Hi Fabrice,
Progress!
Mon Jul 6 07:30:37 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:30:37 2015 : Auth: rlm_perl: Returning vlan 21 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:31:40 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:31:40 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:32:12 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:32:12 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:32:59 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:32:59 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:33:31 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:33:31 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:39:46 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:39:46 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:40:19 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:40:19 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:41:48 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:41:48 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:42:11 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:42:11 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
Mon Jul 6 07:42:21 2015 : Auth: Login OK: [c0bdd1b3dd27] (from client
10.10.17.2 port 1 cli c0:bd:d1:b3:dd:27)
Mon Jul 6 07:42:21 2015 : Auth: rlm_perl: Returning vlan 25 to request from
c0:bd:d1:b3:dd:27 port 1
So I'm now able to connect to the Guest wifi with MAC auth turned on, login to
the Captive portal, however the redirect to the "Internet" SSID which is bound
to VLAN 25 is not working. I've confirmed AAA override option is ticked in the
SSID's.
Regards,
Greg
From: Durand fabrice [mailto:[email protected]]
Sent: Monday, 6 July 2015 2:30 AM
To: [email protected]
Subject: Re: [PacketFence-users] Issues with Packetfence 5.2 fresh install and
Cisco WLC
Hi Greg,
ok so it mean something is missing on the WLC.
Are you able to ping the management interface of the WLC from packetfence (and
the inverse)?
Did you follow this guide
http://www.packetfence.org/downloads/PacketFence/doc/PacketFence_Network_Devices_Configuration_Guide-5.2.0.pdf
page 77 ?
Regards
Fabrice
Le 2015-07-04 21:37, Greg M a écrit :
Hi Fabice,
Many thanks for your email.
When I run the raddebug command and login, there is no entries/logs
displayed during a login/connection to the captive portal.
Thanks,
Greg
From: Durand fabrice [mailto:[email protected]]
Sent: Sunday, 5 July 2015 2:30 AM
To:
[email protected]<mailto:[email protected]>
Subject: Re: [PacketFence-users] Issues with Packetfence 5.2 fresh install
and Cisco WLC
Hello Greg,
did you configure the WLC (Configuration -> Switch) in packetfence ?
What about "raddebug -d /usr/local/pf/raddb -t 3000" when you try to connect
on the ssid ?
Regards
Fabrice
Le 2015-07-04 13:35, Greg M a écrit :
Hi,
I am trying to get Packetfence setup with a Cisco WLC 2106 controller and
a number of various AP's.
The AP's and WLC themselves are fine, and I can successfully connect to
the unsecured Guest SSID, enter my username and password and sign in.
From there, however I get either the 'unable to detect network
connectivity' or 'your network should be enabled within a minute or two' - and
PF doesn't move me from my guest SSID to my secure, Internet-access SSID.
In the packetfence logs I see:
Jul 05 00:59:51 httpd.portal(2764) INFO: Authentication successful for
greg in source local (SQL) (pf::authentication::authenticate)
Jul 05 00:59:51 httpd.portal(2764) ERROR: attempt to add existing person
greg (pf::person::person_add)
Jul 05 00:59:51 httpd.portal(2764) INFO: Just finished seting the node up
(captiveportal::PacketFence::Controller::Authenticate::postAuthentication)
Jul 05 00:59:51 httpd.portal(2764) INFO: Passed by the provisioning
(captiveportal::PacketFence::Controller::Authenticate::postAuthentication)
Jul 05 00:59:51 httpd.portal(2764) INFO: [00:24:d6:02:71:e2]
re-evaluating access (manage_register called)
(pf::enforcement::reevaluate_access)
Jul 05 00:59:51 httpd.portal(2764) WARN: [00:24:d6:02:71:e2] Can't
re-evaluate access because no open locationlog entry was found
(pf::enforcement::reevaluate_access)
Jul 05 00:59:51 httpd.portal(3433) INFO: Matched IP '10.10.21.11' to MAC
address '00:24:d6:02:71:e2' using SQL 'iplog' table (pf::iplog::ip2mac)
On the WLC I am seeing :
17 Sun Jul 5 00:36:11 2015 RADIUS server 10.10.17.250:1812
failed to respond to request (ID 10) for client 00:24:d6:02:71:e2 / user
'unknown'
And further testing:
root@pf:/usr/local/pf/logs# radtest execution query 10.10.17.250 12
testing123
Sending Access-Request of id 20 to 10.10.17.250 port 1812
User-Name = "execution"
User-Password = "query"
NAS-IP-Address = 10.10.17.250
NAS-Port = 12
Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 20 to 10.10.17.250 port 1812
User-Name = "execution"
User-Password = "query"
NAS-IP-Address = 10.10.17.250
NAS-Port = 12
Message-Authenticator = 0x00000000000000000000000000000000
Sending Access-Request of id 20 to 10.10.17.250 port 1812
User-Name = "execution"
User-Password = "query"
NAS-IP-Address = 10.10.17.250
NAS-Port = 12
Message-Authenticator = 0x00000000000000000000000000000000
radclient: no response from server for ID 20 socket 3
So is the issue with the PF Radius install? Is there something simple
that needs to be done to fix this ?
Many thanks,
Greg
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
