[PacketFence-users] Aruba 7010 and PacketFence 6.5 Zen

Sun, 19 Feb 2017 05:21:52 -0800 

Hi,

I am trying to use PacketFence 6.5 ZEN to my network, and I am having a
hard time getting this to work.

My goal is to have a guest wifi that should only have access to the
Internet.
And wireless BYOD users to have access to the Enterprise network via
EAP-PEAP. The resources access will be done via VPNing.

At this point, I am trying to get the guest wifi working. I got the
pf joined to our domain. My topology is this:

[guest]~~wifi~~[AP]-------[SW]-------[WLC]-------[FW]-----ospf------[FW]-----[packetfence]

Here are my VLANs:
Packetfence:
Management: VLAN 10
Mgmt IP: 10.0.10.0/24
Registration: VLAN 11
Reg IP: 10.0.11.0/24
Isolation: VLAN 12
Iso IP: 10.0.12.0/24

Routed Network:
Registration: VLAN 111
Reg IP: 10.0.111.0/24
Isolation: VLAN 112
Iso IP: 10.0.112.0/24
Guests: VLAN 113
Guests IP: 10.0.113.0/24
BYOD Users: VLAN 114
BYOD IP: 10.0.114.0/24

My PacketFence VM has three interfaces eth0 (management), eth1
(registration) and eth2 (isolation). The registration has routed network
configured for vlan 111, and the isolation has a routed network configured
for vlan 112. DHCP is enabled for these routed network.

I would like to the guest users and byod users to use our DHCP server once
authenticated.

I followed the guide network configuring for Aruba
<https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_aruba>
and
made sure that the radius secret between the Aruba (radius and rfc3576) and
packetfence are the same.

I ran a tcpdump on the packetfence server, but I got a radius reject (3). I
could not get pass the radius issue. My guest is the radius secrets are not
matching or the Aruba is not configured correctly.

I have the Aruba configure with ip-helper pointing to packetfence's VLAN 11
(registration), and VLAN 10 (management).

I apologize for a big messy email. It is 3am and I am still trying to
figure this out.

Any help is greatly appreciated

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to