Hello Bill, You can follow this GitHub issue, I will check with the team to see when it can be fixed.
Thanks, Ludovic Zammit [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: www.inverse.ca <http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On May 14, 2020, at 7:25 AM, Bill Handler <[email protected]> wrote: > > Ludovic, > > I created a new switch template via the CLI as outlined in the Developer’s > Guide found here: > https://packetfence.org/downloads/PacketFence/doc/PacketFence_Developers_Guide.pdf > > <https://packetfence.org/downloads/PacketFence/doc/PacketFence_Developers_Guide.pdf> > > The Guide states that it is for v10, and has a date of April 2020, so it’s > likely the newest version… I took the “Full Working Example” listed on page > 12, modified it to fit the switch and the specific vendor attribute for the > acceptVlan section. After running the scripts afterwards to make the switch > definition available, I noted that in the Web GUI, there was no attribute > value for the vendor specific attributes – the textbox/display was missing, > just as in issue #5424 > <https://github.com/inverse-inc/packetfence/issues/5424>. The vendor > attribute/value is still not passed from RADIUS though as seen previously in > the radiusd.log file or in the GUI RADIUS Response. > > It seems that any vendor specific radius attribute I’ve attempted is not > passed to the switch… > > Thanks, > > Bill > > From: Bill Handler via PacketFence-users > <[email protected]> > Sent: Tuesday, May 12, 2020 8:45 AM > To: Ludovic Zammit <[email protected]> > Cc: Bill Handler <[email protected]>; > [email protected] > Subject: Re: [PacketFence-users] Role mapped to Tagged VLANs > > I did. I set the switch type to the new template and rebooted both PF and > the switch to be sure… After reboot PF showed the type as the new template. > It was after the reboot that I took the screenshots. Just changing the > switch back to the default Extreme template and the VLAN is populated – when > using the ‘private-id’ attribute. > > Thanks, > > Bill > > > From: Ludovic Zammit <[email protected] <mailto:[email protected]>> > Sent: Tuesday, May 12, 2020 8:12 AM > To: Bill Handler <[email protected] <mailto:[email protected]>> > Cc: [email protected] > <mailto:[email protected]> > Subject: Re: [PacketFence-users] Role mapped to Tagged VLANs > > Hello Bill, > > Out of curiosity, did you select and apply that template that you created to > your switch ? > > Thanks, > > Ludovic Zammit > [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > On May 11, 2020, at 4:24 PM, Bill Handler <[email protected] > <mailto:[email protected]>> wrote: > > Ludovic, > > Made a custom template, but it does not seem to be passing the RADIUS > Attribute… > > This is the Template I’ve created: > > <image005.jpg> > > The Extreme-Netlogin-Extended-Vlan attribute does not seem to be being passed > to the switch… within the Auditing window for the end-system I see: > > <image006.png> > > For the canned Extreme Template RADIUS shows: > <image007.png> > I changed the VLAN within the config to ‘Data’ to ensure it was being read… > > The radiusd.log shows: > > [root@pf428 logs]# cat -t 50 radius.log | grep VLAN > cat: 50: No such file or directory > May 11 04:40:29 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 05:40:28 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 06:40:27 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 06:46:27 pf428 auth[3321]: [mac:a0:d3:c1:12:b6:a2] Accepted user: > host/TRAINING-SD03.pcsknox.com <http://training-sd03.pcsknox.com/> and > returned VLAN 200 > May 11 07:40:26 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 08:40:25 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 09:40:24 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 10:40:23 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 11:40:22 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 12:40:21 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 13:40:19 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 14:40:18 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 15:40:17 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN 200 > May 11 15:47:26 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 15:47:27 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 15:48:27 pf428 auth[3321]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 15:53:24 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 15:53:26 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 15:54:27 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:01:04 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 16:01:04 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:02:05 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:03:05 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:07:52 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN > May 11 16:07:52 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:08:52 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN > May 11 16:09:37 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN Data > May 11 16:09:38 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:10:38 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:16:33 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: and > returned VLAN Data > May 11 16:16:33 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:17:33 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > May 11 16:18:34 pf428 auth[3357]: [mac:78:45:c4:1d:7b:e9] Accepted user: > host/pf-test.pcsknox.com <http://pf-test.pcsknox.com/>and returned VLAN Data > > > The end-system is being authenticated, but when using the Extreme Attribute, > it is not returning anything from RADIUS, and leaves the VLAN blank in the > log… > > Any help is appreciated > > Thanks, > > Bill > > From: Ludovic Zammit <[email protected] <mailto:[email protected]>> > Sent: Thursday, May 7, 2020 8:34 AM > To: Bill Handler <[email protected] <mailto:[email protected]>> > Cc: [email protected] > <mailto:[email protected]> > Subject: Re: [PacketFence-users] Role mapped to Tagged VLANs > > Hello Bill, > > If you are using PacketFence v10 we have implemented switch templates. > > It’s under Configuration > Integration > Switch Templates > > You can check out how the Cisco::Switch is done with the voice scope: > > <image003.png> > > Or the HP::Switch : > > <image004.png> > If you don’t have PacketFence v10, you would need to create you own switch > module in perl. > > Thanks, > > Ludovic Zammit > [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > > > On May 7, 2020, at 5:31 AM, Bill Handler <[email protected] > <mailto:[email protected]>> wrote: > > Understood, what I was meaning is how do we add the VSAs to PacketFence to > enhance/expand the functionality? Or set custom attributes for the certain > vendors’ equipment? > > Thanks, > > Bill > > Sent from my iPad > > On May 6, 2020, at 9:33 PM, Ludovic Zammit <[email protected] > <mailto:[email protected]>> wrote: > > Each vendor have specific ones. > > It’s the way they support voice, check their radius attributes documentation. > > Thanks, > > > > On May 6, 2020, at 7:51 PM, Bill Handler <[email protected] > <mailto:[email protected]>> wrote: > > Ludovic, > > How do we add vendor-specific VSAs? > > Thanks, > > Bill > > Sent from my iPad > > On May 6, 2020, at 8:09 AM, Ludovic Zammit <[email protected] > <mailto:[email protected]>> wrote: > > Hello Bill, > > You would have to rely on the Radius VOIP capabilities of those network > equipment. > > PacketFence supports VOIP on HP/ Aruba switches. On the Aruba AP you would > have to process the VOIP as a normal VLAN. You can try to check the VOIP flag > under a mac address and connect it on a HP/ Aruba switch. You would need to > have your voice VLAN marked as a voice clan under your switch. > > As per Extreme switch, we don’t support voice VSA. > > Thanks, > > Ludovic Zammit > [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > > > On May 6, 2020, at 8:00 AM, Bill Handler <[email protected] > <mailto:[email protected]>> wrote: > > Extreme Networks and HP/Aruba switches/APs with a variety of VoIP phones - > yealink Avaya polycom etc > > Sent from my iPhone > > > > On May 6, 2020, at 6:53 AM, Ludovic Zammit <[email protected] > <mailto:[email protected]>> wrote: > > Hello Bill, > > Which kind of equipment are you using ? > > Thanks, > > Ludovic Zammit > [email protected] <mailto:[email protected]> :: +1.514.447.4918 (x145) :: > www.inverse.ca <http://www.inverse.ca/> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <http://www.sogo.nu/>) and PacketFence (http://packetfence.org > <http://packetfence.org/>) > > > > > > > > On May 5, 2020, at 6:02 PM, Bill Handler via PacketFence-users > <[email protected] > <mailto:[email protected]>> wrote: > > Team, > > Is there a way to push a tagged VLAN to the switch when a device > authenticates? For example a VoIP phone, or AP. We’ve tested with a phone > with a PC on the passthrough port. The PC authenticates fine on the correct > VLAN, but we don’t know how to configure PF to send the phone VLAN as tagged > to the switch. > > Thanks, > > Bill > _______________________________________________ > PacketFence-users mailing list > [email protected] > <mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
