Dear Community, I have a strange behaviour of Packetfence, and do not find the problem. I am using Packetfence 10.2.0 on an CentOs System. As Wireless AP's we are Using Unifi Pro Aps.
Authentication through our MSI PKI for Wireless Access with Client certificates is successful working, but after some time, I can see attached problem in packetfence.log The Node is than set back to pending and to registration VLAN. Only Workaround is to set the nodes back to registered to get client vlan. Hope you can guide me in the right direction. Dec 9 08:35:09 packetfence packetfence: pfperl-api(15879) INFO: Using 300 resolution threshold (pf::pfcron::task::cluster_check::run) Dec 9 08:35:09 packetfence packetfence: pfperl-api(15879) INFO: All cluster members are running the same configuration version (pf::pfcron::task::cluster_check::run) Dec 9 08:35:09 packetfence packetfence: pfperl-api(25991) INFO: processed 0 security_events during security_event maintenance (1607499309.17937 1607499309.18552) (pf::security_event::security_event_maintenance) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] processing delayed security_event : 98, 1300002 (pf::security_event::_security_event_run_delayed) Dec 9 08:35:09 packetfence packetfence: pfperl-api(25991) INFO: processed 1 security_events during security_event maintenance (1607499309.18683 1607499309.19435) (pf::security_event::security_event_maintenance) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] security_event for mac 28:16:a8:56:d0:d4 security_event_id 1300002 modified (pf::security_event::security_event_modify) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) WARN: [mac:28:16:a8:56:d0:d4] Warning: 1265: Data truncated for column 'release_date' at row 1 (pf::dal::db_execute) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] executing action 'log' on class 1300002 (pf::action::action_execute) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] /usr/local/pf/logs/security_event.log 2020-12-09 08:35:09: Provisioning Enforcement (1300002) detected on node 28:16:a8:56:d0:d4 (10.11.1.157) (pf::action::action_log) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] executing action 'enforce_provisioning' on class 1300002 (pf::action::action_execute) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] Instantiate profile WLAN_EAP (pf::Connection::ProfileFactory::_from_profile) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) WARN: [mac:28:16:a8:56:d0:d4] 28:16:a8:56:d0:d4 is not authorized anymore with it's provisionner. Putting node as pending. (pf::action::action_enforce_provisioning) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] re-evaluating access (manage_vopen called) (pf::enforcement::reevaluate_access) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] Instantiate profile WLAN_EAP (pf::Connection::ProfileFactory::_from_profile) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] is currentlog connected at (10.99.1.128) ifIndex 0 Client (pf::enforcement::_should_we_reassign_vlan) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] is of status pending; belongs into registration VLAN (pf::role::getRegistrationRole) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] VLAN reassignment required (current VLAN = 11 but should be in VLAN 201) (pf::enforcement::_should_we_reassign_vlan) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] switch port is (10.99.1.128) ifIndex 0connection type: WiFi 802.1X (pf::enforcement::_vlan_reevaluation) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] this is a non-reevaluate-access security_event, closing security_event entry now (pf::action::action_execute) Dec 9 08:35:09 packetfence packetfence_httpd.webservices: httpd.webservices(2559) INFO: [mac:28:16:a8:56:d0:d4] security_event 1300002 force-closed for 28:16:a8:56:d0:d4 (pf::security_event::security_event_force_close) Dec 9 08:35:10 packetfence pfqueue: pfqueue(20477) INFO: [mac:28:16:a8:56:d0:d4] [28:16:a8:56:d0:d4] DesAssociating mac on switch (10.99.1.128) (pf::api::desAssociate) Dec 9 08:35:10 packetfence pfqueue: pfqueue(20477) INFO: [mac:28:16:a8:56:d0:d4] Found site: Default (pf::Switch::Ubiquiti::Unifi::_deauthenticateMacWithHTTP) Dec 9 08:35:10 packetfence pfqueue: pfqueue(20477) INFO: [mac:28:16:a8:56:d0:d4] Deauth on site: Default (pf::Switch::Ubiquiti::Unifi::_deauthenticateMacWithHTTP) Dec 9 08:35:10 packetfence pfqueue: pfqueue(20477) INFO: [mac:28:16:a8:56:d0:d4] Switched status on the Unifi controller using command kick-sta (pf::Switch::Ubiquiti::Unifi::_deauthenticateMacWithHTTP) Dec 9 08:35:11 packetfence packetfence_httpd.aaa: httpd.aaa(2540) INFO: [mac:28:16:a8:56:d0:d4] handling radius autz request: from switch_ip => (10.99.1.128), connection_type => Wireless-802.11-EAP,switch_mac => (2a:e8:29:9a:bd:c2), mac => [28:16:a8:56:d0:d4], port => 0, username => "host/PC102.schoepfgmbh.local", ssid => SCHOEPFINTRANET (pf::radius::authorize) Dec 9 08:35:11 packetfence packetfence_httpd.aaa: httpd.aaa(2540) INFO: [mac:28:16:a8:56:d0:d4] is doing machine auth with account 'host/PC102.schoepfgmbh.local'. (pf::radius::authorize) Dec 9 08:35:11 packetfence packetfence_httpd.aaa: httpd.aaa(2540) INFO: [mac:28:16:a8:56:d0:d4] Instantiate profile WLAN_EAP (pf::Connection::ProfileFactory::_from_profile) Dec 9 08:35:11 packetfence packetfence_httpd.aaa: httpd.aaa(2540) INFO: [mac:28:16:a8:56:d0:d4] is of status pending; belongs into registration VLAN (pf::role::getRegistrationRole) Dec 9 08:35:11 packetfence packetfence_httpd.aaa: httpd.aaa(2540) INFO: [mac:28:16:a8:56:d0:d4] (10.99.1.128) Added VLAN 201 to the returned RADIUS Access-Accept (pf::Switch::returnRadiusAccessAccept) Dec 9 08:35:12 packetfence pfqueue: pfqueue(20479) INFO: [mac:28:16:a8:56:d0:d4] Instantiate profile WLAN_EAP (pf::Connection::ProfileFactory::_from_profile) Dec 9 08:35:12 packetfence packetfence_httpd.aaa: httpd.aaa(2540) INFO: [mac:28:16:a8:56:d0:d4] Updating locationlog from accounting request (pf::api::handle_accounting_metadata) Dec 9 08:35:13 packetfence packetfence_httpd.aaa: httpd.aaa(2540) WARN: [mac:28:16:a8:56:d0:d4] Unable to pull accounting history for device 28:16:a8:56:d0:d4. The history set doesn't exist yet. (pf::accounting_events_history::latest_mac_history) Dec 9 08:35:13 packetfence packetfence_httpd.aaa: httpd.aaa(2540) WARN: [mac:28:16:a8:56:d0:d4] Unable to pull accounting history for device 28:16:a8:56:d0:d4. The history set doesn't exist yet. (pf::accounting_events_history::latest_mac_history) Dec 9 08:35:13 packetfence pfqueue: pfqueue(19974) WARN: [mac:28:16:a8:56:d0:d4] Unable to match MAC address to IP '10.201.1.166' (pf::ip4log::ip2mac) Dec 9 08:35:13 packetfence pfqueue: pfqueue(19974) INFO: [mac:28:16:a8:56:d0:d4] oldip (10.11.1.157) and newip (10.201.1.166) are different for 28:16:a8:56:d0:d4 - closing ip4log entry (pf::api::update_ip4log) Dec 9 08:35:13 packetfence pfqueue: pfqueue(20480) INFO: [mac:28:16:a8:56:d0:d4] Instantiate profile WLAN_EAP (pf::Connection::ProfileFactory::_from_profile) Dec 9 08:35:13 packetfence pfipset[2314]: t=2020-12-09T08:35:13+0100 lvl=info msg="No Inline Network bypass ipsets reload" pid=2314 Best regards and many thanks Florian ________________________________ E. Schoepf GmbH Rathausstra?e 18, 95236 Stammbach Registergericht: Hof, HRB 47 Gesch?ftsf?hrer: Florian Krug
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
