Could there be a deauthenticate issue with the
pf/lib/pf/SNMP/Cisco/WLC_2106.pm script? When I do a packet capture while
executing "./pfcmd_vlan -deauthenticate -switch x.x.x.x -mac
xx:xx:xx:xx:xx:xx" I don't see any traffic between the packetfence server
or the wireless controller. Any ideas?
On a little bit of a different note. I noticed in the WLC_2106.pm SNMP
script that the controller has an "issue with Windows7" but it does not go
into more depth. Does anyone know what that issue might me?
As always, thanks for the help!
Jordan
On Thu, Dec 8, 2011 at 11:10 AM, Jordan Hinman <jord...@eics.ab.ca> wrote:
> Ok, so I can telnet in to the controller from my packtefence server,
> execute "config client deauthenticate xx:xx:xx:xx:xx:xx" on the controller
> itself, and then the device is put on the right vlan. When I run the
> pfcmd_vlan command I get the following error. I have checked the passwords,
> cli interface, and snmp private string in the switches.conf file and they
> all seem to be fine. Where else can I look to see what is preventing
> PacketFence from properly deauthenticating my clients after registration?
> Thanks!
>
> /usr/local/pf/bin/pfcmd_vlan -deauthenticate -switch 192.168.1.11 -mac
> 00:1e:65:1f:4e:fc -verbose 4
> DEBUG - instantiating new SwitchFactory object
> DEBUG - reading config file /usr/local/pf/conf/switches.conf
> DEBUG - creating new pf::SNMP::Cisco::WLC_2106 object
> DEBUG - start handling 'deauthenticate' command
> ERROR - ERROR: Can not connect to WLC 192.168.1.11 using Telnet
> DEBUG - finished handling 'deauthenticate' command
>
>
> On Thu, Dec 8, 2011 at 9:14 AM, Francois Gaudreault <
> fgaudrea...@inverse.ca> wrote:
>
>> **
>> Ah! Yes, that would help. But what misleaded me is when you said that
>> you rebooted the client, and it did get the same VLAN even if it was reg.
>>
>>
>> On 11-12-08 11:10 AM, Jordan Hinman wrote:
>>
>> Hmm, that's odd. I have read about pkm caching but I am not using wpa2. I
>> do get an error in the packetfence log stating that packetfence cannot
>> telnet into controller. Is it trying to deauthenticate the wireless
>> clients? If I fix telnet to the controller would that fix my issue? Also I
>> am using a Cisco Wireless Controler Model 2006 not a 2106. I'm not sure if
>> that makes a difference. Thanks!
>>
>> Jordan
>>
>> On Thu, Dec 8, 2011 at 7:20 AM, Francois Gaudreault <
>> fgaudrea...@inverse.ca> wrote:
>>
>>> Hi Jordan,
>>>
>>> > When I connect a new client to the ssid I get placed on
>>> > the appropriated registration vlan, and I can then register in
>>> > PacketFence. But after I reboot the computer I am then placed back
>>> > onto the registration vlan not onto the regular vlan. When watching
>>> > radiusd -X I see the controller perform an authentication request the
>>> > first time I connect but not after. I have to "remove" the client from
>>> > the controller, then re join the appropriate ssid, then the controller
>>> > will do another radius authentication request and put me on the
>>> > correct vlan.
>>> >
>>> > Is there any way to force my cisco wireless controller to do a radius
>>> > authentication request every time a client connects to the ssid?
>>> > Should I be looking somewhere else? Thanks for the help!
>>> Not really, except if the controller has an option to disable it. Are
>>> you running the latest firmware? We are seeing this when people use
>>> WPA2-Enterprise with PMK Caching enabled on the client, but not on mac
>>> authentication.
>>>
>>> --
>>> Francois Gaudreault, ing. jr
>>> fgaudrea...@inverse.ca :: +1.514.447.4918 (x130) :: www.inverse.ca
>>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
>>> www.packetfence.org)
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Cloud Services Checklist: Pricing and Packaging Optimization
>>> This white paper is intended to serve as a reference, checklist and
>>> point of
>>> discussion for anyone considering optimizing the pricing and packaging
>>> model
>>> of a cloud services business. Read Now!
>>> http://www.accelacomm.com/jaw/sfnl/114/51491232/
>>> _______________________________________________
>>> Packetfence-users mailing list
>>> Packetfence-users@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>>
>>
>>
>>
>> --
>> *Jordan Hinman*
>> Network Analyst | Technology Services | Elk Island Catholic Schools
>> T: (780) 449-6484 ext. 222 | E: jord...@eics.ab.ca
>>
>>
>> ------------------------------------------------------------------------------
>> Cloud Services Checklist: Pricing and Packaging Optimization
>> This white paper is intended to serve as a reference, checklist and point of
>> discussion for anyone considering optimizing the pricing and packaging model
>> of a cloud services business. Read
>> Now!http://www.accelacomm.com/jaw/sfnl/114/51491232/
>>
>>
>> _______________________________________________
>> Packetfence-users mailing
>> listPacketfence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>>
>> --
>> Francois Gaudreault, ing. jrfgaudrea...@inverse.ca :: +1.514.447.4918
>> (x130) :: www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
>> (www.packetfence.org)
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Cloud Services Checklist: Pricing and Packaging Optimization
>> This white paper is intended to serve as a reference, checklist and point
>> of
>> discussion for anyone considering optimizing the pricing and packaging
>> model
>> of a cloud services business. Read Now!
>> http://www.accelacomm.com/jaw/sfnl/114/51491232/
>> _______________________________________________
>> Packetfence-users mailing list
>> Packetfence-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>
>
> --
> *Jordan Hinman*
> Network Analyst | Technology Services | Elk Island Catholic Schools
> T: (780) 449-6484 ext. 222 | E: jord...@eics.ab.ca
>
>
--
*Jordan Hinman*
Network Analyst | Technology Services | Elk Island Catholic Schools
T: (780) 449-6484 ext. 222 | E: jord...@eics.ab.ca
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and point of
discussion for anyone considering optimizing the pricing and packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/
_______________________________________________
Packetfence-users mailing list
Packetfence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
