Le 2014-10-07 15:04, denis bonnenfant a écrit : > Le 07/10/2014 18:40, Fabrice DURAND a écrit : >> Ok so your rule is correct. >> >> Did you added custom code in the vlan/custom.pm file ? > Yes, I was previously using autoregister, but I comment it on back and > replaced it by vlan_filter, so now I'm using the original file. > >> When the device connect on the secure SSID, what is the portal profile >> it will hit and in this portal profile do you have your se3_utilisateurs >> authentication source ? > I haven't configured it, as with autoregistration for 802.1x Secure > SSID, I guessed that 802.1x users would never be put on registration > vlan and be caught by captive portal. Did I missed something ? Is portal > configuration used for already registered devices and users too ? In fact it can be important to create a portal profile for this secure ssid. When packetfence try to match a role based on the username (What you did manually with ./pftest authentication denis.bonnenfant password , it matched the rule but authentication failed), by default it will use the default portal profile. But if you add a portal profile based on the secure ssid name then it will follow all the authentication sources you configure on this portal and the first match win.
So try to add a portal based on the ssid name and add only the Active Directory Source. Also can you do a select * from node where mac="44:74:6c:50:25:e7"; and paste the result. Regards Fabrice > Denis > > ------------------------------------------------------------------------------ > Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer > Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports > Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper > Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer > http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
