Re: [PacketFence-users] Dynamic vlan assignment in packetfence with Google Secure LDAP - Regarding
Hi Ludovic and Team, We are using only one source that is *Google Workspace Secure LDAP* for Faculty, PG and UG Students, All the OU are configured in the same Secure LDAP under the Users - Faculty, PG and UG [image: image.png] *Can I try the following condition?* *Match - all* *ou=Faculty* *Set Role - Faculty* *Access Duration: 1 year* Similarly for the other ou - UG and PG Will it work? Can I try the configuration of "Role Mapping by VLAN" in switch configuration of pf for dynamic vlan assignment? We are having AD on Premise, but not used with packetfence Regards, Thirunavukkarasu ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
[PacketFence-users] MAC Authentication
Hi! I set up PacketFence 11.2 from the ZEN according to the installation guide and got 802.1X authentication working on my H3C S5120 switch. But now I am struggling to get MAC authentication working for my non-802.1X capable devices like printers an phones. I create a node with the device's MAC address, select a role and set the status to "Registered". Afterwards I connect the device it to the network port. In the RADIUS Audit Logs I can see a new entry coming in, but the Auth Status remains "Reject" and the Node Status "Unregistered". This is what the RADIUS request looks like according to the RADIUS Audit Logs: User-Name = "000fd502a3f2@packetfence" User-Password = "**" NAS-IP-Address = 10.1.1.237 NAS-Identifier = "pf-testswitch" NAS-Port = 33562626 NAS-Port-Id = "slot=2;subslot=0;port=2;vlanid=2" NAS-Port-Type = Ethernet Service-Type = Call-Check Framed-Protocol = PPP Calling-Station-Id = "00:0f:d5:02:a3:f2" Acct-Session-Id = "122060110272a5020" Attr-26.43.230 = 0x4769676162697445746865726e6574322f302f32 FreeRADIUS-Client-IP-Address = 10.1.1.237 PacketFence-Radius-Ip = "10.3.1.22" PacketFence-KeyBalanced = "4560a08fa197220c3e77d14559e310dc" Module-Failure-Message = "Rejected: Realm does not have at least one dot separator" SQL-User-Name = "000fd502a3f2@packetfence" The RADIUS reply remains empty. Can someone help me on this? Best, Lukas ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
