Hi guys
I have installed the latest version of PacketFence (ZEN) on my network do
try integration with Cisco Meraki devices. I have both MR access points and
a MS220 8 port switch
I found the Meraki::MS220_8 switch type for my switch .. but I think it
might be a package that was developed back when Meraki didn't support CoA -
Change of Authorization which is now possible both on switches and access
points ( https://documentation.meraki.com/MS/Access_Control/
Change_of_Authorization_with_RADIUS_(CoA)_on_MS_Switches )
So the result for now when I use wired auth on my switch is as follows :
Oct 30 18:50:03 PacketFence-ZEN packetfence_httpd.portal:
httpd.portal(3003) INFO: [mac:00:e1:4c:68:51:0c] VLAN reassignment is
forced. (pf::enforcement::_should_we_reassign_vlan)
Oct 30 18:50:03 PacketFence-ZEN packetfence_httpd.portal:
httpd.portal(3003) INFO: [mac:00:e1:4c:68:51:0c] switch port is
(00:18:0a:b3:fd:4f) ifIndex 1 connection type: Wired MAC Auth
(pf::enforcement::_vlan_reevaluation)
*Oct 30 18:50:04 PacketFence-ZEN pfqueue: pfqueue(3269) WARN:
[mac:00:e1:4c:68:51:0c] Until CoA is implemented we will bounce the port on
VLAN re-assignment traps for MAC-Auth
(pf::Switch::handleReAssignVlanTrapForWiredMacAuth)*
Oct 30 18:50:08 PacketFence-ZEN pfqueue: pfqueue(3269) ERROR:
[mac:00:e1:4c:68:51:0c] error creating SNMP v1 write connection to
192.168.10.128: No response from remote host "192.168.10.128"
(pf::Switch::connectWriteTo)
Is is difficult to fix the MS228_8.pm file so that it could use CoA ?
I tried adding *use pf::util::radius qw(perform_coa); *to the file with the
cute little hope it would do the trick but it doesn't seem to be enough.
*Also unrelated but :*
- With my ZEN config I cant use 802.1X .. But I dont really get why,I get
the following error :
Module-Failure-Message = "mschap: Program returned code (1) and output
'Reading winbind reply failed! (0xc0000001)'"
Module-Failure-Message = "mschap: External script says: Reading winbind
reply failed! (0xc0000001)"
Module-Failure-Message = "mschap: MS-CHAP2-Response is incorrect"
User-Password = "******"
Module-Failure-Message = "Failed retrieving values required to evaluate
condition"
- It would be awesome to have some sort of view of the switches status,
like a "last heartbeat" or a way to see quickly the log events related to
one of them
Thanks a lot :-)
Gonzague
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
