Show me the content of your conf/switches.conf Removed the shared secret and password.
Thanks, Ludovic Zammit lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: www.inverse.ca <https://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) > On Mar 3, 2021, at 4:06 PM, Lamont, Pieter-Jan > <pieterjan.lam...@sgsintpaulus.eu> wrote: > > Hello Ludovic > > I have found the reason why there was a public ip in the info Ruckus was > sending. This was our Control NAT IP, which we don’t use… > After removing this config I’m getting our correct private IP in the nbiIP > field. > > GET > /captive-portal?nbiIP=192.168.10.65&client_mac=90-97-f3-6b-2d-4e&domain_name=Administration+Domain&reason=Un-Auth-Captive&wlanName=VTI-Test&dn=scg.ruckuswireless.com > > <http://scg.ruckuswireless.com/>&ssid=VTI-Test&mac=d8:38:fc:17:14:f0&url=http%3A%2F%2Fportal.fb.com > > <http://2fportal.fb.com/>%2Fmobile%2Fstatus.php&proxy=0&vlan=149&wlan=46&sip=scg.ruckuswireless.com > > <http://scg.ruckuswireless.com/>&zoneName=WYSlX0KJHIctnpAfJwtWt4paEFCQ8Rjz2NKJGU5YB2o_1614804563333&apip=192.168.150.34&sshTunnelStatus=1&uip=192.168.149.170 > HTTP/1.1" > > When the users goes to the captive portal they get the message “Your computer > was not found in the PacketFence database. Please reboot to solve this > issue.”. > The correct client ip is given (192.168.149.170) but the MAC is 0 (which > should be 90-97-f3-6b-2d-4e). This client mac is also in the client_mac field > given from the Ruckus Smartzone. > After enabling “Activate Preregistration” in the Default Connection Profile, > the user can login (demouser) but after the correct authentication he gets a > 502 bad gateway. > > Kind regards > > <EmailHandtekeningCorporate_239e37bc-d675-44cf-b4ca-49a10eec9dcb.png> > Pieter-Jan Lamont > IT-Coördinator > > Toekomststraat 75 - 8790 Waregem > Tel. +32 56 62 69 94 - pieterjan.lam...@sgsintpaulus.eu > <mailto:pieterjan.lam...@sgsintpaulus.eu> > > > From: Lamont, Pieter-Jan <pieterjan.lam...@sgsintpaulus.eu > <mailto:pieterjan.lam...@sgsintpaulus.eu>> > Sent: woensdag 3 maart 2021 21:24 > To: packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net> > Cc: Ludovic Zammit <lzam...@inverse.ca <mailto:lzam...@inverse.ca>> > Subject: RE: [PacketFence-users] Ruckus Smartzone > > Hello Ludovic > > When adding http://ip-of-packetfence/RuckusSmartZone > <http://ip-of-packetfence/RuckusSmartZone> to the Smartzone the users is only > getting “Not implemented” on the screen . > If we change this to http://ip-of-packetfence/captive-portal > <http://ip-of-packetfence/captive-portal> , I see that ruckus adds a bunch of > information to that link as you described . > > "GET > /captive-portal?nbiIP=84.199.*.*&client_mac=a8-9c-ed-91-80-d4&domain_name=Administration+Domain&reason=Un-Auth-Captive&wlanName=VTI-Test&dn=scg.ruckuswireless.com > > <http://scg.ruckuswireless.com/>&ssid=VTI-Test&mac=0c:f4:d5:2f:9e:a0&url=http%3A%2F%2Fconnect.rom.miui.com > > <http://2fconnect.rom.miui.com/>%2Fgenerate_204&proxy=0&vlan=149&wlan=46&sip=scg.ruckuswireless.com > > <http://scg.ruckuswireless.com/>&zoneName=4D-QLLuerkFXa3hgUdKB8v3hhjf1Q378oPRjYUdz2ew_1614610736148&apip=192.168.150.10&sshTunnelStatus=1&uip=192.168.149.157 > HTTP/1.1" 200 4418 1082 101226 "-" "Mozilla/5.0 (Linux; Android 10; MI 9 > Build/QKQ1.190825.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 > Chrome/88.0.4324.181 Mobile Safari/537.36" > > The only weird thing about the url is the nbiIP info… it’s a public ip of > ours, but we don’t use this anywhere in our setup. The other info is correct. > Tomorrow i will test again with my device, so I’m sure the client_mac address > is correct. > > Kind regards > > <image001.png> > Pieter-Jan Lamont > IT-Coördinator > > Toekomststraat 75 - 8790 Waregem > Tel. +32 56 62 69 94 - pieterjan.lam...@sgsintpaulus.eu > <mailto:pieterjan.lam...@sgsintpaulus.eu> > > From: Ludovic Zammit <lzam...@inverse.ca <mailto:lzam...@inverse.ca>> > Sent: woensdag 3 maart 2021 19:54 > To: packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net> > Cc: Lamont, Pieter-Jan <pieterjan.lam...@sgsintpaulus.eu > <mailto:pieterjan.lam...@sgsintpaulus.eu>> > Subject: Re: [PacketFence-users] Ruckus Smartzone > > Hello Pieter-Jan, > > You are not suppose to have access to > http://ip-of-packetfence/RuckusSmartZone > <http://ip-of-packetfence/RuckusSmartZone>. You should be redirected to that > URL via the SmartZone and also send out a http request to PF with a bunch of > other attribute like the client Mac and IP. > > Something along the line: > > ?nbiIP=192.168.x.y&client_mac=xxxxxxxxxxx&reason=Un-Auth-Captive&wlanName=MY_WIFI&dn=scg.ruckuswireless.com > > <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fscg.ruckuswireless.com%2F&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350751109%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=bfQpQEXxjPTwbAyTxgiYxzp%2FLzT9jbnZVkBxF6I3tDk%3D&reserved=0>&ssid=MY_SSID&mac=44:1e:98:1e:31:a0&url=http%3A%2F%2Finit-p01st.push.apple.com > > <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2F2finit-p01st.push.apple.com%2F&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350761103%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=g5KgzJpel4e3tUVBzz6DiWSNtJYS3NXEHkwEjx864eg%3D&reserved=0>&proxy=0&vlan=30&wlan=3&sip=scg.ruckuswireless.com > > <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fscg.ruckuswireless.com%2F&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350761103%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ASuZe2Ed%2BLU3CZYoesouUAP9j%2BwIXhtMqd1RzchXaVc%3D&reserved=0>&zoneName=WEDtGa9sj1EOy6-qqLWQBw_1570617665657&StartURL=&uip=ENCxxxxxxxxx > > You could see that in the logs/httpd.access.log. If you don’t see that, don’t > go further because PF will its critical information as you described. > > Thanks, > > Ludovic Zammit > lzam...@inverse.ca <mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) :: > www.inverse.ca > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.inverse.ca%2F&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350771101%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Dm40%2BmJmPaAqjjvFcYsasvgZXHVnZ%2BLQ%2BBg0RhXqIQQ%3D&reserved=0> > Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu > <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.sogo.nu%2F&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350771101%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=CwROG%2BqEgRtnK1PPvcrOL109KVpE7GXATZCUZxYw4W0%3D&reserved=0>) > and PacketFence (http://packetfence.org > <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fpacketfence.org%2F&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350781092%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=DEBRCB%2BUsiTzItvORM5AARDRh1zx0ExXj2LX4jyFPFo%3D&reserved=0>) > > > > > > > > > On Mar 2, 2021, at 11:22 AM, Lamont, Pieter-Jan via PacketFence-users > <packetfence-users@lists.sourceforge.net > <mailto:packetfence-users@lists.sourceforge.net>> wrote: > > Hello Packetfence Community > > I’m trying to deploy a Ruckus SmartZone WebAuth configuration . > I have followed the guide several times(Fresh Debian9 with apt-get > installation and Packetfence ZEN) but didn’t succeed the deployment.(6.24.1 – > Network Devices Configuration Guide) > When configuring the captive portal I can’t go to > http://ip-of-packetfence/RuckusSmartZone > <http://ip-of-packetfence/RuckusSmartZone> (Not implemented) but after > changing this to http://ip-of-packetfence/Captive-portal > <http://ip-of-packetfence/Captive-portal> , I’m seeing the portal. > > The user is guided to the captive portal but gets the “Your computer was not > found in the PF Database” with his IP correctly but no MAC address (MAC 0). > When enabling “Activate Preregistration” in the default connection Profile , > the users gets the Username/password fields to login. > But when entering the correct credentials, the users get a 502 bad gateway … > I have also tried to capture all data from the PF to the Ruckus Smartzone, > but I see no traffic to or from the Smartzone. > > > Already tried the new updated guide > (https://github.com/garci66/packetfence/blob/9da2608f131780eb7d9cd64246c9a767868d119f/docs/network/networkdevice/ruckus_smartzone.asciidoc > > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgarci66%2Fpacketfence%2Fblob%2F9da2608f131780eb7d9cd64246c9a767868d119f%2Fdocs%2Fnetwork%2Fnetworkdevice%2Fruckus_smartzone.asciidoc&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350781092%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3ZRI8q3ofiV2yhCcT7ukmdo43hgVnkjRGQJ79V95I1Q%3D&reserved=0>) > but with the same outcome . > Mac Authentication with the update guide works perfectly, but we are > searching for the Captive portal solution (webauth) > > Is there someone with a working Web Auth on a Ruckus Smartzone that can help > me this is issue , or anyone with the same problems? > > Kind regards > Pieter-jan Lamont > <EmailHandtekeningCorporate_239e37bc-d675-44cf-b4ca-49a10eec9dcb.png> > Pieter-Jan Lamont > IT-Coördinator > Toekomststraat 75 - 8790 Waregem > Tel. +32 56 62 69 94 - pieterjan.lam...@sgsintpaulus.eu > <mailto:pieterjan.lam...@sgsintpaulus.eu> > > > > <SwitchConfigDefinition.png><SwitchConfigRoles.png><SwitchConfigWebServices.png>_______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > <mailto:PacketFence-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2Fpacketfence-users&data=04%7C01%7Cpieterjan.lamont%40sgsintpaulus.eu%7Cc7c0729c871b4949e07a08d8de75b077%7Caf15916d7d7743f9b366ae98d0fe36be%7C0%7C0%7C637503944350791086%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IsmQxenLW1SEQiVOBD9GfUDgRwfSnEDs%2BwmvPfqXyzY%3D&reserved=0> >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
