Command appears to run endlessly, I grabbed a snippet that appears to be what is repeated.
(3440) Sat Mar 27 07:25:15 2021: Debug: Received Status-Server Id 51 from 127.0.0.1:51452 to 127.0.0.1:18121 length 50 (3440) Sat Mar 27 07:25:15 2021: Debug: Message-Authenticator = 0x9257e8cab94913463172d8be5663c80b (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Statistics-Type = 15 (3440) Sat Mar 27 07:25:15 2021: Debug: # Executing group from file /usr/local/pf/raddb/sites-enabled/status (3440) Sat Mar 27 07:25:15 2021: Debug: Autz-Type Status-Server { (3440) Sat Mar 27 07:25:15 2021: Debug: [ok] = ok (3440) Sat Mar 27 07:25:15 2021: Debug: } # Autz-Type Status-Server = ok (3440) Sat Mar 27 07:25:15 2021: Debug: Sent Access-Accept Id 51 from 127.0.0.1:18121 to 127.0.0.1:51452 length 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Access-Requests = 3441 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Access-Accepts = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Access-Rejects = 2 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Access-Challenges = 16 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Auth-Responses = 18 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Auth-Duplicate-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Auth-Malformed-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Auth-Invalid-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Auth-Dropped-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Auth-Unknown-Types = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Accounting-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Accounting-Responses = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Acct-Duplicate-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Acct-Malformed-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Acct-Invalid-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Acct-Dropped-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Acct-Unknown-Types = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Access-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Access-Accepts = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Access-Rejects = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Access-Challenges = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Auth-Responses = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Auth-Duplicate-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Auth-Malformed-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Auth-Invalid-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Auth-Dropped-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Auth-Unknown-Types = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Accounting-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Accounting-Responses = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Acct-Duplicate-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Acct-Malformed-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Acct-Invalid-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Acct-Dropped-Requests = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: FreeRADIUS-Total-Proxy-Acct-Unknown-Types = 0 (3440) Sat Mar 27 07:25:15 2021: Debug: Finished request (3440) Sat Mar 27 07:25:20 2021: Debug: Cleaning up request packet ID 51 with timestamp +51321 *Joshua Wise* Systems Engineer, Celina ISD 469-742-9113 https://www.celinaisd.com On Fri, Mar 26, 2021 at 9:00 PM Durand fabrice via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > Hello Joshua, > > let's run that: > > raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3600 -c '( > Calling-Station-Id =~ /78[-:]?4f[-:]?43[-:]?97[-:]?f5[-:]?fe/i )' > > > And paste the output. > > Regards > > Fabrice > > > Le 21-03-26 à 18 h 22, Joshua Wise via PacketFence-users a écrit : > > RADIUS Reply is empty. > > I ran the specified patch, restarted services, same error. > > *Joshua Wise* > Systems Engineer, Celina ISD > 469-742-9113 > https://www.celinaisd.com > > > On Fri, Mar 26, 2021 at 1:47 PM Ludovic Zammit <lzam...@inverse.ca> wrote: > >> I never seen that error message. >> >> It needs more investigation. >> >> What is the radius reply given by pf for that authentication ? Just below >> the radius request. >> >> Did you patch your server with : >> >> /usr/local/pf/addons/pf-maint.pl >> >> Then restart all pf services: >> >> /usr/local/pf/bin/pfcmd service pf restart >> >> Thanks, >> >> Ludovic zammitlzam...@inverse.ca :: +1.514.447.4918 (x145) :: >> www.inverse.ca >> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >> (http://packetfence.org) >> >> >> >> >> >> On Mar 26, 2021, at 2:24 PM, Joshua Wise <joshuaw...@celinaisd.com> >> wrote: >> >> RADIS Request Audit log: >> >> NAS-Port-Type = Wireless-802.11 PacketFence-Outer-User = " >> testw...@celinaisd.com" PacketFence-Radius-Ip = "10.56.64.44" >> Service-Type = Framed-User Called-Station-Id = "00-1A-1E-01-EC-98-cisd.1x" >> State = 0x6f17c8406f1fd21550a9f72c8da28ab6 FreeRADIUS-Proxied-To = >> 127.0.0.1 Realm = "default" NAS-IP-Address = 10.56.64.44 >> PacketFence-NTLMv2-Only = "" Calling-Station-Id = "78:4f:43:97:f5:fe" >> Aruba-Essid-Name = "cisd.1x" PacketFence-KeyBalanced = >> "e779e78c1ea9a92dab5dc5d6d30a8dc7" PacketFence-Domain = "celinaisd" >> Aruba-AP-Group = "CS701" User-Name = "testw...@celinaisd.com" >> Aruba-Location-Id = "ADMIN-MDF-AP16" NAS-Identifier = "10.56.64.222" >> Event-Timestamp = "Mar 25 2021 08:33:08 CDT" EAP-Message = >> 0x020800511a0208004c316ec62dd3023b6ff16890ed459e79818b0000000000000000175ed1760cce67ff48491f88d067ce8bc17ec36c65b75de60074657374776966694063656c696e616973642e636f6d >> Stripped-User-Name = "testwifi" NAS-Port = 0 Framed-MTU = 1100 EAP-Type = >> MSCHAPv2 PacketFence-UserNameAttribute = "testw...@celinaisd.com" >> Module-Failure-Message = "celinaisd: Attribute \"User-Password\" is >> required for authentication" User-Password = "******" SQL-User-Name = " >> testw...@celinaisd.com" >> >> *Joshua Wise* >> Systems Engineer, Celina ISD >> 469-742-9113 >> https://www.celinaisd.com >> >> >> On Fri, Mar 26, 2021 at 12:12 PM Ludovic Zammit <lzam...@inverse.ca> >> wrote: >> >>> For that radius request, go check Auditing and show me the radius >>> request. >>> Thanks, >>> >>> >>> Ludovic Zammit >>> lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca >>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >>> (http://packetfence.org) >>> >>> >>> >>> >>> >>> >>> >>> >>> On Mar 26, 2021, at 8:43 AM, Joshua Wise <joshuaw...@celinaisd.com> >>> wrote: >>> >>> Here we go: >>> >>> Mar 26 07:40:11 packetfence auth[2770]: (10350) Login incorrect >>> (celinaisd: Attribute "User-Password" is required for authentication): [ >>> testw...@celinaisd.com] (from client 10.56.64.222/32 port 0 cli >>> 78:4f:43:97:f5:fe via TLS tunnel) >>> Mar 26 07:40:11 packetfence auth[2770]: [mac:78:4f:43:97:f5:fe] Rejected >>> user: testw...@celinaisd.com >>> Mar 26 07:40:11 packetfence auth[2770]: (10351) Login incorrect >>> (eap_peap: The users session was previously rejected: returning reject >>> (again.)): [testw...@celinaisd.com] (from client 10.56.64.222/32 port 0 >>> cli 78:4f:43:97:f5:fe) >>> >>> *Joshua Wise* >>> Systems Engineer, Celina ISD >>> 469-742-9113 >>> https://www.celinaisd.com >>> >>> >>> On Fri, Mar 26, 2021 at 7:00 AM Ludovic Zammit <lzam...@inverse.ca> >>> wrote: >>> >>>> That’s not good, you should have something in the log related to that >>>> Mac address. Try another computer or clear the cache info related to your >>>> Mac in the wifi controller. >>>> >>>> Check: >>>> >>>> grep MAC_ADDRESS /usr/local/pf/logs/radius.log >>>> >>>> Use 00:11:22:33:44:55 for the Mac address format. >>>> >>>> Thanks, >>>> >>>> >>>> Ludovic Zammit >>>> lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca >>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >>>> (http://packetfence.org) >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Mar 25, 2021, at 2:20 PM, Joshua Wise <joshuaw...@celinaisd.com> >>>> wrote: >>>> >>>> I don't get a response when using that command. I can see the log file >>>> exists, modifying with vi shows the following repeatedly. >>>> >>>> Mar 25 03:52:58 packetfence packetfence: pfperl-api(2202) INFO: Using >>>> 300 resolution threshold (pf::pfcron::task::cluster_check::run) >>>> Mar 25 03:52:58 packetfence packetfence: pfperl-api(2202) INFO: All >>>> cluster members are running the same configuration version >>>> (pf::pfcron::task::cluster_check::run) >>>> Mar 25 03:52:58 packetfence packetfence: pfperl-api(2204) INFO: >>>> processed 0 security_events during security_event maintenance >>>> (1616662378.2789 1616662378.28441) >>>> (pf::security_event::security_event_maintenance) >>>> Mar 25 03:52:58 packetfence packetfence: pfperl-api(2204) INFO: >>>> processed 0 security_events during security_event maintenance >>>> (1616662378.2855 1616662378.2874) >>>> (pf::security_event::security_event_maintenance) >>>> Mar 25 03:53:58 packetfence packetfence: pfperl-api(2204) INFO: Using >>>> 300 resolution threshold (pf::pfcron::task::cluster_check::run) >>>> >>>> *Joshua Wise* >>>> Systems Engineer, Celina ISD >>>> 469-742-9113 >>>> https://www.celinaisd.com >>>> >>>> >>>> On Thu, Mar 25, 2021 at 10:08 AM Ludovic Zammit <lzam...@inverse.ca> >>>> wrote: >>>> >>>>> Give me the output of: >>>>> >>>>> grep MAC_ADDRESS /usr/local/pf/logs/packetfence.log >>>>> >>>>> Thanks, >>>>> >>>>> >>>>> Ludovic Zammit >>>>> lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca >>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >>>>> (http://packetfence.org) >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Mar 25, 2021, at 8:39 AM, Joshua Wise <joshuaw...@celinaisd.com> >>>>> wrote: >>>>> >>>>> SSID type is 802.1x with WPA2-Enterprise. >>>>> >>>>> *Joshua Wise* >>>>> Systems Engineer, Celina ISD >>>>> 469-742-9113 >>>>> https://www.celinaisd.com >>>>> >>>>> >>>>> On Thu, Mar 25, 2021 at 7:08 AM Ludovic Zammit <lzam...@inverse.ca> >>>>> wrote: >>>>> >>>>>> Hello, >>>>>> >>>>>> What’s your SSID type ? Open SSID or 8021.x with WPA2 Entreprise? >>>>>> >>>>>> Thanks, >>>>>> >>>>>> >>>>>> Ludovic Zammit >>>>>> lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca >>>>>> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence >>>>>> (http://packetfence.org) >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Mar 24, 2021, at 3:06 PM, Joshua Wise via PacketFence-users < >>>>>> packetfence-users@lists.sourceforge.net> wrote: >>>>>> >>>>>> I'm in the process of testing Packefence with our Aruba Controller. >>>>>> I've added our on-prem Active Directory to Packetfence, and can test >>>>>> authentication fine with pftest, no issues. >>>>>> >>>>>> I've configured our Aruba Controller with an 802.1x SSID, RADIUS, etc. >>>>>> >>>>>> When I attempt to connect with username/password, it fails. I can see >>>>>> in the RADIUS log that I get an error "Attribute "User-Password" is >>>>>> required for authentication." >>>>>> >>>>>> Within that log, I can go to the RADIUS section and see: >>>>>> User-Password = "******" >>>>>> >>>>>> This makes me think the password is being passed from our Controller >>>>>> to Packetfence just fine. >>>>>> >>>>>> Not sure what I'm missing, any ideas or suggestions? >>>>>> >>>>>> *Joshua Wise* >>>>>> Systems Engineer, Celina ISD >>>>>> 469-742-9113 >>>>>> https://www.celinaisd.com >>>>>> _______________________________________________ >>>>>> PacketFence-users mailing list >>>>>> PacketFence-users@lists.sourceforge.net >>>>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>>>>> >>>>>> >>>>>> >>>>> >>>> >>> >> > > _______________________________________________ > PacketFence-users mailing > listPacketFence-users@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/packetfence-users > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users