Hi all,
I've completed the upgrade from 2.2.0 to 3.3.1
The issue I'm running into is that although clients are being allowed onto the
network, they are all just dropping into the default VLAN (VLAN 1)
Looking at the debug output from radius -X it looks like the RADIUS attributes
aren't being returned to the switch. On my existing (and working) 2.2.0 PF
server I see something like
++[exec] returns noop
rlm_perl: PacketFence RESULT VLAN: 3
rlm_perl: PacketFence RESULT RESPONSE CODE: 2 (2 means OK)
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair Service-Type = Framed-User
rlm_perl: Added pair Calling-Station-Id = 0018-8bce-22db
rlm_perl: Added pair Framed-Protocol = PPP
rlm_perl: Added pair User-Name = 00-18-8b-ce-22-db
rlm_perl: Added pair User-Password = 00-18-8b-ce-22-db
rlm_perl: Added pair NAS-Identifier = 4001c6636942
rlm_perl: Added pair NAS-Port = 16822275
rlm_perl: Added pair NAS-IP-Address = 163.1.40.87
rlm_perl: Added pair Tunnel-Private-Group-ID = 3
rlm_perl: Added pair Tunnel-Medium-Type = 6
rlm_perl: Added pair Tunnel-Type = 13
rlm_perl: Added pair Auth-Type = Accept
On the new server I just see
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.1.1 port 1024, id=10,
length=107
User-Name = "00188bce22db"
User-Password = "00188bce22db"
NAS-IP-Address = 192.168.1.1
NAS-Identifier = "PF-TEST"
NAS-Port = 16781313
NAS-Port-Type = Ethernet
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "0018-8bce-22db"
# Executing section authorize from file /etc/raddb/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "00188bce22db", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry DEFAULT at line 1
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set. Not setting to PAP
++[pap] returns noop
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
# Executing section post-auth from file /etc/raddb/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 10 to 192.168.1.1 port 1024
Finished request 0.
Going to the next request
So it appears that perhaps a module or something isn't being called in
post-auth? I must have missed some config on the freeradius side, I've had a
quick poke around but can't see what.
Any ideas...?
Regards,
Mark
Nuffield College is a Registered Charity No. 1137506. Registered Office:
Nuffield College, New Road, Oxford, OX1 1NF
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
