Re: [PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone
Perfect!
It's working well!!
Thank you!
Matteo
2014-07-03 15:30 GMT+02:00 Matteo Pidalà matteo.pid...@gmail.com:
ah ok! I will try next week, I will be far away from my server until
Monday...
Thanks once again Fabrice,
regards
Matteo
2014-07-03 1:10 GMT+02:00 Durand fabrice fdur...@inverse.ca:
My fault, it´s just a little syntax error, try this:
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request-{'Cisco-AVPair'}}) {
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair =
ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of
Cisco-AVPair: .$ciscoAVPair);
}
}
} else {
if ($radius_request-{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$radius_request-{'Cisco-AVPair'});
}
}
}
$logger-warn(
Unable to extract SSID for module . ref($this) . . SSID-based
VLAN assignments won't work.
. Make sure you enable Vendor Specific Attributes (VSA) on the
AP if you want them to work.
);
return;
}
Fabrice
Le 2014-07-02 16:21, Matteo Pidalà a écrit :
Hi Fabrice,
I'm sorry to disturb you once again, but after the function change, I
receive a new error from packetfence.log after trying to connect my laptop
in wifi:
*Jul 03 00:19:33 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:33 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:33 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:36 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:36 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:36 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:39 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:39 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:39 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:43 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:43 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:43 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
The configuration is still like my first mail.
Any suggestion are welcome!!
Regards
Mattteo
2014-07-01 23:49 GMT+02:00 Durand fabrice fdur...@inverse.ca:
Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with that
code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request-{'Cisco-AVPair'}}) {
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if
Re: [PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone
ah ok! I will try next week, I will be far away from my server until
Monday...
Thanks once again Fabrice,
regards
Matteo
2014-07-03 1:10 GMT+02:00 Durand fabrice fdur...@inverse.ca:
My fault, it´s just a little syntax error, try this:
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair (@{$radius_request-{'Cisco-AVPair'}})
{
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair =
ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$ciscoAVPair);
}
}
} else {
if ($radius_request-{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$radius_request-{'Cisco-AVPair'});
}
}
}
$logger-warn(
Unable to extract SSID for module . ref($this) . . SSID-based
VLAN assignments won't work.
. Make sure you enable Vendor Specific Attributes (VSA) on the AP
if you want them to work.
);
return;
}
Fabrice
Le 2014-07-02 16:21, Matteo Pidalà a écrit :
Hi Fabrice,
I'm sorry to disturb you once again, but after the function change, I
receive a new error from packetfence.log after trying to connect my laptop
in wifi:
*Jul 03 00:19:33 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:33 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:33 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:36 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:36 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:36 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:39 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:39 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:39 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:43 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:43 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:43 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
The configuration is still like my first mail.
Any suggestion are welcome!!
Regards
Mattteo
2014-07-01 23:49 GMT+02:00 Durand fabrice fdur...@inverse.ca:
Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with that
code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request-{'Cisco-AVPair'}}) {
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair =
ssid=PacketFence-Secure
return $1;
Re: [PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone
Hi Fabrice,
thank you very much for your prompt answer.
Today evening I will try to perform this change.
I try to modify the script following the error in the logs, but it was not
like yours and the system was not working ;-)
In case, seems a general issue / workaround. Is it possible add it on the
official documentation?
Regards
Matteo
2014-07-01 23:49 GMT+02:00 Durand fabrice fdur...@inverse.ca:
Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with that
code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair (@{$radius_request-{'Cisco-AVPair'}})
{
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair =
ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$ciscoAVPair);
}
}
} else {
if ($radius_request-{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$ciscoAVPair);
}
}
}
$logger-warn(
Unable to extract SSID for module . ref($this) . . SSID-based
VLAN assignments won't work.
. Make sure you enable Vendor Specific Attributes (VSA) on the AP
if you want them to work.
);
return;
}
Of course restart httpd.webservices service.
Regards
Fabrice
Le 2014-07-01 17:36, Matteo Pidalà a écrit :
Hi everybody!
I reached one satisfied environment of Packetfence, with some switches and
users working with 802.1x authentication with captive portal self
registration.
That's great... thanks once again for this fantastic product.
Anyway right now I have one issue for the Wireless part.
I have (for now), one cisco Aironet 1242 that should be perfectly
compatible with pf.
*I receive this strange message from the troubleshooting that I did:*
*Jul 02 01:19:29 httpd.webservices(4128) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 02 01:19:29 httpd.webservices(4128) INFO: handling radius autz
request: from switch_ip = 10.0.1.10, connection_type =
Wireless-802.11-NoEAP,switch_mac = , mac = 04:f7:e4:f3:d6:99, port =
270, username = 04f7e4f3d699 (pf::radius::authorize)*
*Jul 02 01:19:29 httpd.webservices(4128) ERROR: radius authorize failed
with error: Can't use string (ssid=Public) as an ARRAY ref while strict
refs in use at /usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*
* (pf::api::radius_authorize)*
*Jul 02 01:19:32 httpd.webservices(4128) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 02 01:19:32 httpd.webservices(4128) INFO: handling radius autz
request: from switch_ip = 10.0.1.10, connection_type =
Wireless-802.11-NoEAP,switch_mac = , mac = 04:f7:e4:f3:d6:99, port =
271, username = 04f7e4f3d699 (pf::radius::authorize)*
*Jul 02 01:19:32 httpd.webservices(4128) ERROR: radius authorize failed
with error: Can't use string (ssid=Public) as an ARRAY ref while strict
refs in use at /usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*
* (pf::api::radius_authorize)*
*From the switch:*
**Mar 1 06:04:41.138: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
Authentication failed*
**Mar 1 06:04:49.713: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
Authentication failed*
*The extract focused configuration is this:*
#
# Copyright 2006-2008 Inverse inc.
#
# See the enclosed file COPYING for license information (GPL).
# If you did not receive this file, see
# http://www.fsf.org/licensing/licenses/gpl.html
[default]
description=Switches Default Values
vlans=1,2,3,4,5,10,20,30,35,40,50,60,100,110,120
normalVlan=100
registrationVlan=110
isolationVlan=120
macDetectionVlan=4
voiceVlan=5
inlineVlan=6
inlineTrigger=
normalRole=normal
registrationRole=registration
isolationRole=isolation
macDetectionRole=macDetection
voiceRole=voice
inlineRole=inline
VoIPEnabled=no
VlanMap=Y
RoleMap=Y
mode=testing
macSearchesMaxNb=30
macSearchesSleepInterval=2
uplink=dynamic
#
# Command Line Interface
#
# cliTransport could be: Telnet, SSH or Serial
cliTransport=Telnet
cliUser=
cliPwd=
cliEnablePwd=
#
# SNMP section
#
# PacketFence - Switch
SNMPVersion=3
SNMPUserNameRead=readUser
SNMPAuthProtocolRead=MD5
SNMPAuthPasswordRead=authpwdread
SNMPPrivProtocolRead=AES
SNMPPrivPasswordRead=privpwdread
SNMPUserNameWrite=writeUser
SNMPAuthProtocolWrite=MD5
SNMPAuthPasswordWrite=authpwdwrite
Re: [PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone
Hi Fabrice,
I'm sorry to disturb you once again, but after the function change, I
receive a new error from packetfence.log after trying to connect my laptop
in wifi:
*Jul 03 00:19:33 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:33 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:33 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:36 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:36 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:36 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:39 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:39 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:39 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
*Jul 03 00:19:43 httpd.webservices(3047) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 03 00:19:43 httpd.webservices(3047) ERROR: Can not load perl module
for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242. Either the
type is unknown or the perl module has compilation errors. Read the
following message for details: (pf::SwitchFactory::instantiate)*
*Jul 03 00:19:43 httpd.webservices(3047) WARN: Can't instantiate switch
10.0.1.10. This request will be failed. Are you sure your switches.conf is
correct? (pf::radius::authorize)*
The configuration is still like my first mail.
Any suggestion are welcome!!
Regards
Mattteo
2014-07-01 23:49 GMT+02:00 Durand fabrice fdur...@inverse.ca:
Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with that
code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair (@{$radius_request-{'Cisco-AVPair'}})
{
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair =
ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$ciscoAVPair);
}
}
} else {
if ($radius_request-{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$ciscoAVPair);
}
}
}
$logger-warn(
Unable to extract SSID for module . ref($this) . . SSID-based
VLAN assignments won't work.
. Make sure you enable Vendor Specific Attributes (VSA) on the AP
if you want them to work.
);
return;
}
Of course restart httpd.webservices service.
Regards
Fabrice
Le 2014-07-01 17:36, Matteo Pidalà a écrit :
Hi everybody!
I reached one satisfied environment of Packetfence, with some switches and
users working with 802.1x authentication with captive portal self
registration.
That's great... thanks once again for this fantastic product.
Anyway right now I have one issue for the Wireless part.
I have (for now), one cisco Aironet 1242 that should be perfectly
compatible with pf.
*I receive this strange message from the troubleshooting that I did:*
*Jul 02 01:19:29 httpd.webservices(4128) INFO: Unable to extract MAC from
Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*
*Jul 02 01:19:29 httpd.webservices(4128) INFO: handling radius autz
request: from switch_ip = 10.0.1.10, connection_type =
Wireless-802.11-NoEAP,switch_mac = , mac =
Re: [PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone
My fault, it´s just a little syntax error, try this:
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request-{'Cisco-AVPair'}}) {
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair
= ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of
Cisco-AVPair: .$ciscoAVPair);
}
}
} else {
if ($radius_request-{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$radius_request-{'Cisco-AVPair'});
}
}
}
$logger-warn(
Unable to extract SSID for module . ref($this) . .
SSID-based VLAN assignments won't work.
. Make sure you enable Vendor Specific Attributes (VSA) on the
AP if you want them to work.
);
return;
}
Fabrice
Le 2014-07-02 16:21, Matteo Pidalà a écrit :
Hi Fabrice,
I'm sorry to disturb you once again, but after the function change, I
receive a new error from packetfence.log after trying to connect my
laptop in wifi:
*/Jul 03 00:19:33 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:33 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:33 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
*/Jul 03 00:19:36 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:36 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:36 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
*/Jul 03 00:19:39 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:39 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:39 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
*/Jul 03 00:19:43 httpd.webservices(3047) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)/*
*/Jul 03 00:19:43 httpd.webservices(3047) ERROR: Can not load perl
module for switch 10.0.1.10, type: pf::Switch::Cisco::Aironet_1242.
Either the type is unknown or the perl module has compilation errors.
Read the following message for details:
(pf::SwitchFactory::instantiate)/*
*/Jul 03 00:19:43 httpd.webservices(3047) WARN: Can't instantiate
switch 10.0.1.10. This request will be failed. Are you sure your
switches.conf is correct? (pf::radius::authorize)/*
The configuration is still like my first mail.
Any suggestion are welcome!!
Regards
Mattteo
2014-07-01 23:49 GMT+02:00 Durand fabrice fdur...@inverse.ca
mailto:fdur...@inverse.ca:
Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with
that code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request-{'Cisco-AVPair'}}) {
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex:
Cisco-AVPair = ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of
Cisco-AVPair: .$ciscoAVPair);
}
[PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone
Hi everybody! I reached one satisfied environment of Packetfence, with some switches and users working with 802.1x authentication with captive portal self registration. That's great... thanks once again for this fantastic product. Anyway right now I have one issue for the Wireless part. I have (for now), one cisco Aironet 1242 that should be perfectly compatible with pf. *I receive this strange message from the troubleshooting that I did:* *Jul 02 01:19:29 httpd.webservices(4128) INFO: Unable to extract MAC from Called-Station-Id: 0021.1be9.8770 (pf::radius::extractApMacFromRadiusRequest)* *Jul 02 01:19:29 httpd.webservices(4128) INFO: handling radius autz request: from switch_ip = 10.0.1.10, connection_type = Wireless-802.11-NoEAP,switch_mac = , mac = 04:f7:e4:f3:d6:99, port = 270, username = 04f7e4f3d699 (pf::radius::authorize)* *Jul 02 01:19:29 httpd.webservices(4128) ERROR: radius authorize failed with error: Can't use string (ssid=Public) as an ARRAY ref while strict refs in use at /usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.* * (pf::api::radius_authorize)* *Jul 02 01:19:32 httpd.webservices(4128) INFO: Unable to extract MAC from Called-Station-Id: 0021.1be9.8770 (pf::radius::extractApMacFromRadiusRequest)* *Jul 02 01:19:32 httpd.webservices(4128) INFO: handling radius autz request: from switch_ip = 10.0.1.10, connection_type = Wireless-802.11-NoEAP,switch_mac = , mac = 04:f7:e4:f3:d6:99, port = 271, username = 04f7e4f3d699 (pf::radius::authorize)* *Jul 02 01:19:32 httpd.webservices(4128) ERROR: radius authorize failed with error: Can't use string (ssid=Public) as an ARRAY ref while strict refs in use at /usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.* * (pf::api::radius_authorize)* *From the switch:* **Mar 1 06:04:41.138: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699 Authentication failed* **Mar 1 06:04:49.713: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699 Authentication failed* *The extract focused configuration is this:* # # Copyright 2006-2008 Inverse inc. # # See the enclosed file COPYING for license information (GPL). # If you did not receive this file, see # http://www.fsf.org/licensing/licenses/gpl.html [default] description=Switches Default Values vlans=1,2,3,4,5,10,20,30,35,40,50,60,100,110,120 normalVlan=100 registrationVlan=110 isolationVlan=120 macDetectionVlan=4 voiceVlan=5 inlineVlan=6 inlineTrigger= normalRole=normal registrationRole=registration isolationRole=isolation macDetectionRole=macDetection voiceRole=voice inlineRole=inline VoIPEnabled=no VlanMap=Y RoleMap=Y mode=testing macSearchesMaxNb=30 macSearchesSleepInterval=2 uplink=dynamic # # Command Line Interface # # cliTransport could be: Telnet, SSH or Serial cliTransport=Telnet cliUser= cliPwd= cliEnablePwd= # # SNMP section # # PacketFence - Switch SNMPVersion=3 SNMPUserNameRead=readUser SNMPAuthProtocolRead=MD5 SNMPAuthPasswordRead=authpwdread SNMPPrivProtocolRead=AES SNMPPrivPasswordRead=privpwdread SNMPUserNameWrite=writeUser SNMPAuthProtocolWrite=MD5 SNMPAuthPasswordWrite=authpwdwrite SNMPPrivProtocolWrite=AES SNMPPrivPasswordWrite=privpwdwrite # Switch - PacketFence SNMPVersionTrap=3 SNMPUserNameTrap=readUser SNMPAuthProtocolTrap=MD5 SNMPAuthPasswordTrap=authpwdread SNMPPrivProtocolTrap=AES SNMPPrivPasswordTrap=privpwdread # # Web Services Interface # # wsTransport could be: http or https wsTransport=http wsUser= wsPwd= # # RADIUS NAS Client config # # RADIUS shared secret with switch radiusSecret=udifiusdbfdbsuisdbfidbs [10.0.1.4] mode=production defaultVlan=100 deauthMethod=SNMP description=core type=Cisco::Catalyst_3560 VoIPEnabled=N uplink=1,2,3,4,5,6,7,8,9,10 defaultRole=default guestVlan=100 gamingRole=guest guestRole=guest gamingVlan=100 wsPwd=cisco wsUser=cisco SNMPEngineID=AA5ED139B81D4A328D18ACD1 [10.0.1.10] SNMPVersion=2c SNMPCommunityRead=public SNMPCommunityWrite=private SNMPVersionTrap=2c SNMPCommunityTrap=public mode=production description=AP type=Cisco::Aironet_1242 *AP Configuration:* aaa group server radius rad_eap server 10.0.1.3 auth-port 1812 acct-port 1813 aaa group server radius rad_mac server 10.0.1.3 auth-port 1812 acct-port 1813 aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods group rad_mac snmp-server community public RO snmp-server community private RW snmp-server enable traps disassociate snmp-server enable traps deauthenticate snmp-server enable traps aaa_server radius-server host 10.0.1.3 auth-port 1812 acct-port 1813 key 7 ljljlkjlkjlkjjklkjljkljkljlj74F08090127 radius-server vsa send accounting radius-server vsa send authentication If you need something else... in the meantime... thanks in advance for your further support!!! Regards Matteo -- Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into
Re: [PacketFence-users] SSID message Error on PF from Cisco ap1242 and iphone mobile phone
Hello Matteo,
can you edit Aironet.pm and replace the function extractSsid with that
code and retry :
sub extractSsid {
my ($this, $radius_request) = @_;
my $logger = Log::Log4perl::get_logger(ref($this));
if (defined($radius_request-{'Cisco-AVPair'})) {
if (ref($radius_request-{'Cisco-AVPair'}) eq 'ARRAY') {
foreach my $ciscoAVPair
(@{$radius_request-{'Cisco-AVPair'}}) {
$logger-trace(Cisco-AVPair: .$ciscoAVPair);
if ($ciscoAVPair =~ /^ssid=(.*)$/) { # ex: Cisco-AVPair
= ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of
Cisco-AVPair: .$ciscoAVPair);
}
}
} else {
if ($radius_request-{'Cisco-AVPair'} =~ /^ssid=(.*)$/) { #
ex: Cisco-AVPair = ssid=PacketFence-Secure
return $1;
} else {
$logger-info(Unable to extract SSID of Cisco-AVPair:
.$ciscoAVPair);
}
}
}
$logger-warn(
Unable to extract SSID for module . ref($this) . .
SSID-based VLAN assignments won't work.
. Make sure you enable Vendor Specific Attributes (VSA) on the
AP if you want them to work.
);
return;
}
Of course restart httpd.webservices service.
Regards
Fabrice
Le 2014-07-01 17:36, Matteo Pidalà a écrit :
Hi everybody!
I reached one satisfied environment of Packetfence, with some switches
and users working with 802.1x authentication with captive portal self
registration.
That's great... thanks once again for this fantastic product.
Anyway right now I have one issue for the Wireless part.
I have (for now), one cisco Aironet 1242 that should be perfectly
compatible with pf.
_I receive this strange message from the troubleshooting that I did:_
/*Jul 02 01:19:29 httpd.webservices(4128) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*/
/*Jul 02 01:19:29 httpd.webservices(4128) INFO: handling radius autz
request: from switch_ip = 10.0.1.10, connection_type =
Wireless-802.11-NoEAP,switch_mac = , mac = 04:f7:e4:f3:d6:99, port
= 270, username = 04f7e4f3d699 (pf::radius::authorize)*/
/*Jul 02 01:19:29 httpd.webservices(4128) ERROR: radius authorize
failed with error: Can't use string (ssid=Public) as an ARRAY ref
while strict refs in use at
/usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*/
/* (pf::api::radius_authorize)*/
/*Jul 02 01:19:32 httpd.webservices(4128) INFO: Unable to extract MAC
from Called-Station-Id: 0021.1be9.8770
(pf::radius::extractApMacFromRadiusRequest)*/
/*Jul 02 01:19:32 httpd.webservices(4128) INFO: handling radius autz
request: from switch_ip = 10.0.1.10, connection_type =
Wireless-802.11-NoEAP,switch_mac = , mac = 04:f7:e4:f3:d6:99, port
= 271, username = 04f7e4f3d699 (pf::radius::authorize)*/
/*Jul 02 01:19:32 httpd.webservices(4128) ERROR: radius authorize
failed with error: Can't use string (ssid=Public) as an ARRAY ref
while strict refs in use at
/usr/local/pf/lib/pf/Switch/Cisco/Aironet.pm line 206.*/
/* (pf::api::radius_authorize)*/
_From the switch:_
*/*Mar 1 06:04:41.138: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
Authentication failed/*
*/*Mar 1 06:04:49.713: %DOT11-7-AUTH_FAILED: Station 04f7.e4f3.d699
Authentication failed/*
_The extract focused configuration is this:_
#
# Copyright 2006-2008 Inverse inc.
#
# See the enclosed file COPYING for license information (GPL).
# If you did not receive this file, see
# http://www.fsf.org/licensing/licenses/gpl.html
[default]
description=Switches Default Values
vlans=1,2,3,4,5,10,20,30,35,40,50,60,100,110,120
normalVlan=100
registrationVlan=110
isolationVlan=120
macDetectionVlan=4
voiceVlan=5
inlineVlan=6
inlineTrigger=
normalRole=normal
registrationRole=registration
isolationRole=isolation
macDetectionRole=macDetection
voiceRole=voice
inlineRole=inline
VoIPEnabled=no
VlanMap=Y
RoleMap=Y
mode=testing
macSearchesMaxNb=30
macSearchesSleepInterval=2
uplink=dynamic
#
# Command Line Interface
#
# cliTransport could be: Telnet, SSH or Serial
cliTransport=Telnet
cliUser=
cliPwd=
cliEnablePwd=
#
# SNMP section
#
# PacketFence - Switch
SNMPVersion=3
SNMPUserNameRead=readUser
SNMPAuthProtocolRead=MD5
SNMPAuthPasswordRead=authpwdread
SNMPPrivProtocolRead=AES
SNMPPrivPasswordRead=privpwdread
SNMPUserNameWrite=writeUser
SNMPAuthProtocolWrite=MD5
SNMPAuthPasswordWrite=authpwdwrite
SNMPPrivProtocolWrite=AES
SNMPPrivPasswordWrite=privpwdwrite
# Switch - PacketFence
SNMPVersionTrap=3
SNMPUserNameTrap=readUser
SNMPAuthProtocolTrap=MD5
SNMPAuthPasswordTrap=authpwdread
SNMPPrivProtocolTrap=AES
SNMPPrivPasswordTrap=privpwdread
#
# Web Services Interface
#
# wsTransport could be: http or https
wsTransport=http
wsUser=
wsPwd=
#
# RADIUS NAS Client config
#
# RADIUS shared secret with switch
radiusSecret=udifiusdbfdbsuisdbfidbs
[10.0.1.4]
mode=production
defaultVlan=100
