Please see previous post prior to this one.
So, I have things back to how they were behaving previously.
I connect to 802.1x, packetfence provides an IP on the normal VLAN, I can
ping addresses outside of the VLAN, but cannot get on the internet.
It does not change my device into the correct VLAN.
I have set the trap on my wireless controller and send notifications to
packetfence.
It looks like it is similar to the bug on this page:
http://www.packetfence.org/bugs/view.php?id=1098
I am trying to read Olivier's post very carefully to understand.
Here is my log:
Dec 14 15:24:45 pfdhcplistener(31076) INFO: DHCPREQUEST from
00:16:ea:b9:d1:cc (10.39.13.253) (main::listen_dhcp)
Dec 14 15:24:45 pfdhcplistener(31076) INFO: 00:16:ea:b9:d1:cc requested an
IP. DHCP Fingerprint: OS::505 (Ubuntu/Debian 5/Knoppix 6). Modified node
with last_dhcp = 2011-12-14 15:24:45,computername =
ad14057,dhcp_fingerprint = 1,28,2,3,15,6,119,12,44,47,26,121,42
(main::listen_dhcp)
Dec 14 15:24:45 pfdhcplistener(31076) INFO: DHCPACK from 10.39.8.3
(00:0c:29:31:7e:e5) to host 00:16:ea:b9:d1:cc (10.39.13.253)
(main::listen_dhcp)
Dec 14 15:24:45 pfdhcplistener(31076) INFO: DHCPACK from 10.39.8.3
(00:0c:29:31:7e:e5) to host 00:16:ea:b9:d1:cc (10.39.13.253)
(main::listen_dhcp)
Dec 14 15:24:46 pfsetvlan(23) INFO: ignoring unknown trap:
2011-12-14|21:24:45|UDP: [10.39.4.248]:162|10.39.4.248|BEGIN TYPE 6 END
TYPE BEGIN SUBTYPE .67 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.4.1.45.6.1.2.10.0 = STRING: "test"|.1.3.6.1.4.1.45.6.1.2.15.0 =
STRING: "SESS-1023-f84320-897913-08d5"|.1.3.6.1.4.1.45.6.1.2.4.0 =
Hex-STRING: 00 16 EA B9 D1 CC |.1.3.6.1.4.1.45.6.1.2.14.0 = IpAddress:
0.0.0.0|.1.3.6.1.4.1.45.6.1.2.17.0 = STRING:
"default"|.1.3.6.1.4.1.45.6.1.2.12.0 = INTEGER:
4|.1.3.6.1.4.1.45.6.1.2.11.0 = IpAddress:
10.39.8.3|.1.3.6.1.4.1.45.6.1.2.16.0 = INTEGER:
7|.1.3.6.1.4.1.45.6.1.2.90.0 = INTEGER: 2|.1.3.6.1.4.1.45.6.1.2.92.0 =
Gauge32: 0|.1.3.6.1.4.1.45.6.1.2.87.0 = Gauge32:
106|.1.3.6.1.4.1.45.6.1.2.7.0 = INTEGER: 1|.1.3.6.1.4.1.45.6.1.2.38.0 =
STRING: "Network"|.1.3.6.1.4.1.45.6.1.2.101.0 = INTEGER:
4|.1.3.6.1.4.1.45.6.1.2.46.0 = INTEGER: 3|.1.3.6.1.4.1.45.6.1.2.48.0 =
INTEGER: 1023|.1.3.6.1.4.1.45.6.1.2.91.0 = INTEGER: 2 END VARIABLEBINDINGS
(main::parseTrap)
Dec 14 15:24:46 pfsetvlan(25) INFO: ignoring unknown trap:
2011-12-14|21:24:45|UDP: [10.39.4.248]:162|10.39.4.248|BEGIN TYPE 6 END
TYPE BEGIN SUBTYPE .39 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.4.1.45.6.1.2.10.0 = STRING: "test"|.1.3.6.1.4.1.45.6.1.2.15.0 =
STRING: "SESS-1023-f84320-897913-08d5"|.1.3.6.1.4.1.45.6.1.2.4.0 =
Hex-STRING: 00 16 EA B9 D1 CC |.1.3.6.1.4.1.45.6.1.2.14.0 = IpAddress:
10.39.13.253|.1.3.6.1.4.1.45.6.1.2.17.0 = STRING:
"default"|.1.3.6.1.4.1.45.6.1.2.12.0 = INTEGER:
4|.1.3.6.1.4.1.45.6.1.2.11.0 = IpAddress:
10.39.8.3|.1.3.6.1.4.1.45.6.1.2.16.0 = INTEGER:
7|.1.3.6.1.4.1.45.6.1.2.31.0 = INTEGER: 2|.1.3.6.1.4.1.45.6.1.2.6.0 =
INTEGER: 0|.1.3.6.1.4.1.45.6.1.2.7.0 = INTEGER:
1|.1.3.6.1.4.1.45.6.1.2.13.0 = INTEGER: 106|.1.3.6.1.4.1.45.6.1.2.38.0 =
STRING: "Network"|.1.3.6.1.4.1.45.6.1.2.46.0 = INTEGER:
3|.1.3.6.1.4.1.45.6.1.2.48.0 = INTEGER: 1023|.1.3.6.1.4.1.45.6.1.2.69.0 =
INTEGER: 1 END VARIABLEBINDINGS (main::parseTrap)
I have been stuck on this for a while :(
On Wed, Dec 14, 2011 at 12:22 PM, lint <[email protected]> wrote:
> Yes, I did restart the service.
>
> I have redesigned everything now as well. I eliminated one VLAN interface
> so that I only have VLANs 96-100 now.
>
> VLAN 100 normal, management
> VLAN 99 registration
> VLAN 98 isolation
> VLAN 97 mac detection (no ip configured)
> VLAN 96 inline
>
> I am not using inline mode as I am out of band.
>
> Can you verify my logic?
>
> Switch has a trunked port for VLANs 96-100 (IPs are .1 in each VLAN)
> Wireless switch has VLANs 96-100 (IPs are .2 in each VLAN
> Server has VLANs 96-100 (IPs are .3 in each VLAN)
>
> Traffic flows from AP to controller (via a tunnel), then controller sends
> 802.1x to packetfence/radius, then packetfence should assign DHCP with the
> correct VLAN.
>
> Problem: 802.1x is complete, but the IP is assigned from the wrong VLAN.
>
> Do I understand things correctly?
>
>
> On Wed, Dec 14, 2011 at 11:53 AM, Francois Gaudreault <
> [email protected]> wrote:
>
>> **
>> When you fixed your switches.conf, did you restart packetfence?
>>
>>
>> On 11-12-14 11:14 AM, lint wrote:
>>
>> I believe I need to focus on why the VLANs are not changing. Basically,
>> why it places me into the normal VLAN when PacketFence knows that I am
>> unregistered. I can access the portal automatically by using local DNS, so
>> I know that is not the issue.
>>
>> Any ideas why I am being placed into the normal VLAN instead of the
>> registration?
>>
>> On Tue, Dec 13, 2011 at 11:44 AM, lint <[email protected]> wrote:
>>
>>> PacketFence is behaving differently now.
>>>
>>> I receive an IP from PacketFence. It still places me into the normal
>>> VLAN though (not sure why). Then, I can only ping the devices in the
>>> normal VLAN. Captive portal page does load by default. I must type the
>>> URL manually, and can only access by IP. DNS is not allowed because the
>>> IP of the DNS server is on the management network.
>>>
>>> The switch, wireless controller and PacketFence are all aware of the
>>> VLANs. Switch is x.x.x.1, wireless is x.x.x.2, and PacketFence is x.x.x.3
>>> on each.
>>>
>>> I know that my design must be flawed somewhere. Any thoughts?
>>>
>>>
>> ------------------------------------------------------------------------------
>> Cloud Computing - Latest Buzzword or a Glimpse of the Future?
>> This paper surveys cloud computing today: What are the benefits?
>> Why are businesses embracing it? What are its payoffs and
>> pitfalls?http://www.accelacomm.com/jaw/sdnl/114/51425149/
>>
>>
>> _______________________________________________
>> Packetfence-users mailing
>> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>>
>> --
>> Francois Gaudreault, ing. [email protected] :: +1.514.447.4918
>> (x130) :: www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
>> (www.packetfence.org)
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Cloud Computing - Latest Buzzword or a Glimpse of the Future?
>> This paper surveys cloud computing today: What are the benefits?
>> Why are businesses embracing it? What are its payoffs and pitfalls?
>> http://www.accelacomm.com/jaw/sdnl/114/51425149/
>> _______________________________________________
>> Packetfence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>>
>
------------------------------------------------------------------------------
Cloud Computing - Latest Buzzword or a Glimpse of the Future?
This paper surveys cloud computing today: What are the benefits?
Why are businesses embracing it? What are its payoffs and pitfalls?
http://www.accelacomm.com/jaw/sdnl/114/51425149/
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
