Hello All,
I have seen from the guide how to configure eduroam: https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_eduroam . My server is running Packetfence 10.3.0. outbound eduroam authentication works successfully. *Inbound eduroam authentication : * But i'm facing issue with inbound eduroam authentication with the following message: Reply-Message = "Switch is not managed by PacketFence" *The reason :* My pf server is making a filter on NAS-IP-Address = 193.54.188.34 instead of FreeRADIUS-Client-IP-Address = 194.57.7.15. The server with IP 194.57.7.15 is the eduroam.fr proxy radius and it's a client radius of my pf server. The radius requests from NAS-IP-Address = 193.54.188.34 are fording by FreeRADIUS-Client-IP-Address = 194.57.7.15. *synoptic: * "Paris" RADIUS : is my radius server "Marseilles" RADIUS: is the radius server of another institution. Access-Point -- [radius] --> "Marseilles" RADIUS -- [radius] --> Country Proxys (rad1|2.eduroam.fr) -- [radius] --> "Paris" RADIUS *Log :* Radius Request: User-Name = "us...@soleil.fr" NAS-IP-Address = 193.54.188.34 NAS-Port = 1 Service-Type = Framed-User Framed-MTU = 1300 Called-Station-Id = "11:22:33:44:55:66:eduroam" Calling-Station-Id = "AA:BB:CC:EE:DD:FF" NAS-Identifier = "WLC8510-1" Proxy-State = 0x313639 Proxy-State = 0x3933 NAS-Port-Type = Wireless-802.11 Acct-Session-Id = "61f7db3a/AA:BB:CC:EE:DD:FF/15621780" Tunnel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Tunnel-Private-Group-Id:0 = "12" Event-Timestamp = "Jan 31 2022 13:51:17 CET" EAP-Message = 0x020100140160406365612e6672 Message-Authenticator = 0x118d65d70758e05e470d9 Chargeable-User-Identity = 0x22 Location-Capable = Civic-Location Airespace-Wlan-Id = 51 Cisco-AVPair = "audit-session-id=22bcdbf761" Cisco-AVPair = "mDNS=true" Stripped-User-Name = "user2" Realm = "cea.fr" FreeRADIUS-Client-IP-Address = 194.57.7.15 Called-Station-SSID = "eduroam" PacketFence-ShortName = "eduroam_tlrs1" PacketFence-KeyBalanced = "183d134047864398846ac987aa0435a2" PacketFence-Radius-Ip = "213.186.33.5" User-Password = "******" SQL-User-Name = "us...@soleil.fr" RADIUS Reply: Reply-Message = "Switch is not managed by PacketFence" Proxy-State = 0x313639 Proxy-State = 0x3933 Helps: How to set pf to use FreeRADIUS-Client-IP-Address filter Inbound authentication ? Thank You. Regards Mickael BOUBALA
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users