Ok so you use vlan_filter too, so i need more details.
Can you provide these files:
vlan_filters.conf
profile.conf
authentication.conf
Regards
Fabrice
Le 2015-04-02 16:07, Sergio Martinez Tagliafico a écrit :
I have defined the filter with a ldap source (from the portal profile
preview the authz run fine) but the internal source is not used.
[default]
description=Default Profile
logo=/common/packetfence-cp.png
billing_engine=disabled
redirecturl=http://www.packetfence.org/
always_use_redirecturl=disabled
mandatory_fields=firstname,lastname,phone,email
locale=en_US
nbregpages=0
filter_match_style=any
block_interval=10m
sms_pin_retry_limit=0
sms_request_limit=0
login_attempt_limit=0
dot1x_recompute_role_from_portal=enabled
reuse_dot1x_credentials=0
sources=
provisioners=
[SW]
locale=
filter=switch:180.184.226.50
mandatory_fields=
sources=ad.domain.com <http://ad.domain.com>
Apr 02 16:58:04 httpd.aaa(5039) INFO: [44:37:e6:xx:xx:xx] handling
radius autz request: from switch_ip => (x.x.x.x), connection_type =>
Ethernet-EAP,switch_mac => (Unknown), mac => [44:37:e6:e3:86:1f], port
=> 10001, username => "DDDD\\uuuu" (pf::radius::authorize)
Apr 02 16:58:04 httpd.aaa(5039) INFO: Could not find any IP phones
through discovery protocols for ifIndex 10001
(pf::Switch::getPhonesDPAtIfIndex)
Apr 02 16:58:04 httpd.aaa(5039) INFO: [44:37:e6:xx:xx:xx] Match Vlan
rule: 1:EthernetEAP (pf::vlan::filter::test)
Apr 02 16:58:04 httpd.aaa(5039) WARN: Trying to compute the unreg date
from an undefined value. Stopping processing and making unreg date
undefined. (pf::config::dynamic_unreg_date)
2015-04-02 16:13 GMT-03:00 Durand fabrice <[email protected]
<mailto:[email protected]>>:
Hello Sergio,
let's configure a portal profile with filter switch : x.x.x.x and
add the ldap source on it and retry.
Regards
Fabrice
Le 2015-04-02 15:07, Sergio Martinez Tagliafico a écrit :
Hi friends,
I am in my first experience with packetfence and i am getting
some issues.
One of those is that I do not undertand why with 802.1x dos not
use internal sources. Below is the log when radius handle an
authz request:
Apr 02 15:29:21 httpd.aaa(3355) INFO: [44:37:e6:x:x:x] handling
radius autz request: from switch_ip => (x.x.x.x), connection_type
=> Ethernet-EAP,switch_mac => (Unknown), mac => [44:37:e6:x:x:x],
port => 10001, username => "DDDD\\uuuu" (pf::radius::authorize)
Apr 02 15:29:21 httpd.aaa(3355) INFO: Could not find any IP
phones through discovery protocols for ifIndex 10001
(pf::Switch::getPhonesDPAtIfIndex)
The authz is performed like is described in the Administration
Guide, under FreeRADIUS Configuration, but the internal sources
(I have cofigure a LDAP source) are not used.
Can someone help me?
Thanks in advance.
Sergio
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website,
sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for
all
things parallel software development, from weekly thought leadership blogs
to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now.http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel
Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your
hub for all
things parallel software development, from weekly thought
leadership blogs to
news, videos, case studies, tutorials and more. Take a look and
join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
