Hello, Yes, of course. File in attach Device’s mac: a8:64:f1:d7:fa:e6
From: Fabrice Durand <oeufd...@gmail.com> Sent: Friday, January 5, 2024 5:34 PM To: packetfence-users@lists.sourceforge.net Cc: Ievgen Lepekha <ievgen_lepe...@erc.ua> Subject: Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA) Hello Levgen, can you provide the packetfence.log snippet when you register on the portal ? Regards Fabrice Le ven. 5 janv. 2024 à 08:18, Ievgen Lepekha via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> a écrit : Hi, all, Need help. I was integrate PacketFence 13 with Cisco WLC 3504, configured SSID with open+mac-filter (radius enabled), 2 ACL's. Guest on first connection are redirected to captive-portal. After registration PacketFence should return a new role, but this does not happen automatically, PF does not sent CoA packets to WLC, on Switch "Use CoA" enabled, CoA port is 1700(I've tried with port 3799 but nothing works - the same result). If manualy reсonnect device to SSID (disconnect/connect) then everything works (WLC will send a new RADIUS request and PacketFence should return a new role and necessary ACL). Help, please with Radius CoA for automatically change roles. In PF use default template "WLC" From TCPDUMP on PacketFence on ports 1700 and 3799 - nothing Also with radclient "radsniff -x -p 1700" - empty (Cisco Controller) >show radius summary Vendor Id Backward Compatibility................. Disabled Call Station Id Case............................. lower Accounting Call Station Id Type.................. Mac Address Auth Call Station Id Type........................ AP's Radio MAC Address:SSID Extended Source Ports Support.................... Enabled Aggressive Failover.............................. Disabled Keywrap.......................................... Disabled Fallback Test: Test Mode.................................... Active Probe User Name.............................. cisco-probe Interval (in seconds)........................ 300 MAC Delimiter for Authentication Messages........ hyphen MAC Delimiter for Accounting Messages............ hyphen RADIUS Authentication Framed-MTU................. 1300 Bytes AP Events Accounting............................. Disabled Authentication Servers Idx Type Server Address Port State Tout MgmtTout RFC3576 IPSec - state/Profile Name/RadiusRegionString --- ---- ---------------- ------ -------- ---- -------- ------- ------------------------------------------------------- 6 * N **** 1812 Enabled 5 5 Enabled Disabled - /none Accounting Servers Idx Type Server Address Port State Tout MgmtTout RFC3576 IPSec - state/Profile Name/RadiusRegionString --- ---- ---------------- ------ -------- ---- -------- ------- ------------------------------------------------------- 6 * N **** 1813 Enabled 5 5 N/A Disabled - /none (Cisco Controller) >show radius rfc3576 statistics RFC-3576 Servers: Server Index..................................... 6 Server Address................................... **** Disconnect-Requests.............................. 0 COA-Requests..................................... 0 Retransmitted Requests........................... 0 Malformed Requests............................... 0 Bad Authenticator Requests....................... 0 Other Drops...................................... 0 Sent Disconnect-Ack.............................. 0 Sent Disconnect-Nak.............................. 0 Sent CoA-Ack..................................... 0 Sent CoA-Nak..................................... 0 Best Regards, Yevgen Lepekha Network engineer ERC Kyiv, Ukraine tel office: +380 44 230 34 74 (1132) _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users
packetfence.log
Description: packetfence.log
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users