the 'Auditing→RADIUS Audit Log' is empty :/ now that's strange, as it would indicate the WLC isn't communicating with PF server at all, however, other activities generate log entries suggesting they can reach each other and are actually communicating. any idea what might be wrong here? i mean.. i have the radius server configured in the WLC and a "Switch" configured in PF, and all even works fine in EAP-TLS scenario when using a different provisioner (not sure this setup generates anyting in the radius audit log, but since it works, i'd say it doesn't matter much) ________________________________ From: Durand fabrice via PacketFence-users <packetfence-users@lists.sourceforge.net> Sent: Tuesday, March 24, 2020 00:49 To: packetfence-users@lists.sourceforge.net <packetfence-users@lists.sourceforge.net> Cc: Durand fabrice <fdur...@inverse.ca> Subject: Re: [PacketFence-users] Cisco Dynamic PSK with WLC 2504 - registration works, PSK auth doesn't
Hello Tobias, Can you check in the radius audit log what is the psk sent by packetfence ? Is it matching the one you set on the device ? Regards Fabrice Le 20-03-23 à 18 h 10, Juraj Tobias via PacketFence-users a écrit : i'm looking to provide Dynamic PSK security in our production WLAN - i'd like users to register their device via registration SSID, get their personal PSK there, and use that for connecting to the secure SSID i've configured pf 9.3 and our WLC 2504 according to the documentation, and the testing goes fine up until the point a personal PSK is generated for the test user. however, once trying to use it with the secure SSID, the test device (android phone) says "incorrect password", which sounds like the WLC fails to authenticate the user against the PF server. no logs on either side (WLC, pf server) that would indicate where is the problem. now, the documentation mentions "expired certificate" might cause issues, but our certificate, despite being self-signed, is definitely not expired (as far as I know "self-signed" and "expired" are two different things). so now i'm emailing here for the 1st time, hoping to get some more advice. thanks in advance! _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
