Hi all, Any help would be appreciated.
Br, Timo From: Koppanen Timo via PacketFence-users <packetfence-users@lists.sourceforge.net> Sent: Thursday, 1 December 2022 16:34 To: packetfence-users@lists.sourceforge.net Cc: Koppanen Timo <timo.koppa...@etteplan.com> Subject: [PacketFence-users] Captive Portal problems Hi all, I’ve been trying to get captive portal to work for some time now. I have as my test device HPE Aruba 2530. I’ve been trying to follow documentations and trying scourge the net for information with no luck. 802.1x works fine when using computer account (created new cert in our domain) authentication and username authentication, and I would like that Captive portal works as a fallback for our workers who don’t have AD joined computer be cause of clients supply them. Switch settings, only testing in port 41 for now: radius-server host pfence-address key "mysecretkey!" radius-server host pfence-address dyn-authorization radius-server host pfence-address time-window 0 ip route 0.0.0.0 0.0.0.0 GW ip source-interface radius vlan 128 snmp-server community "public" operator snmp-server community "private" operator unrestricted aaa server-group radius "PacketFence" host pfence-address aaa accounting network start-stop radius server-group "PacketFence" aaa authentication port-access eap-radius server-group "PacketFence" aaa authentication mac-based peap-mschapv2 aaa authentication captive-portal enable aaa port-access authenticator 37,41 aaa port-access authenticator 37 tx-period 10 aaa port-access authenticator 37 client-limit 2 aaa port-access authenticator 41 tx-period 10 aaa port-access authenticator 41 client-limit 2 aaa port-access authenticator active aaa port-access mac-based 41 aaa port-access mac-based 41 addr-moves vlan 1 name "DEFAULT_VLAN" no untagged 2-48 untagged 1,49-52 no ip address exit vlan 128 name "VLAN128" untagged 2-48 tagged 1 ip address myswitches exit I don’t want to use any guest/registration or anything other vlans than my 128, which is office vlan in this case. You either get employee profile or you don’t. On packetfence side I have switch configured as this show: https://www.packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_aruba<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.packetfence.org%2Fdoc%2FPacketFence_Network_Devices_Configuration_Guide.html%23_aruba&data=05%7C01%7C%7C537a506eb6634718dca008dad6d11c49%7C1f23d6d3b1584e45b7e17631cf28c804%7C0%7C0%7C638058490863823107%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=%2ByETj%2FkNeIu%2BYgJ4uYDnAFU6wGUtxLECJLrCL1YcE3Y%3D&reserved=0> and following this as well, skipping the Cisco settings of course: https://www.packetfence.org/doc/PacketFence_Installation_Guide.html#_enabling_the_captive_portal<https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.packetfence.org%2Fdoc%2FPacketFence_Installation_Guide.html%23_enabling_the_captive_portal&data=05%7C01%7C%7C537a506eb6634718dca008dad6d11c49%7C1f23d6d3b1584e45b7e17631cf28c804%7C0%7C0%7C638058490863823107%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=B8QX7nWliQGdIqBASBpISlx%2BTlej8GMfic8uQS29zAg%3D&reserved=0> To test it I unregistered my test pc from packetfence, shutdown wired autoconfig, re-plugged ethernet and waited for awhile to see if anything happens on PC, am I automatically forwarded to http://mypfenceip/Aruba Nothing happens. I can see from switch that 802.1x fails and MAC fails, but I don’t see anything happening with captive portal. On PFence logs (radius, packetfence, haproxy[this log is empty]) I don’t see anything mentioned about captive portals. Then when I go from my own computer to the captive portal page mentioned above, it just says Not Implemented GET not supported for current URL. What logs should I look in to solve this issue? Br, Timo
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users