Re: [PacketFence-users] Captive Portal Error on 8.1

nverse.ca> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) On Aug 6, 2018, at 9:05 AM, luca comes via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote: Dear list, I had some problem to update my cluster from 7.4.0 t

Re: [PacketFence-users] Captive Portal Error on 8.1

(x145) :: www.inverse.ca<http://www.inverse.ca> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) On Aug 6, 2018, at 9:05 AM, luca comes via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote: Dear list, I had some pr

[PacketFence-users] Captive Portal Error on 8.1

Dear list, I had some problem to update my cluster from 7.4.0 to the new 8.1 so I decided to create a new Server and make a fresh install of the latest release. I've configured the portal for my wireless guest access but the portal page is not shown, the message shown underneath is returned

[PacketFence-users] Problem after upgrade

Dear all, I'm trying to update my cluster from PF 7.4.0 to the last release 8.1.0. After third node is upgraded I tried to verify functionality but I have many errors. The biggest problem is that my wired clients are not authenticated anymore. I can see in the log (attached) the error:

Re: [PacketFence-users] Problem after upgrade

I forgot the attachment sorry. Da: luca comes Inviato: giovedì 26 luglio 2018 18:20 A: packetfence-users@lists.sourceforge.net Oggetto: Problem after upgrade Dear all, I'm trying to update my cluster from PF 7.4.0 to the last release 8.1.0. After third node

Re: [PacketFence-users] Database Warning

to fetch the latest fixes. Regards Fabrice Le 2018-06-01 à 03:13, luca comes via PacketFence-users a écrit : Hi all, I'm running PF 7.4.0 on a cluster, I noted that sometimes this warning is showed in the log: Jun 1 08:53:39 pfnac01 pfqueue: pfqueue(31016) WARN: [mac:c8:cb:b8:0e:b8:8d

[PacketFence-users] Database Warning

Hi all, I'm running PF 7.4.0 on a cluster, I noted that sometimes this warning is showed in the log: Jun 1 08:53:39 pfnac01 pfqueue: pfqueue(31016) WARN: [mac:c8:cb:b8:0e:b8:8d] database query failed with: MySQL server has gone away (errno: 2006), will try again (pf::dal::db_execute) Is

Re: [PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Anyone who can help me about this problem? Luca Da: luca comes via PacketFence-users <packetfence-users@lists.sourceforge.net> Inviato: giovedì 19 aprile 2018 11:37 A: packetfence-users@lists.sourceforge.net Cc: luca comes Oggetto: [PacketFence-users] Cis

[PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Hi all, I'm on production with my PF cluster that is serving at the moment more or less 400 clients on cabled network and a wifi guest with sponsored email to a Cisco WLC. Today I'm facing a problem on the guest, all the procedure seems to work well but when the user is authorized and need to

Re: [PacketFence-users] AD first login from registration VLAN

Anyone has some hint on how to solve my problem? I'm in production and this is blocking many users that has password expired. Luca Inviato da Outlook<http://aka.ms/weboutlook> ____ Da: luca comes via PacketFence-users <packetfence-users@lists.source

[PacketFence-users] AD first login from registration VLAN

Hi all, I need users from registration VLAN access our Active Directory to make first login on thei clients. I'm working in Out of Band enforcement so I created some permit rules on my firewall to guarantee access from the registration VLAN to my domain controllers. The problem is that I can't

[PacketFence-users] portal error after upgrade

Hi all, I have another problem after my technical partner has update the master machine of my cluster. I don't know what they updated but I think perl is involved so the portal page show a 503 Service Unavailable from the haproxy. After checking and restarting httpd.portal I can see it start

Re: [PacketFence-users] Image Broken

ib/python2.7/site-packages/graphite/local_settings.py to see if it use sqlite or mysql, if it use sqlite then do that: ln -sf /usr/local/pf/var/conf/local_settings.py /usr/lib/python2.7/site-packages/graphite/local_settings.py Regards Fabrice Le 2018-02-16 à 04:27, luca comes via PacketFence-u

[PacketFence-users] R: R: R: R: No client IP update in cluster

. Btw there is a pull request on github for that: https://github.com/inverse-inc/packetfence/pull/2887 Regards Fabrice Le 2018-01-31 à 03:40, luca comes via PacketFence-users a écrit : Hi Fabrice, I checked and what I can see is that pfdhcplistener is populated only on the master machine. The o

[PacketFence-users] R: R: R: Can't synchronize new cluster databases

ed to manage the firewall automagically. -- Jason Trinklein Wireless Engineering Manager College of Charleston 81 St. Philip Street | Office 311D | Charleston, SC 29403 trinkle...@cofc.edu<mailto:trinkle...@cofc.edu> | (843) 300–8009 From: luca comes via PacketFence-users

[PacketFence-users] R: R: No client IP update in cluster

o Luca, it's also available for Linux: https://github.com/inverse-inc/packetfence-dhcp-forwarder/tree/master/dhcp-forwarder so you can install it on each cluster's member. Le 2018-01-22 à 10:34, luca comes via PacketFence-users a écrit : Hi Fabrice, I'm using a cluster of ISC DHCPD on CentO

[PacketFence-users] R: No client IP update in cluster

do a capture on the management interface to see if you receive something on the port 767. (tshark -i eth0 -f "port 767") Regards Fabrice Le 2018-01-18 à 09:43, luca comes via PacketFence-users a écrit : Hi all, I've migrated my single node infrastructure to a 3 node cluster. At the mome

[PacketFence-users] R: R: Can't synchronize new cluster databases

ggetto: Re: [PacketFence-users] R: Can't synchronize new cluster databases What i can also recommend is to remove the content of /var/lib/mysql on the other server (not the master one of course) and restart packetfence-mariadb Regards Fabrice Le 2018-01-19 à 04:38, luca comes via PacketFence

[PacketFence-users] R: Can't synchronize new cluster databases

Hi Jason, I had the same problem last week. First check on your master server if it is joined and synced with the cluster you can do that reading the file .err in /var/lib/mysql/ and in the database with the query show status like 'wsrep%' as stated in the clustering guide. Luca

[PacketFence-users] No client IP update in cluster

Hi all, I've migrated my single node infrastructure to a 3 node cluster. At the moment I'm testing 802.1x with a Cisco catalyst 2950 and the authentication is working fine. I also have in production a wireless guest access with sponsor on Cisco WLC taht is working really well. Unfortunately I

[PacketFence-users] R: R: no httpd portal in a Cluster

ts.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] no httpd portal in a Cluster Hello Lucas, can i have the cluster.conf file ? Regards Fabrice Le 2018-01-15 à 05:10, luca comes via PacketFence-users a écrit : Hi all, I'

[PacketFence-users] R: no httpd portal in a Cluster

-users@lists.sourceforge.net Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] no httpd portal in a Cluster Hello Lucas, can i have the cluster.conf file ? Regards Fabrice Le 2018-01-15 à 05:10, luca comes via PacketFence-users a écrit : Hi all, I've successfully migrated a single node infrastr

[PacketFence-users] no httpd portal in a Cluster

Hi all, I've successfully migrated a single node infrastructure to a full 3 node cluster, all things has gone well but I have only one problem. After the cluster configuration the https port is not listening neither on the virtual IP nor the local IPs of each server on the management

Re: [PacketFence-users] Packetfence doesn't change VLAN after registration

to do it and most of the time i am busy. So the packetfence.log is not enough complete because what is interesting is just a after and we should suppose to see "Deauthenticating ...". Regards Fabrice Le 2017-12-15 à 06:17, luca comes via PacketFence-users a écrit : Hi all, I as

[PacketFence-users] Packetfence doesn't change VLAN after registration

Hi all, I ask a new question hoping this time someone would answer to me. I'm configuring a guest wireless LAN on Cisco WLC and Packetfence (last version 7.3) on CentOS 7. The authentication on the guest is made with sponsor authorization so the client access the guest but is correctly moved

[PacketFence-users] Sponsor httpd doesn't work

Hi all, I have a strange behaviour on my PF. I configured a guest WiFi LAN with sponsored access and it seems working fine. The user connect to the WLAN (created on a Cisco WLC) and when the address is obtained from DHCP it is redirected to the registration page where user can put his

[PacketFence-users] Two Factor Authentication

Dear list, I'm studying a system to provide two factor authentication for my company. The system ideally should be used to perform authentication on many different services such as ssh, ssl vpn (provided by fortinet firewall) and so on. I would like to use my PF installation but I don't know if

[PacketFence-users] Radius Active Directory with IP released

Dear list, I need a new hint to deploy a configuration on my PF. I have a Fortinet firewall which is the peer for our SSL VPN client, at the moment it authenticates client directly from LDAP. I want set client IP directly so the firewall can do specific rules for that IP. I tried to set the

Re: [PacketFence-users] Bandwidth limit

oose a condition for example an SSID or the device role >in PacketFence, then custom what RADIUS answer you send. For instance >Filter-Id => 10, You have examples in the file conf/radius_filter.conf.example Thanks On 09/08/2017 08:52 AM, luca comes via PacketFence-users wrote:

Re: [PacketFence-users] Bandwidth limit

] Bandwidth limit Hi Luca, I don't have experience with the "inline mode" of PF. I haven't seen any options to do bandwidth limiting in the UI though, so I would not keep my hopes up. What controller do you have? On Thu, Sep 7, 2017 at 3:37 AM, luca comes via PacketFence-users <

Re: [PacketFence-users] Bandwidth limit

[PacketFence-users] Bandwidth limit Hi Luca, I don't have experience with the "inline mode" of PF. I haven't seen any options to do bandwidth limiting in the UI though, so I would not keep my hopes up. What controller do you have? On Thu, Sep 7, 2017 at 3:37 AM, luca comes via PacketFen

Re: [PacketFence-users] Bandwidth limit

limit will depend on the device doing the access. If its a fairly advanced wifi, you could do it, but might be impossible or hard on wired switches (especially lower end) On Mon, Sep 4, 2017 at 5:41 AM, luca comes via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packe

[PacketFence-users] Bandwidth limit

Dear all, I have a customer who need to restrict bandwidth to IP/user when they exceed the limit. Is there the possibility using PF? Can you drive me to documentation or some example to understand the possibilities? Thanks Luca Inviato da Outlook

Re: [PacketFence-users] Inconsistent roles in switches definition

acketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> wrote: On 7/13/17 04:31, luca comes via PacketFence-users wrote: Dear all, any suggestion on this problem? Is there a way to clean remove roles from pf? Any roles created and then removed fro

Re: [PacketFence-users] Inconsistent roles in switches definition

Dear all, any suggestion on this problem? Is there a way to clean remove roles from pf? Any roles created and then removed from roles.conf is shown even after reload. Thanks Luca Da: luca comes via PacketFence-users <packetfence-users@lists.sourceforge.

Re: [PacketFence-users] Machine authentication

Hi Fabrice, I solved my problem. You put me on the right way, I was doing an error in the base DN where PF was serching for machine names. I really thank you. Luca Inviato da Outlook<http://aka.ms/weboutlook> ____ Da: luca comes via PacketFence

Re: [PacketFence-users] Machine authentication

lunedì 10 luglio 2017 14:23 A: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and restart radius. Regards Fabrice

Re: [PacketFence-users] Machine authentication

Hi MJ, any help is really appreciated I'm also not a packetfence expert  The first error I think is not relevant because I'm not using SNMP I will check it after the basic config will run fine. The other one is strange, as I was writing to Fabrice my source is apparently correctly configured

Re: [PacketFence-users] Machine authentication

ers@lists.sourceforge.net> Inviato: lunedì 10 luglio 2017 14:23 A: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and resta

Re: [PacketFence-users] Machine authentication

net<mailto:packetfence-users@lists.sourceforge.net> Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and restart radius. Regards Fabrice Le 2017-07-10 à 05:58, luca comes via PacketFence-users a écrit :

Re: [PacketFence-users] Machine authentication

o: lunedì 10 luglio 2017 14:23 A: packetfence-users@lists.sourceforge.net Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and restart radius. Regards Fabrice Le 2017-07-10 à 05:58, luca comes via PacketFence-u

Re: [PacketFence-users] Machine authentication

rest: ERROR: {"Reply-Message":"CLI Access is not allowed by PacketFence on this switch","control:PacketFence-Authorization-Status":"allow"} Are you seeing this same message about CLI access? MJ On 07/10/2017 11:58 AM, luca comes via PacketFence-users

Re: [PacketFence-users] Machine authentication

is correctly configured the test are fine (wbinfo -u etc.). I added my domain to the LOCAL realm as per Antoine mail but is still doesn't work. Thanks for your help Luca Inviato da Outlook<http://aka.ms/weboutlook> ________ Da: luca comes via PacketFence-users

Re: [PacketFence-users] Machine authentication

ook> ____ Da: luca comes via PacketFence-users <packetfence-users@lists.sourceforge.net> Inviato: venerdì 7 luglio 2017 17:40 A: packetfence-users@lists.sourceforge.net Cc: luca comes Oggetto: Re: [PacketFence-users] Machine authentication Hi Antoine, thank you for

Re: [PacketFence-users] Machine authentication

ntrol -> realms Thanks On 07/07/2017 11:15 AM, luca comes via PacketFence-users wrote: Hi all, I'm trying to do machine authentication vs Windows AD but it doesn't work. I've created the domain and the realm but in the radius debug log I can see that it is not catching the correct realm: (20) F

[PacketFence-users] Machine authentication

Hi all, I'm trying to do machine authentication vs Windows AD but it doesn't work. I've created the domain and the realm but in the radius debug log I can see that it is not catching the correct realm: (20) Fri Jul 7 16:29:45 2017: Debug: Received Access-Request Id 103 from 10.10.10.4:1645

[PacketFence-users] Inconsistent roles in switches definition

Dear list, I'm facing a strange problem I'm sure you can help me to understand. During my tests I've created a role for machine authentication and applied to a test switch. After that I realized that the name was wrong (some capital letters inside the name wasMAchine_Auth_Role) so I decided to

Re: [PacketFence-users] Active Directory Domains problem

Ok guys, thank you again for your co-operation. Luca Inviato da Outlook Da: lists via PacketFence-users Inviato: martedì 27 giugno 2017 15:54 A: packetfence-users@lists.sourceforge.net Cc:

Re: [PacketFence-users] Active Directory Domains problem

t;) and PacketFence (www.packetfence.org<http://www.packetfence.org>) On Jun 26, 2017, at 02:45, luca comes via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> wrote: Hi all, any help on how can I troubleshoot the AD Joi

Re: [PacketFence-users] Active Directory Domains problem

Hi all, any help on how can I troubleshoot the AD Join problem? Also I need to remove all the folders inside /chroot/ created for my numerous tests, is that possible? Luca Inviato da Outlook<http://aka.ms/weboutlook> ____ Da: luca comes via PacketFence

[PacketFence-users] Active Directory Domains problem

Hi all, I'm going crazy to configure active directory domain as part of freeradius configuration. I'm running PF 7.1.0 on a CentOS 7 fresh minimal install. When I try to add the domain I've got error from the gui no useful log in log.winbindd. After that is impossible to access the again the

Re: [PacketFence-users] mab+802.1x authentication

esting with a client which is not in the domain. Thnaks On 06/07/2017 08:47 AM, luca comes via PacketFence-users wrote: Hi Antoine, I'm doing more tests but it's not so clear point 2. To match the new connection profile I need to specify also a source other than the connection type filter? In tha

Re: [PacketFence-users] mab+802.1x authentication

Hi Antoine, I'm doing more tests but it's not so clear point 2. To match the new connection profile I need to specify also a source other than the connection type filter? In that case which type of source should I add? I want that clients not 802.1x able or outside of my domain take a specific