Dear All
I'm new one on packetfence. I installed and setup PFence ZEN 6.4.0 on
VMware.
My network diagram is shown below:
| VMware |
| PFence | <--trunk--> SW <--trunk--> RTR <--trunk--> SW <--trunk-->
AIR-AP1242G-E-K9
PFence management IP: 192.168.140.1
RTR IP: 192.168.140.2
10.0.0.1
AP IP: 10.0.0.2
Then I try connect to SSID, following LOG on AP:
*Jan 25 11:27:57.635: %RADIUS-4-RADIUS_DEAD: RADIUS server
192.168.140.1:1812,1813 is not responding.
*Jan 25 11:27:57.636: %RADIUS-4-RADIUS_ALIVE: RADIUS server
192.168.140.1:1812,1813 is being marked alive.
*Jan 25 11:28:07.075: %DOT11-7-AUTH_FAILED: Station 344d.f74a.dc5f
Authentication failed
PFence LOG:
tail -f /usr/local/pf/logs/packetfence.log
Jan 24 22:45:04 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] handling
radius autz request: from switch_ip => (10.0.0.2), connection_type =>
Wireless-802.11-NoEAP,switch_mac => (00:3a:98:1e:c6:20), mac =>
[34:4d:f7:4a:dc:5f], port => 292, username => "344df74adc5f", ssid =>
PacketFence-Public (pf::radius::authorize)
Jan 24 22:45:04 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] Instantiate
profile default (pf::Portal::ProfileFactory::_from_profile)
Jan 24 22:45:04 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] is of status
unreg; belongs into registration VLAN (pf::role::getRegistrationRole)
Jan 24 22:45:04 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] (10.0.0.2)
Added VLAN 130 to the returned RADIUS Access-Accept
(pf::Switch::returnRadiusAccessAccept)
Jan 24 22:45:07 pfsetvlan(2) INFO: nb of items in queue: 1; nb of threads
running: 0 (main::startTrapHandlers)
Jan 24 22:45:07 pfsetvlan(2) INFO: Memory configuration is not valid anymore
for key config::Switch in local cached_hash
(pfconfig::cached::get_from_subcache)
Jan 24 22:45:07 pfsetvlan(2) INFO: doWeActOnThisTrap returns false. Stop
dot11Deauthentication handling (main::handleTrap)
Jan 24 22:45:07 pfsetvlan(3) INFO: nb of items in queue: 1; nb of threads
running: 0 (main::startTrapHandlers)
Jan 24 22:45:07 pfsetvlan(3) INFO: doWeActOnThisTrap returns false. Stop
dot11Deauthentication handling (main::handleTrap)
Jan 24 22:45:07 pfsetvlan(3) INFO: finished (main::cleanupAfterThread)
Jan 24 22:45:07 pfsetvlan(2) INFO: finished (main::cleanupAfterThread)
Jan 24 22:45:25 pfsetvlan(5) INFO: nb of items in queue: 1; nb of threads
running: 0 (main::startTrapHandlers)
Jan 24 22:45:25 pfsetvlan(5) INFO: doWeActOnThisTrap returns false. Stop
dot11Deauthentication handling (main::handleTrap)
Jan 24 22:45:25 pfsetvlan(5) INFO: finished (main::cleanupAfterThread)
Jan 24 22:47:08 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] handling
radius autz request: from switch_ip => (10.0.0.2), connection_type =>
Wireless-802.11-NoEAP,switch_mac => (00:3a:98:1e:c6:20), mac =>
[34:4d:f7:4a:dc:5f], port => 293, username => "344df74adc5f", ssid =>
PacketFence-Public (pf::radius::authorize)
Jan 24 22:47:08 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] Instantiate
profile default (pf::Portal::ProfileFactory::_from_profile)
Jan 24 22:47:08 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] is of status
unreg; belongs into registration VLAN (pf::role::getRegistrationRole)
Jan 24 22:47:08 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] (10.0.0.2)
Added VLAN 130 to the returned RADIUS Access-Accept
(pf::Switch::returnRadiusAccessAccept)
Jan 24 22:47:29 pfsetvlan(3) INFO: nb of items in queue: 1; nb of threads
running: 0 (main::startTrapHandlers)
Jan 24 22:47:29 pfsetvlan(3) INFO: doWeActOnThisTrap returns false. Stop
dot11Deauthentication handling (main::handleTrap)
Jan 24 22:47:29 pfsetvlan(3) INFO: finished (main::cleanupAfterThread)
Jan 24 22:47:52 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] handling
radius autz request: from switch_ip => (10.0.0.2), connection_type =>
Wireless-802.11-NoEAP,switch_mac => (00:3a:98:1e:c6:20), mac =>
[34:4d:f7:4a:dc:5f], port => 294, username => "344df74adc5f", ssid =>
PacketFence-Public (pf::radius::authorize)
Jan 24 22:47:52 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] Instantiate
profile default (pf::Portal::ProfileFactory::_from_profile)
Jan 24 22:47:52 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] is of status
unreg; belongs into registration VLAN (pf::role::getRegistrationRole)
Jan 24 22:47:52 httpd.aaa(6130) INFO: [mac:34:4d:f7:4a:dc:5f] (10.0.0.2)
Added VLAN 130 to the returned RADIUS Access-Accept
(pf::Switch::returnRadiusAccessAccept)
Jan 24 22:48:15 pfsetvlan(2) INFO: nb of items in queue: 1; nb of threads
running: 0 (main::startTrapHandlers)
Jan 24 22:48:15 pfsetvlan(2) INFO: doWeActOnThisTrap returns false. Stop
dot11Deauthentication handling (main::handleTrap)
Jan 24 22:48:15 pfsetvlan(2) INFO: finished (main::cleanupAfterThread)
Radius LOG:
tail -f /usr/local/pf/logs/radius.log
Tue Jan 24 22:42:12 2017 : Info: rlm_rest (rest): Need 1 more connections to
reach 10 spares
Tue Jan 24 22:42:12 2017 : Info: rlm_rest (rest): Opening additional
connection (99), 1 of 62 pending slots used
Tue Jan 24 22:42:12 2017 : Info: rlm_sql (sql): Need 1 more connections to
reach 10 spares
Tue Jan 24 22:42:12 2017 : Info: rlm_sql (sql): Opening additional
connection (100), 1 of 62 pending slots used
Tue Jan 24 22:42:12 2017 : [mac:34:4d:f7:4a:dc:5f] Accepted user: and
returned VLAN 130
Tue Jan 24 22:42:12 2017 : Auth: (147) Login OK: [344df74adc5f] (from client
10.0.0.2 port 289 cli 34:4d:f7:4a:dc:5f)
Tue Jan 24 22:44:33 2017 : Info: rlm_rest (rest): Closing connection (98):
Hit idle_timeout, was idle for 179 seconds
Tue Jan 24 22:44:33 2017 : Info: rlm_rest (rest): Closing connection (97):
Hit idle_timeout, was idle for 141 seconds
Tue Jan 24 22:44:33 2017 : Info: rlm_rest (rest): Closing connection (99):
Hit idle_timeout, was idle for 141 seconds
Tue Jan 24 22:44:33 2017 : Info: rlm_rest (rest): Opening additional
connection (100), 1 of 64 pending slots used
Tue Jan 24 22:44:33 2017 : Info: rlm_rest (rest): Need 2 more connections to
reach 10 spares
Tue Jan 24 22:44:33 2017 : Info: rlm_rest (rest): Opening additional
connection (101), 1 of 63 pending slots used
Tue Jan 24 22:44:33 2017 : Info: rlm_sql (sql): Closing connection (99): Hit
idle_timeout, was idle for 179 seconds
Tue Jan 24 22:44:33 2017 : Info: rlm_sql (sql): Closing connection (98): Hit
idle_timeout, was idle for 141 seconds
Tue Jan 24 22:44:33 2017 : Info: rlm_sql (sql): Closing connection (100):
Hit idle_timeout, was idle for 141 seconds
Tue Jan 24 22:44:33 2017 : Info: rlm_sql (sql): Opening additional
connection (101), 1 of 64 pending slots used
Tue Jan 24 22:44:33 2017 : Info: rlm_sql (sql): Need 2 more connections to
reach 10 spares
Tue Jan 24 22:44:33 2017 : Info: rlm_sql (sql): Opening additional
connection (102), 1 of 63 pending slots used
Tue Jan 24 22:44:33 2017 : [mac:34:4d:f7:4a:dc:5f] Accepted user: and
returned VLAN 130
Tue Jan 24 22:44:33 2017 : Auth: (148) Login OK: [344df74adc5f] (from client
10.0.0.2 port 290 cli 34:4d:f7:4a:dc:5f)
Tue Jan 24 22:44:57 2017 : Info: rlm_rest (rest): Need 1 more connections to
reach 10 spares
Tue Jan 24 22:44:57 2017 : Info: rlm_rest (rest): Opening additional
connection (102), 1 of 62 pending slots used
Tue Jan 24 22:44:57 2017 : Info: rlm_sql (sql): Need 1 more connections to
reach 10 spares
Tue Jan 24 22:44:57 2017 : Info: rlm_sql (sql): Opening additional
connection (103), 1 of 62 pending slots used
Tue Jan 24 22:44:57 2017 : [mac:34:4d:f7:4a:dc:5f] Accepted user: and
returned VLAN 130
Tue Jan 24 22:44:57 2017 : Auth: (149) Login OK: [344df74adc5f] (from client
10.0.0.2 port 291 cli 34:4d:f7:4a:dc:5f)
Tue Jan 24 22:45:04 2017 : [mac:34:4d:f7:4a:dc:5f] Accepted user: and
returned VLAN 130
Tue Jan 24 22:45:04 2017 : Auth: (150) Login OK: [344df74adc5f] (from client
10.0.0.2 port 292 cli 34:4d:f7:4a:dc:5f)
Tue Jan 24 22:47:08 2017 : Info: rlm_rest (rest): Closing connection (100):
Hit idle_timeout, was idle for 131 seconds
Tue Jan 24 22:47:08 2017 : Info: rlm_rest (rest): Closing connection (102):
Hit idle_timeout, was idle for 131 seconds
Tue Jan 24 22:47:08 2017 : Info: rlm_rest (rest): Closing connection (101):
Hit idle_timeout, was idle for 124 seconds
Tue Jan 24 22:47:08 2017 : Info: rlm_rest (rest): Opening additional
connection (103), 1 of 64 pending slots used
Tue Jan 24 22:47:08 2017 : Info: rlm_rest (rest): Need 2 more connections to
reach 10 spares
Tue Jan 24 22:47:08 2017 : Info: rlm_rest (rest): Opening additional
connection (104), 1 of 63 pending slots used
Tue Jan 24 22:47:08 2017 : Info: rlm_sql (sql): Closing connection (101):
Hit idle_timeout, was idle for 131 seconds
Tue Jan 24 22:47:08 2017 : Info: rlm_sql (sql): Closing connection (103):
Hit idle_timeout, was idle for 131 seconds
Tue Jan 24 22:47:08 2017 : Info: rlm_sql (sql): Closing connection (102):
Hit idle_timeout, was idle for 124 seconds
Tue Jan 24 22:47:08 2017 : Info: rlm_sql (sql): Opening additional
connection (104), 1 of 64 pending slots used
Tue Jan 24 22:47:08 2017 : Info: rlm_sql (sql): Need 2 more connections to
reach 10 spares
Tue Jan 24 22:47:08 2017 : Info: rlm_sql (sql): Opening additional
connection (105), 1 of 63 pending slots used
Tue Jan 24 22:47:08 2017 : [mac:34:4d:f7:4a:dc:5f] Accepted user: and
returned VLAN 130
Tue Jan 24 22:47:08 2017 : Auth: (151) Login OK: [344df74adc5f] (from client
10.0.0.2 port 293 cli 34:4d:f7:4a:dc:5f)
Tue Jan 24 22:47:52 2017 : Info: rlm_rest (rest): Need 1 more connections to
reach 10 spares
Tue Jan 24 22:47:52 2017 : Info: rlm_rest (rest): Opening additional
connection (105), 1 of 62 pending slots used
Tue Jan 24 22:47:52 2017 : Info: rlm_sql (sql): Need 1 more connections to
reach 10 spares
Tue Jan 24 22:47:52 2017 : Info: rlm_sql (sql): Opening additional
connection (106), 1 of 62 pending slots used
Tue Jan 24 22:47:52 2017 : [mac:34:4d:f7:4a:dc:5f] Accepted user: and
returned VLAN 130
Tue Jan 24 22:47:52 2017 : Auth: (152) Login OK: [344df74adc5f] (from client
10.0.0.2 port 294 cli 34:4d:f7:4a:dc:5f)
Please advice this situation.
Thanks,
Namjil
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
