Thanks! I was able to solve the problem by sticking to the documentation. I missed adding „user-name-format without-domain“ to the „radius scheme packetfence“.
Now the username comes in as Mac address only. Best, Lukas Von: Zammit, Ludovic <luza...@akamai.com> Gesendet: Montag, 4. Juli 2022 18:04 An: PacketFence-users <packetfence-users@lists.sourceforge.net> Cc: Schneider Lukas <lukas.schnei...@stanna.at> Betreff: Re: [PacketFence-users] MAC Authentication Hello Lukas, I’m no expert but it says: "Module-Failure-Message = "Rejected: Realm does not have at least one dot separator”” For Mac authentication the username = Mac address of the device only. Thanks, Ludovic Zammit Product Support Engineer Principal [https://www.akamai.com/us/en/multimedia/images/custom/2019/logo-no-tag-93x45.png] Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: [https://www.akamai.com/us/en/multimedia/images/custom/community.jpg]<https://community.akamai.com>[https://www.akamai.com/us/en/multimedia/images/custom/rss.png]<http://blogs.akamai.com>[https://www.akamai.com/us/en/multimedia/images/custom/twitter.png]<https://twitter.com/akamai>[https://www.akamai.com/us/en/multimedia/images/custom/fb.png]<http://www.facebook.com/AkamaiTechnologies>[https://www.akamai.com/us/en/multimedia/images/custom/in.png]<http://www.linkedin.com/company/akamai-technologies>[https://www.akamai.com/us/en/multimedia/images/custom/youtube.png]<http://www.youtube.com/user/akamaitechnologies?feature=results_main> On Jul 1, 2022, at 6:35 AM, Schneider Lukas via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> wrote: Hi! I set up PacketFence 11.2 from the ZEN according to the installation guide and got 802.1X authentication working on my H3C S5120 switch. But now I am struggling to get MAC authentication working for my non-802.1X capable devices like printers an phones. I create a node with the device’s MAC address, select a role and set the status to „Registered“. Afterwards I connect the device it to the network port. In the RADIUS Audit Logs I can see a new entry coming in, but the Auth Status remains „Reject“ and the Node Status „Unregistered“. This is what the RADIUS request looks like according to the RADIUS Audit Logs: User-Name = "000fd502a3f2@packetfence" User-Password = "******" NAS-IP-Address = 10.1.1.237 NAS-Identifier = "pf-testswitch" NAS-Port = 33562626 NAS-Port-Id = "slot=2;subslot=0;port=2;vlanid=2" NAS-Port-Type = Ethernet Service-Type = Call-Check Framed-Protocol = PPP Calling-Station-Id = "00:0f:d5:02:a3:f2" Acct-Session-Id = "122060110272a5020" Attr-26.43.230 = 0x4769676162697445746865726e6574322f302f32 FreeRADIUS-Client-IP-Address = 10.1.1.237 PacketFence-Radius-Ip = "10.3.1.22" PacketFence-KeyBalanced = "4560a08fa197220c3e77d14559e310dc" Module-Failure-Message = "Rejected: Realm does not have at least one dot separator" SQL-User-Name = "000fd502a3f2@packetfence" The RADIUS reply remains empty. Can someone help me on this? Best, Lukas _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!RuYDUg3pVxBdRieiex_CHm7KqUSb7rkHOUPTwHupfSAeyyqLNe7cjDkGgMJR0RqJnpLTOk7j-kcc5qCoswJjByD7Yfj9JS2mPY65bQ$<https://urldefense.com/v3/__https:/lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!RuYDUg3pVxBdRieiex_CHm7KqUSb7rkHOUPTwHupfSAeyyqLNe7cjDkGgMJR0RqJnpLTOk7j-kcc5qCoswJjByD7Yfj9JS2mPY65bQ$>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
