PF cluster with Maria Galera

I am reading through the Active/Active documentation and it mentions that the DB portion can be made active/active using Maria Galera. What are the benefits/drawbacks of going with the MariaDB route vs the MySQL route? I read in the MariaDB Galera docs that you really need at least 3

[PacketFence-users] OpenDaylight Integration

Hello All: I read that PF has supported OpenDaylight integration for a few versions now, but I couldn't find exactly what the module is capable of. Does anyone have any information on this? SDN is shaping up to be the networking language of the future and is an area of extreme interest for

[PacketFence-users] OMAPI errors in pf log

PF version 5.6.1 I'm getting some interesting errors in my packetfence.log: Sep 15 09:42:27 httpd.aaa(23024) ERROR: [mac:c0:ce:cd:e7:d6:47] Use of uninitialized value $received_startup_message in unpack at /usr/local/pf/lib/pf/OMAPI.pm line 241. Sep 15 09:42:27 httpd.aaa(23024) ERROR:

Re: [PacketFence-users] Server Load metric

PacketFence-users] Server Load metric On Fri, Sep 9, 2016 at 2:37 PM, Sallee, Jake <jake.sal...@umhb.edu> wrote: > I always assumed that came from the same source that 'top' pulls from. > > > If I am correct then the number represents the workload of your system. In > si

Re: [PacketFence-users] Server Load metric

I always assumed that came from the same source that 'top' pulls from. If I am correct then the number represents the workload of your system. In simplified terms you want this number to always be less than the number of processor cores in your system. If you have a quad core system and you

Re: [PacketFence-users] Windows 10 & Kaspersky (off-topic)

cluding block connections to ssl sites based on content of the flow. Ie: matching cerificates in the handshake. Sent from my iPhone On Sep 8, 2016, at 12:44 PM, Sallee, Jake <jake.sal...@umhb.edu> wrote: >> Solving the issue is simple. Block the traffic. > > When the traffic

Re: [PacketFence-users] Windows 10 & Kaspersky

the Internet. Using 3rd party DNS servers like that causes decreased performance of the interwebzz. Sent from my iPhone > On Sep 7, 2016, at 6:54 PM, Sallee, Jake <jake.sal...@umhb.edu> wrote: > > I didn't see anyone else reply to this so here is what we are seeing. > > > Sc

Re: [PacketFence-users] Windows 10 & Kaspersky

I didn't see anyone else reply to this so here is what we are seeing. Scenario 1: (less likely) Some AV vendors (Kaspersky being one) are installing a DNS proxy with the AV software and are tunneling all DNS traffic to their own servers. I did some research a while ago into this and found

Re: [PacketFence-users] Vlan enforcement mode deployment

Eloge: I have been running PF in production for years with a very similar setup to the one you have described. Yes; PF can do what you are trying to do, if you have the correct equipment. Check PF's compatibility list for your equipment to make sure it is supported. But just about any

Re: [PacketFence-users] New to packetfence, a few questions

Matthias: Welcome to the PF community! I think we may need to slow things down a bit. You have lots of questions, and that is good. But I don't want to get the cart before the horse. The type of questions you are asking are very general and apply to NAC as a whole, in short this is the kind

Re: [PacketFence-users] DHCP

I would second Kea as a DHCP server in PF. I am developing a companion app for Kea (sh, it's a secret. It's on GitHub ... FOSDDI ... you totally didn't hear about it from me). If PF was running Kea it would offer those of us with larger infrastructures another data source to monitor and

Re: [PacketFence-users] Sending Security Onion alerts to PacketFence

How are you exporting the alerts from SO? In my tests I had to re-write the parsing logic in PF because the format they were leaving my SO box in was not the standard SNORT format. ?Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College

Re: [PacketFence-users] Frustrated by installation instructions

Patrick: Sorry to hear you are having trouble setting up PF. I wouldn't mind helping you setup a test/dev box. In my experience the best way to setup and test PF is to take a very methodical approach. Let me know if you want to talk off list. Jake Sallee Godfather of Bandwidth System

Re: [PacketFence-users] Packetfence installation

Margie: Will PF run on the hardware you specified? Yes. Your problem is going to be how MUCH are you going to try to do with PF. 2GB of RAM is not very much and will become ?a problem if you try to run IDS on the same box, etc. Other than that everything else looks fine to me for a small

Re: [PacketFence-users] Installing packet fence (error File::Find::Rule and others)

May I ask why you are installing such an old version of PacketFence? Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From:

Re: [PacketFence-users] Installing packet fence (error File::Find::Rule and others)

From: Louis Munro <lmu...@inverse.ca> Sent: Friday, January 15, 2016 8:56 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Installing packet fence (error File::Find::Rule and others) On Jan 15, 2016, at 9:27 , Sallee, Jake <

Re: [PacketFence-users] Admin GUI - Node details slow.

...@inverse.ca] Sent: Monday, January 11, 2016 12:29 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Admin GUI - Node details slow. On Jan 11, 2016, at 9:28 , Sallee, Jake <jake.sal...@umhb.edu> wrote: At this moment my radacct table is sitting at 4,4

[PacketFence-users] High CPU utilization

Hello! I'm seeing some high CPU usage today: I tried bouncing the PF services but it came right back. pfqueue seems to be using quite a bit of CPU, how can I check to see if everything is okay? I tried this from another message on the list but I do not know how to interpret the response:

[PacketFence-users] Admin GUI - Node details slow.

Hello again: When we use the admin GUI to look at the details of a node it takes quite a while for the page to load (this is an on going issue, not related to the high CPU issue I reported earlier). It can take easily 45 sec to 60 sec to pull up the node details, but everything else is almost

Re: [PacketFence-users] High CPU utilization

.ca> :: www.inverse.ca<http://www.inverse.ca> +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu>) and PacketFence (www.packetfence.org<http://www.packetfence.org>) On Jan 11, 2016, at 10:05 , Sallee, Jak

Re: [PacketFence-users] High CPU utilization

, Sallee, Jake <jake.sal...@umhb.edu> wrote: Hello! I'm seeing some high CPU usage today: I tried bouncing the PF services but it came right back. pfqueue seems to be using quite a bit of CPU, how can I check to see if everything is okay? I tried this from another message on the list bu

Re: [PacketFence-users] Packetfence Dependencies trouble

Did you run the web-based configurator? It is the first step after you install. No PF user and no PF data base sounds like you may have missed that step. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone:

Re: [PacketFence-users] Packetfence Dependencies trouble

ackages. Jason A. Maher Network Engineer Multi-State Lottery P: 515-453-1408 F: 515-453-1420 -----Original Message- From: Sallee, Jake [mailto:jake.sal...@umhb.edu] Sent: Tuesday, January 05, 2016 4:39 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-u

Re: [PacketFence-users] Packetfence Dependencies trouble

We're going to need some more info. What is the Base OS (distro and version) and the complete log of the failed install at least. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax:

Re: [PacketFence-users] Possible bug in admin GUI node list PF v5.5.0

...Bump... Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Sallee, Jake [jake.sal...@umhb.edu] Sent: Wednesday, November 25

[PacketFence-users] Possible bug in admin GUI node list PF v5.5.0

Hello all! I think you will all be happy to hear that I did not screw up my upgrade from 5.3 to 5.5! ***que trumpets*** I think, though, there may be a bug in the admin GUI. When I pull up a list of my nodes I get multiple entries for the same node. The entries are identical as far as I

Re: [PacketFence-users] Possible bug in admin GUI node list PF v5.5.0

list PF v5.5.0 Hello Jake, you probably have multiples locationlog entry for the same mac address. We fixed that in this version 5.5, when you changed something from the gui (node) then a new locationlog entry was open. So clean the locationlog. Regards Fabrice Le 2015-11-25 12:36, Sallee

Re: [PacketFence-users] Problem to start mysql when configuring the PacketFence ZEN

We would like to help, but we need information to work with. If you are unable to start MYSQL there will be an error in the system logs. Can you please post the contents of: /var/log/messages (or syslog depending on the system) /usr/local/pf/logs/packetfence /usr/local/pf/logs/httpd.aaa.error

Re: [PacketFence-users] PF sending out SNMP De-Auth when set to RADIUS

) and PacketFence (www.packetfence.org<http://www.packetfence.org>) On Sep 23, 2015, at 16:07 , Sallee, Jake <jake.sal...@umhb.edu<mailto:jake.sal...@umhb.edu>> wrote: Louis! Hows it goin' buddy! Here is a pcap of the exchange between the aruba vcontroller and the PF server. I h

Re: [PacketFence-users] PF sending out SNMP De-Auth when set to RADIUS

cketfence.org<http://www.packetfence.org>) On Sep 22, 2015, at 11:06 , Sallee, Jake <jake.sal...@umhb.edu<mailto:jake.sal...@umhb.edu>> wrote: Hello all! Weird one here. First things first: PF v5.3.1, with an Aruba 205H AP. The manufacturer ensures us that the devices are

[PacketFence-users] PF sending out SNMP De-Auth when set to RADIUS

Hello all! Weird one here. First things first: PF v5.3.1, with an Aruba 205H AP. The manufacturer ensures us that the devices are compatible with wired and wireless MAC auth so we have made a small adjustment to the module to return mac auth = true. Other than that, everything is stock. In

Re: [PacketFence-users] System Overload

We could use a bit more info : ) How do you have your PF deployed? Inline, VLan, etc? How many users are your servicing? How many requests per second? What auth mechanisms are your using? MAC auth, 802.1x, etc? Also, if you are in a tight spot CALL INVERSE! They are great and will work

Re: [PacketFence-users] Error in GUI domain config [SOLVED]

primary ways of checking to see if the server is even trying to join AD. On Thu, Aug 20, 2015 at 9:34 AM, Sallee, Jake jake.sal...@umhb.edumailto:jake.sal...@umhb.edu wrote: So, a configreload hard and blanking out my domain.conf file seemed to help. I can get to the domain GUI now ... so I've got

[PacketFence-users] PF DNS record changed

Hello all ... again. The new domain joining system adds a virtual interface to the server that it uses to communicate with the domain. however this new interface is not the same one as the management interface. The new interface is automatically registering its self with my DNS servers

Re: [PacketFence-users] Error in GUI domain config [SOLVED]

, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Sallee, Jake [jake.sal...@umhb.edu] Sent: Thursday, August 20, 2015 1:23 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Error in GUI domain config [SOLVED] Hello all: Im

  1   2   >