I run /usr/local/pf/bin/pfcmd fixpermissions and now it works fine! :-)
Thanks you very much Fabrice!
Have a good day!
Kind Regards,
Rosario Ippolito
2015-02-09 15:02 GMT+01:00 Fabrice DURAND <[email protected]>:
> The configuration is in conf/authentication.conf but this time i am not
> able to reproduce so let´s try a pfcmd fixpermission and retry.
> Regards
> Fabrice
>
>
> Le 2015-02-09 08:40, Rosario Ippolito a écrit :
> > Ok, it works!! Now I can add the RADIUS and Kerberos source from the
> > Web Interface, but I can't configure it! The Web Interface shows me
> > this error when I try to save the configuration in a new source RADIUS:
> >
> > "Error! Error writing authentication configuration"
> >
> > And again, nothing is reported in the httpd.admin.log file..
> >
> > This is my configuration of /usr/local/pf/raddb/sites-enabled/packetfence
> >
> > server packetfence {
> >
> > authorize {
> > suffix
> > preprocess
> > eap {
> > ok = return
> > }
> > files
> > expiration
> > logintime
> >
> > update request {
> > FreeRADIUS-Client-IP-Address := "%{Packet-Src-IP-Address}"
> > }
> > update control {
> > PacketFence-RPC-Server = ${rpc_host}
> > PacketFence-RPC-Port = ${rpc_port}
> > PacketFence-RPC-User = ${rpc_user}
> > PacketFence-RPC-Pass = ${rpc_pass}
> > PacketFence-RPC-Proto = ${rpc_proto}
> > }
> > packetfence
> > pap
> > }
> >
> > authenticate {
> >
> > Auth-Type PAP {
> > pap
> > }
> >
> >
> > Auth-Type MS-CHAP {
> > mschap
> > }
> > eap
> > }
> >
> > preacct {
> >
> > preprocess
> > acct_unique
> > suffix
> > files
> > }
> >
> > accounting {
> >
> > sql
> > attr_filter.accounting_response
> > update control {
> > PacketFence-RPC-Server = ${rpc_host}
> > PacketFence-RPC-Port = ${rpc_port}
> > PacketFence-RPC-User = ${rpc_user}
> > PacketFence-RPC-Pass = ${rpc_pass}
> > PacketFence-RPC-Proto = ${rpc_proto}
> > }
> > packetfence
> > }
> >
> > session {
> >
> > radutmp
> >
> > }
> >
> > post-auth {
> > exec
> > skip packetfence if we have already treated it in the
> > inner-tunnel
> > if (!EAP-Type || (EAP-Type != EAP-TTLS && EAP-Type != PEAP)) {
> > update control {
> > PacketFence-RPC-Server = ${rpc_host}
> > PacketFence-RPC-Port = ${rpc_port}
> > PacketFence-RPC-User = ${rpc_user}
> > PacketFence-RPC-Pass = ${rpc_pass}
> > PacketFence-RPC-Proto = ${rpc_proto}
> > }
> > packetfence
> > }
> > Post-Auth-Type REJECT {
> > attr_filter.access_reject
> > }
> > }
> >
> > pre-proxy {
> > }
> >
> > post-proxy {
> > eap
> > }
> >
> > }
> >
> > There is some misconfiguration?
> > The file authentication.conf is the same to that of the previous mail..
> > Thanks a lot for the help,
> >
> > Regards.
> >
> > Rosario Ippolito
> >
> > 2015-02-06 17:28 GMT+01:00 Rosario Ippolito <[email protected]
> > <mailto:[email protected]>>:
> >
> > Thanks for the prompt reply, but unfortunately for this weekend I
> > will not be in lab.. :-(
> >
> > Monday I shall give you a complete answer!
> >
> > Again thanks you very much, and congratulations on the excellent
> > work and support!
> > Best regards,
> >
> > Rosario Ippolito
> >
> > Il 06/feb/2015 15:24 "Fabrice DURAND" <[email protected]
> > <mailto:[email protected]>> ha scritto:
> >
> > Hello Rosario,
> >
> > Can you run /usr/local/pf/addons/pf-maint.pl
> > <http://pf-maint.pl> and restart packetfence and
> > retry ?
> >
> > Regards
> > Fabrice
> >
> > Le 2015-02-06 06:45, Rosario Ippolito a écrit :
> > > Hi all,
> > > I have updated PacketFence to 4.6 version. In the 4.5
> > version I had
> > > setup a Radius authentication with flat file, Users, and I
> > have added
> > > the authentication source from the Web Interface in the
> > Configuration
> > > -> Sources -> Add Source, and it worked fine, so I added the
> > Rule to
> > > the Radius source and I can manage them from there. After
> > updating I
> > > can't add anymore a Radius Source, Web Interface says
> > >
> > > "Error! An error occured while contacting the server. Please
> > try again
> > > later."
> > >
> > > But, I have the configuration of the past Radius in the
> > > authentication.conf file :
> > >
> > > #[packetfence]
> > > #description=Authenticate against the local RADIUS server
> > > #secret=testing123
> > > #port=1812
> > > #type=RADIUS
> > > #host=192.168.1.5
> > >
> > > #[packetfence rule Staff]
> > > #description=Staff Vlan
> > > #match=any
> > > #action0=set_role=Staff
> > > #action1=set_unreg_date=2015-01-30
> > > #condition0=username,equals,robib
> > > #condition1=username,equals,NicZ
> > >
> > > #[packetfence rule Student]
> > > #description=Student Vlan
> > > #match=all
> > > #action0=set_role=Student
> > > #action1=set_access_duration=1D
> > >
> > > [local]
> > > description=Local Users
> > > type=SQL
> > >
> > > [file1]
> > > description=Legacy Source
> > > path=/usr/local/pf/conf/admin.conf
> > > type=Htpasswd
> > >
> > > [file1 rule admins]
> > > description=All admins
> > > match=all
> > > action0=set_access_level=ALL
> > >
> > > [sms]
> > > description=SMS-based registration
> > >
> >
>
> sms_carriers=100056,100057,100061,100058,100059,100060,100062,100063,100071,100064,100116,100066,100117,100112,100067,100065,100068,100069,100070,100118,100115,100072,100073,100074,100075,100076,100077,100085,100086,100080,100079,100081,100083,100082,100084,100087,100088,100111,100089,100090,100091,100092,100093,100094,100095,100096,100098,100097,100099,100100,100101,100113,100102,100103,100104,100106,100105,100107,100108,100109,100114,100110,100078
> > > type=SMS
> > > create_local_account=no
> > >
> > > [sms rule catchall]
> > > description=
> > > match=all
> > > action0=set_role=guest
> > > action1=set_access_duration=1D
> > >
> > > [email]
> > > description=Email-based registration
> > > email_activation_timeout=10m
> > > type=Email
> > > allow_localdomain=yes
> > > create_local_account=no
> > >
> > > [email rule catchall]
> > > description=
> > > match=all
> > > action0=set_role=guest
> > > action1=set_access_duration=1D
> > >
> > > [sponsor]
> > > description=Sponsor-based registration
> > > type=SponsorEmail
> > > allow_localdomain=yes
> > > create_local_account=no
> > >
> > > [sponsor rule catchall]
> > > description=
> > > match=all
> > > action0=set_role=guest
> > > action1=set_access_duration=1D
> > >
> > > [null]
> > > description=Null Source
> > > type=Null
> > > email_required=no
> > >
> > > if I uncomment the old Radius section, the "packetfence"
> > source of the
> > > Radius appear, and it works fine, but when i try to acces to
> > it the
> > > same alert is show
> > >
> > > "Error! An error occured while contacting the server. Please
> > try again
> > > later."
> > >
> > > Nothing about this is reported in the httpd.admin.log file..
> > > there may be problems with the old configuration, once I
> > have done the
> > > update?
> > >
> > > Thanks to everybody in advance,
> > > Kind regards,
> > >
> > > Rosario Ippolito
> > >
> > >
> > >
> > >
> >
>
> ------------------------------------------------------------------------------
> > > Dive into the World of Parallel Programming. The Go Parallel
> > Website,
> > > sponsored by Intel and developed in partnership with
> > Slashdot Media, is your
> > > hub for all things parallel software development, from
> > weekly thought
> > > leadership blogs to news, videos, case studies, tutorials
> > and more. Take a
> > > look and join the conversation now.
> > http://goparallel.sourceforge.net/
> > >
> > >
> > > _______________________________________________
> > > PacketFence-users mailing list
> > > [email protected]
> > <mailto:[email protected]>
> > > https://lists.sourceforge.net/lists/listinfo/packetfence-users
> >
> >
> > --
> > Fabrice Durand
> > [email protected] <mailto:[email protected]> ::
> > +1.514.447.4918 <tel:%2B1.514.447.4918> (x135) ::
> > www.inverse.ca <http://www.inverse.ca>
> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and
> > PacketFence (http://packetfence.org)
> >
> >
> >
>
> ------------------------------------------------------------------------------
> > Dive into the World of Parallel Programming. The Go Parallel
> > Website,
> > sponsored by Intel and developed in partnership with Slashdot
> > Media, is your
> > hub for all things parallel software development, from weekly
> > thought
> > leadership blogs to news, videos, case studies, tutorials and
> > more. Take a
> > look and join the conversation now.
> > http://goparallel.sourceforge.net/
> > _______________________________________________
> > PacketFence-users mailing list
> > [email protected]
> > <mailto:[email protected]>
> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
> >
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Dive into the World of Parallel Programming. The Go Parallel Website,
> > sponsored by Intel and developed in partnership with Slashdot Media, is
> your
> > hub for all things parallel software development, from weekly thought
> > leadership blogs to news, videos, case studies, tutorials and more. Take
> a
> > look and join the conversation now. http://goparallel.sourceforge.net/
> >
> >
> > _______________________________________________
> > PacketFence-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
> --
> Fabrice Durand
> [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (
> http://packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> Dive into the World of Parallel Programming. The Go Parallel Website,
> sponsored by Intel and developed in partnership with Slashdot Media, is
> your
> hub for all things parallel software development, from weekly thought
> leadership blogs to news, videos, case studies, tutorials and more. Take a
> look and join the conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
