[PacketFence-users] Captive Portal Packetfence 13.0.0 looping

Wed, 22 Nov 2023 13:37:50 -0800 

Hello,
For a upcoming project I am testing the captive portal for wired users. I installed the latest version of Packetfence (13.0.0) in a lab environment (based on Cisco devices) I did the basic configuration (Network, DNS, Cert, MAC-Authentication). 


The MAB ist working fine. Within Radius answer, the switch is receiving 
the vlan, information regarding redirection as shown below:


Nov 21 19:01:01.793: RADIUS: Tunnel-Private-Group[81]  5   "100"

Nov 21 19:01:01.793: RADIUS:  Tunnel-Medium-Type  [65]  6 
00:ALL_802                [6]

Nov 21 19:01:01.793: RADIUS:  Vendor, Cisco       [26]  38

Nov 21 19:01:01.793: RADIUS:   Cisco AVpair       [1]   32 
"url-redirect-acl=ACL-4-WEBAUTH"

Nov 21 19:01:01.796: RADIUS:  Vendor, Cisco       [26]  73

Nov 21 19:01:01.796: RADIUS:   Cisco AVpair       [1]   67 
"url-redirect=https://pf13.cwe.home/Cisco::Catalyst_2960/sidce32f3";

Nov 21 19:01:01.796: RADIUS:  Reply-Message       [18]  33

Nov 21 19:01:01.796: RADIUS:   22 50 46 31 33 20 69 6E 20 4D 41 42 2D 43 
50 20  ["PF13 in MAB-CP ]
Nov 21 19:01:01.796: RADIUS:   46 69 6C 74 65 72 20 53 65 63 74 69 6F 6E 
22   [ Filter Section"]
Nov 21 19:01:01.796: RADIUS:  Tunnel-Type         [64]  6 
00:VLAN                   [13]

Nov 21 19:01:01.796: RADIUS:  Filter-Id           [11]  6
Nov 21 19:01:01.796: RADIUS:   63 77 63 77              [ cwcw]


The user tries to connect to a web site and gets redirected to the 
captive portal as expected.  At this stage the user is always getting 
the same web page with the message "your network should be enabled 
within a minute or two...". My expectation is that the user should get a 
new page, in which he can accept the terms and conditions. When accepted 
the users (MAC) ist the registered and access is granted for the defined 
time.


Logs:


Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:unknown] External captive portal detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:unknown] Detected external portal client. 
Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] External captive portal 
detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] Detected external portal 
client. Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] Instantiate profile 
Non_EAP (pf::Connection::ProfileFactory::_from_profile)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(14) INFO: [mac:unknown] External captive portal detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(14) INFO: [mac:unknown] Detected external portal client. 
Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(14) INFO: [mac:00:1c:c4:cb:92:20] External captive portal 
detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(14) INFO: [mac:00:1c:c4:cb:92:20] Detected external portal 
client. Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(14) INFO: [mac:00:1c:c4:cb:92:20] Instantiate profile 
Non_EAP (pf::Connection::ProfileFactory::_from_profile)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(14) INFO: [mac:00:1c:c4:cb:92:20] Device is registered and 
still on the portal, attempting to release it again. 
(captiveportal::PacketFence::DynamicRouting::Module::Root::unknown_state)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:unknown] External captive portal detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:unknown] Detected external portal client. 
Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] External captive portal 
detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Detected external portal 
client. Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Instantiate profile 
Non_EAP (pf::Connection::ProfileFactory::_from_profile)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) WARN: [mac:00:1c:c4:cb:92:20] locale from the URL  is 
not supported (captiveportal::PacketFence::Controller::Root::getLanguages)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Releasing device 
(captiveportal::PacketFence::DynamicRouting::Module::Root::release)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] re-evaluating access 
(manage_register called) (pf::enforcement::reevaluate_access)
Nov 21 19:04:25 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) WARN: [mac:00:1c:c4:cb:92:20] previous location log 
entry not found for and 00:1c:c4:cb:92:20 192.168.1.114 
(pf::enforcement::_vlan_reevaluation)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:unknown] External captive portal detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:unknown] Detected external portal client. 
Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] External captive portal 
detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Detected external portal 
client. Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Instantiate profile 
Non_EAP (pf::Connection::ProfileFactory::_from_profile)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Device is registered and 
still on the portal, attempting to release it again. 
(captiveportal::PacketFence::DynamicRouting::Module::Root::unknown_state)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:unknown] External captive portal detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:unknown] Detected external portal client. 
Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] External captive portal 
detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] Detected external portal 
client. Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] Instantiate profile 
Non_EAP (pf::Connection::ProfileFactory::_from_profile)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) WARN: [mac:00:1c:c4:cb:92:20] locale from the URL  is 
not supported (captiveportal::PacketFence::Controller::Root::getLanguages)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] Releasing device 
(captiveportal::PacketFence::DynamicRouting::Module::Root::release)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) INFO: [mac:00:1c:c4:cb:92:20] re-evaluating access 
(manage_register called) (pf::enforcement::reevaluate_access)
Nov 21 19:04:36 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(16) WARN: [mac:00:1c:c4:cb:92:20] previous location log 
entry not found for and 00:1c:c4:cb:92:20 192.168.1.114 
(pf::enforcement::_vlan_reevaluation)
Nov 21 19:04:47 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(13) INFO: [mac:unknown] External captive portal detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:47 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(13) INFO: [mac:unknown] Detected external portal client. 
Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:47 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(13) INFO: [mac:00:1c:c4:cb:92:20] External captive portal 
detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:47 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(13) INFO: [mac:00:1c:c4:cb:92:20] Detected external portal 
client. Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:47 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(13) INFO: [mac:00:1c:c4:cb:92:20] Instantiate profile 
Non_EAP (pf::Connection::ProfileFactory::_from_profile)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(13) INFO: [mac:00:1c:c4:cb:92:20] Device is registered and 
still on the portal, attempting to release it again. 
(captiveportal::PacketFence::DynamicRouting::Module::Root::unknown_state)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:unknown] External captive portal detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:unknown] Detected external portal client. 
Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] External captive portal 
detected ! 
(captiveportal::PacketFence::Model::Portal::Session::_build_dispatcherSession)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Detected external portal 
client. Using the IP 192.168.1.115 address in it's session. 
(captiveportal::PacketFence::Model::Portal::Session::_build_clientIP)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Instantiate profile 
Non_EAP (pf::Connection::ProfileFactory::_from_profile)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) WARN: [mac:00:1c:c4:cb:92:20] locale from the URL  is 
not supported (captiveportal::PacketFence::Controller::Root::getLanguages)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] Releasing device 
(captiveportal::PacketFence::DynamicRouting::Module::Root::release)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) INFO: [mac:00:1c:c4:cb:92:20] re-evaluating access 
(manage_register called) (pf::enforcement::reevaluate_access)
Nov 21 19:04:48 PF13 httpd.portal-docker-wrapper[35011]: 
httpd.portal(15) WARN: [mac:00:1c:c4:cb:92:20] previous location log 
entry not found for and 00:1c:c4:cb:92:20 192.168.1.114 
(pf::enforcement::_vlan_reevaluation)



I would appreciate to get any hints on that topic in order to move forward.

Thanks a lot in advance,

Kind regards,
Carlos





_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users






















					Reply via email to