Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support -- Solved
Hello James,
cool it works, i will add the support of 802.1x for the Mserie in the
main code.
Regards
Fabrice
Le 2017-11-02 à 09:15, James Garcellano via PacketFence-users a écrit :
> Hello Fabrice,
>
> Adding the line "sub supportsWiredDot1x { return $TRUE; }" to
> /usr/local/pf/lib/pf/Switch/Netgear/MSeries.pm and then rebooting PacketFence
> has worked.
>
> Here are the latest entries from the /usr/local/pf/logs/packetfence.log file:
>
> Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
> [mac:00:21:70:d8:ac:45] handling radius autz request: from switch_ip =>
> (192.168.1.12), connection_type => Ethernet-EAP,switch_mac =>
> (b0:b9:8a:46:3d:0e), mac => [00:21:70:d8:ac:45], port => 1, username =>
> "PFDOMAIN\testme" (pf::radius::authorize)
> Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
> [mac:00:21:70:d8:ac:45] Instantiate profile default
> (pf::Connection::ProfileFactory::_from_profile)
> Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
> [mac:00:21:70:d8:ac:45] is of status unreg; belongs into registration VLAN
> (pf::role::getRegistrationRole)
> Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
> [mac:00:21:70:d8:ac:45] (192.168.1.12) Added VLAN 20 to the returned RADIUS
> Access-Accept (pf::Switch::returnRadiusAccessAccept)
> Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
> [mac:[undef]] Updating locationlog from accounting request
> (pf::api::handle_accounting_metadata)
>
>
> Thank you, Fabrice, for your time and assistance in helping to troubleshoot
> my issue!
>
> James Garcellano
>
>> Ok so you need to add support of 802.1x in the switch module.
>>
>> In this file,
>> https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/Netgear/MSeries.pm#L19
>>
>> add that:
>>
>> sub supportsWiredDot1x { return $TRUE; }
>>
>> Then restart packetfence.
>>
>> Paste me the packetfence.log after that.
>> Regards
>> Fabrice
>>
>> Le 2017-11-01 à 18:04, James Garcellano via PacketFence-users a écrit :
>>> Hello Fabrice,
>>>
>>> Here is the last few entries from the /usr/local/pf/logs/packetfence.log
>>> file:
>>>
>>> Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852)
>>> INFO: [mac:00:21:70:d8:ac:45] handling radius autz request: from switch_ip
>>> => (192.168.1.12), connection_type => Ethernet-EAP,switch_mac =>
>>> (b0:b9:8a:46:3d:0e), mac => [00:21:70:d8:ac:45], port => 1, username =>
>>> "PFDOMAIN\testme" (pf::radius::authorize)
>>> Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852)
>>> ERROR: [mac:00:21:70:d8:ac:45] Wired 802.1X is not supported on switch type
>>> pf::Switch::Netgear::MSeries. Please let us know what hardware you are
>>> using. (pf::Switch::supportsWiredDot1x)
>>> Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852)
>>> WARN: [mac:00:21:70:d8:ac:45] (192.168.1.12) Sending REJECT since switch is
>>> unsupported (pf::radius::_switchUnsupportedReply)
>>> Nov 1 22:03:07 packetfence-zen packetfence_httpd.aaa: httpd.aaa(3730)
>>> INFO: [mac:00:21:70:d8:ac:45] Updating locationlog from accounting request
>>> (pf::api::handle_accounting_metadata)
>>>
>>>
Ok it's better now.
Now can you check on the packetfence.log, you are suppose to see
different messages now.
Le 2017-11-01 à 17:27, James Garcellano via PacketFence-users a écrit :
> It looks like the other test still showed the NAS IP as 192.168.1.5.
>
> I rebooted the switch and did another test.
>
> Here is the raddebug from that...
>
> (38) Wed Nov 1 21:13:13 2017: Debug: Received Access-Request Id 201 from
> 192.168.1.12:42371 to 192.168.1.5:1812 length 158
> (38) Wed Nov 1 21:13:13 2017: Debug: User-Name = "PFDOMAIN\\testme"
> (38) Wed Nov 1 21:13:13 2017: Debug: Called-Station-Id =
> "b0-b9-8a-46-3d-0e"
> (38) Wed Nov 1 21:13:13 2017: Debug: Calling-Station-Id =
> "00:21:70:d8:ac:45"
> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-Identifier =
> "b0-b9-8a-46-3d-0c"
> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-IP-Address = 192.168.1.12
> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port = 1
> (38) Wed Nov 1 21:13:13 2017: Debug: Framed-MTU = 1500
> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port-Type = Ethernet
> (38) Wed Nov 1 21:13:13 2017: Debug: EAP-Message =
> 0x0214015046444f4d41494e5c746573746d65
> (38) Wed Nov 1 21:13:13 2017: Debug: Message-Authenticator =
> 0x935d535299b823f31e7748c9271d6225
> (38) Wed Nov 1 21:13:13 2017: Debug: # Executing section authorize from
> file /usr/local/pf/raddb/sites-enabled/packetfence
> (38) Wed Nov 1 21:13:13 2017: Debug: authorize {
> (38) Wed Nov 1 21:13:13 2017: Debug: update {
> (38) Wed Nov 1 21:13:13 2017: Debug: EXPAND
> %{Packet-Src-IP-Address}
> (38) We
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support -- Solved
Hello Fabrice,
Adding the line "sub supportsWiredDot1x { return $TRUE; }" to
/usr/local/pf/lib/pf/Switch/Netgear/MSeries.pm and then rebooting PacketFence
has worked.
Here are the latest entries from the /usr/local/pf/logs/packetfence.log file:
Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
[mac:00:21:70:d8:ac:45] handling radius autz request: from switch_ip =>
(192.168.1.12), connection_type => Ethernet-EAP,switch_mac =>
(b0:b9:8a:46:3d:0e), mac => [00:21:70:d8:ac:45], port => 1, username =>
"PFDOMAIN\testme" (pf::radius::authorize)
Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
[mac:00:21:70:d8:ac:45] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
[mac:00:21:70:d8:ac:45] is of status unreg; belongs into registration VLAN
(pf::role::getRegistrationRole)
Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
[mac:00:21:70:d8:ac:45] (192.168.1.12) Added VLAN 20 to the returned RADIUS
Access-Accept (pf::Switch::returnRadiusAccessAccept)
Nov 2 12:46:30 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2908) INFO:
[mac:[undef]] Updating locationlog from accounting request
(pf::api::handle_accounting_metadata)
Thank you, Fabrice, for your time and assistance in helping to troubleshoot my
issue!
James Garcellano
>Ok so you need to add support of 802.1x in the switch module.
>
>In this file,
>https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/Netgear/MSeries.pm#L19
>
>add that:
>
>sub supportsWiredDot1x { return $TRUE; }
>
>Then restart packetfence.
>
>Paste me the packetfence.log after that.
>Regards
>Fabrice
>
>Le 2017-11-01 à 18:04, James Garcellano via PacketFence-users a écrit :
>> Hello Fabrice,
>>
>> Here is the last few entries from the /usr/local/pf/logs/packetfence.log
>> file:
>>
>> Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) INFO:
>> [mac:00:21:70:d8:ac:45] handling radius autz request: from switch_ip =>
>> (192.168.1.12), connection_type => Ethernet-EAP,switch_mac =>
>> (b0:b9:8a:46:3d:0e), mac => [00:21:70:d8:ac:45], port => 1, username =>
>> "PFDOMAIN\testme" (pf::radius::authorize)
>> Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852)
>> ERROR: [mac:00:21:70:d8:ac:45] Wired 802.1X is not supported on switch type
>> pf::Switch::Netgear::MSeries. Please let us know what hardware you are
>> using. (pf::Switch::supportsWiredDot1x)
>> Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) WARN:
>> [mac:00:21:70:d8:ac:45] (192.168.1.12) Sending REJECT since switch is
>> unsupported (pf::radius::_switchUnsupportedReply)
>> Nov 1 22:03:07 packetfence-zen packetfence_httpd.aaa: httpd.aaa(3730) INFO:
>> [mac:00:21:70:d8:ac:45] Updating locationlog from accounting request
>> (pf::api::handle_accounting_metadata)
>>
>>
>>> Ok it's better now.
>>>
>>> Now can you check on the packetfence.log, you are suppose to see
>>> different messages now.
>>>
>>>
>>> Le 2017-11-01 à 17:27, James Garcellano via PacketFence-users a écrit :
It looks like the other test still showed the NAS IP as 192.168.1.5.
I rebooted the switch and did another test.
Here is the raddebug from that...
(38) Wed Nov 1 21:13:13 2017: Debug: Received Access-Request Id 201 from
192.168.1.12:42371 to 192.168.1.5:1812 length 158
(38) Wed Nov 1 21:13:13 2017: Debug: User-Name = "PFDOMAIN\\testme"
(38) Wed Nov 1 21:13:13 2017: Debug: Called-Station-Id =
"b0-b9-8a-46-3d-0e"
(38) Wed Nov 1 21:13:13 2017: Debug: Calling-Station-Id =
"00:21:70:d8:ac:45"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Identifier =
"b0-b9-8a-46-3d-0c"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-IP-Address = 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port = 1
(38) Wed Nov 1 21:13:13 2017: Debug: Framed-MTU = 1500
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port-Type = Ethernet
(38) Wed Nov 1 21:13:13 2017: Debug: EAP-Message =
0x0214015046444f4d41494e5c746573746d65
(38) Wed Nov 1 21:13:13 2017: Debug: Message-Authenticator =
0x935d535299b823f31e7748c9271d6225
(38) Wed Nov 1 21:13:13 2017: Debug: # Executing section authorize from
file /usr/local/pf/raddb/sites-enabled/packetfence
(38) Wed Nov 1 21:13:13 2017: Debug: authorize {
(38) Wed Nov 1 21:13:13 2017: Debug: update {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %{Packet-Src-IP-Address}
(38) Wed Nov 1 21:13:13 2017: Debug: --> 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %l
(38) Wed Nov 1 21:13:13 2017: Debug: --> 1509570793
(38) Wed Nov 1 21:13:13 2017: Debug: } # update = noop
(38) Wed Nov 1 21:13:13 2017: Debug: policy
rewrite_calling_station_id {
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Ok so you need to add support of 802.1x in the switch module.
In this file,
https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/Netgear/MSeries.pm#L19
add that:
sub supportsWiredDot1x { return $TRUE; }
Then restart packetfence.
Paste me the packetfence.log after that.
Regards
Fabrice
Le 2017-11-01 à 18:04, James Garcellano via PacketFence-users a écrit :
Hello Fabrice,
Here is the last few entries from the /usr/local/pf/logs/packetfence.log file:
Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) INFO: [mac:00:21:70:d8:ac:45]
handling radius autz request: from switch_ip => (192.168.1.12), connection_type =>
Ethernet-EAP,switch_mac => (b0:b9:8a:46:3d:0e), mac => [00:21:70:d8:ac:45], port => 1, username
=> "PFDOMAIN\testme" (pf::radius::authorize)
Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) ERROR:
[mac:00:21:70:d8:ac:45] Wired 802.1X is not supported on switch type
pf::Switch::Netgear::MSeries. Please let us know what hardware you are using.
(pf::Switch::supportsWiredDot1x)
Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) WARN:
[mac:00:21:70:d8:ac:45] (192.168.1.12) Sending REJECT since switch is
unsupported (pf::radius::_switchUnsupportedReply)
Nov 1 22:03:07 packetfence-zen packetfence_httpd.aaa: httpd.aaa(3730) INFO:
[mac:00:21:70:d8:ac:45] Updating locationlog from accounting request
(pf::api::handle_accounting_metadata)
Ok it's better now.
Now can you check on the packetfence.log, you are suppose to see
different messages now.
Le 2017-11-01 à 17:27, James Garcellano via PacketFence-users a écrit :
It looks like the other test still showed the NAS IP as 192.168.1.5.
I rebooted the switch and did another test.
Here is the raddebug from that...
(38) Wed Nov 1 21:13:13 2017: Debug: Received Access-Request Id 201 from
192.168.1.12:42371 to 192.168.1.5:1812 length 158
(38) Wed Nov 1 21:13:13 2017: Debug: User-Name = "PFDOMAIN\\testme"
(38) Wed Nov 1 21:13:13 2017: Debug: Called-Station-Id = "b0-b9-8a-46-3d-0e"
(38) Wed Nov 1 21:13:13 2017: Debug: Calling-Station-Id = "00:21:70:d8:ac:45"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Identifier = "b0-b9-8a-46-3d-0c"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-IP-Address = 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port = 1
(38) Wed Nov 1 21:13:13 2017: Debug: Framed-MTU = 1500
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port-Type = Ethernet
(38) Wed Nov 1 21:13:13 2017: Debug: EAP-Message =
0x0214015046444f4d41494e5c746573746d65
(38) Wed Nov 1 21:13:13 2017: Debug: Message-Authenticator =
0x935d535299b823f31e7748c9271d6225
(38) Wed Nov 1 21:13:13 2017: Debug: # Executing section authorize from file
/usr/local/pf/raddb/sites-enabled/packetfence
(38) Wed Nov 1 21:13:13 2017: Debug: authorize {
(38) Wed Nov 1 21:13:13 2017: Debug: update {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %{Packet-Src-IP-Address}
(38) Wed Nov 1 21:13:13 2017: Debug: --> 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %l
(38) Wed Nov 1 21:13:13 2017: Debug: --> 1509570793
(38) Wed Nov 1 21:13:13 2017: Debug: } # update = noop
(38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_calling_station_id {
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
-> TRUE
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: update request {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(38) Wed Nov 1 21:13:13 2017: Debug: --> 00:21:70:d8:ac:45
(38) Wed Nov 1 21:13:13 2017: Debug: } # update request = noop
(38) Wed Nov 1 21:13:13 2017: Debug: [updated] = updated
(38) Wed Nov 1 21:13:13 2017: Debug: } # if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
= updated
(38) Wed Nov 1 21:13:13 2017: Debug: ... skipping else: Preceding "if"
was taken
(38) Wed Nov 1 21:13:13 2017: Debug: } # policy rewrite_calling_station_id
= updated
(38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_called_station_id {
(38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Hello Fabrice,
Here is the last few entries from the /usr/local/pf/logs/packetfence.log file:
Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) INFO:
[mac:00:21:70:d8:ac:45] handling radius autz request: from switch_ip =>
(192.168.1.12), connection_type => Ethernet-EAP,switch_mac =>
(b0:b9:8a:46:3d:0e), mac => [00:21:70:d8:ac:45], port => 1, username =>
"PFDOMAIN\testme" (pf::radius::authorize)
Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) ERROR:
[mac:00:21:70:d8:ac:45] Wired 802.1X is not supported on switch type
pf::Switch::Netgear::MSeries. Please let us know what hardware you are using.
(pf::Switch::supportsWiredDot1x)
Nov 1 22:03:06 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) WARN:
[mac:00:21:70:d8:ac:45] (192.168.1.12) Sending REJECT since switch is
unsupported (pf::radius::_switchUnsupportedReply)
Nov 1 22:03:07 packetfence-zen packetfence_httpd.aaa: httpd.aaa(3730) INFO:
[mac:00:21:70:d8:ac:45] Updating locationlog from accounting request
(pf::api::handle_accounting_metadata)
>Ok it's better now.
>
>Now can you check on the packetfence.log, you are suppose to see
>different messages now.
>
>
>Le 2017-11-01 à 17:27, James Garcellano via PacketFence-users a écrit :
>> It looks like the other test still showed the NAS IP as 192.168.1.5.
>>
>> I rebooted the switch and did another test.
>>
>> Here is the raddebug from that...
>>
>> (38) Wed Nov 1 21:13:13 2017: Debug: Received Access-Request Id 201 from
>> 192.168.1.12:42371 to 192.168.1.5:1812 length 158
>> (38) Wed Nov 1 21:13:13 2017: Debug: User-Name = "PFDOMAIN\\testme"
>> (38) Wed Nov 1 21:13:13 2017: Debug: Called-Station-Id =
>> "b0-b9-8a-46-3d-0e"
>> (38) Wed Nov 1 21:13:13 2017: Debug: Calling-Station-Id =
>> "00:21:70:d8:ac:45"
>> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-Identifier = "b0-b9-8a-46-3d-0c"
>> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-IP-Address = 192.168.1.12
>> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port = 1
>> (38) Wed Nov 1 21:13:13 2017: Debug: Framed-MTU = 1500
>> (38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port-Type = Ethernet
>> (38) Wed Nov 1 21:13:13 2017: Debug: EAP-Message =
>> 0x0214015046444f4d41494e5c746573746d65
>> (38) Wed Nov 1 21:13:13 2017: Debug: Message-Authenticator =
>> 0x935d535299b823f31e7748c9271d6225
>> (38) Wed Nov 1 21:13:13 2017: Debug: # Executing section authorize from
>> file /usr/local/pf/raddb/sites-enabled/packetfence
>> (38) Wed Nov 1 21:13:13 2017: Debug: authorize {
>> (38) Wed Nov 1 21:13:13 2017: Debug: update {
>> (38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %{Packet-Src-IP-Address}
>> (38) Wed Nov 1 21:13:13 2017: Debug: --> 192.168.1.12
>> (38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %l
>> (38) Wed Nov 1 21:13:13 2017: Debug: --> 1509570793
>> (38) Wed Nov 1 21:13:13 2017: Debug: } # update = noop
>> (38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_calling_station_id {
>> (38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
>> (&Calling-Station-Id =~
>> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
>> {
>> (38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
>> (&Calling-Station-Id =~
>> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
>> -> TRUE
>> (38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
>> (&Calling-Station-Id =~
>> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
>> {
>> (38) Wed Nov 1 21:13:13 2017: Debug: update request {
>> (38) Wed Nov 1 21:13:13 2017: Debug: EXPAND
>> %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
>> (38) Wed Nov 1 21:13:13 2017: Debug: --> 00:21:70:d8:ac:45
>> (38) Wed Nov 1 21:13:13 2017: Debug: } # update request = noop
>> (38) Wed Nov 1 21:13:13 2017: Debug: [updated] = updated
>> (38) Wed Nov 1 21:13:13 2017: Debug: } # if (&Calling-Station-Id &&
>> (&Calling-Station-Id =~
>> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
>> = updated
>> (38) Wed Nov 1 21:13:13 2017: Debug: ... skipping else: Preceding
>> "if" was taken
>> (38) Wed Nov 1 21:13:13 2017: Debug: } # policy
>> rewrite_calling_station_id = updated
>> (38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_called_station_id {
>> (38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
>> (&Called-Station-Id =~
>> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
>> {
>> (38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Ok it's better now.
Now can you check on the packetfence.log, you are suppose to see
different messages now.
Le 2017-11-01 à 17:27, James Garcellano via PacketFence-users a écrit :
It looks like the other test still showed the NAS IP as 192.168.1.5.
I rebooted the switch and did another test.
Here is the raddebug from that...
(38) Wed Nov 1 21:13:13 2017: Debug: Received Access-Request Id 201 from
192.168.1.12:42371 to 192.168.1.5:1812 length 158
(38) Wed Nov 1 21:13:13 2017: Debug: User-Name = "PFDOMAIN\\testme"
(38) Wed Nov 1 21:13:13 2017: Debug: Called-Station-Id = "b0-b9-8a-46-3d-0e"
(38) Wed Nov 1 21:13:13 2017: Debug: Calling-Station-Id = "00:21:70:d8:ac:45"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Identifier = "b0-b9-8a-46-3d-0c"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-IP-Address = 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port = 1
(38) Wed Nov 1 21:13:13 2017: Debug: Framed-MTU = 1500
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port-Type = Ethernet
(38) Wed Nov 1 21:13:13 2017: Debug: EAP-Message =
0x0214015046444f4d41494e5c746573746d65
(38) Wed Nov 1 21:13:13 2017: Debug: Message-Authenticator =
0x935d535299b823f31e7748c9271d6225
(38) Wed Nov 1 21:13:13 2017: Debug: # Executing section authorize from file
/usr/local/pf/raddb/sites-enabled/packetfence
(38) Wed Nov 1 21:13:13 2017: Debug: authorize {
(38) Wed Nov 1 21:13:13 2017: Debug: update {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %{Packet-Src-IP-Address}
(38) Wed Nov 1 21:13:13 2017: Debug: --> 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %l
(38) Wed Nov 1 21:13:13 2017: Debug: --> 1509570793
(38) Wed Nov 1 21:13:13 2017: Debug: } # update = noop
(38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_calling_station_id {
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
-> TRUE
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: update request {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(38) Wed Nov 1 21:13:13 2017: Debug: --> 00:21:70:d8:ac:45
(38) Wed Nov 1 21:13:13 2017: Debug: } # update request = noop
(38) Wed Nov 1 21:13:13 2017: Debug: [updated] = updated
(38) Wed Nov 1 21:13:13 2017: Debug: } # if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
= updated
(38) Wed Nov 1 21:13:13 2017: Debug: ... skipping else: Preceding "if"
was taken
(38) Wed Nov 1 21:13:13 2017: Debug: } # policy rewrite_calling_station_id
= updated
(38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_called_station_id {
(38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
-> TRUE
(38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: update request {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(38) Wed Nov 1 21:13:13 2017: Debug: --> b0:b9:8a:46:3d:0e
(38) Wed Nov 1 21:13:13 2017: Debug: } # update request = noop
(38) Wed Nov 1 21:13:13 2017: Debug: if ("%{8}") {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %{8}
(38) Wed Nov 1 21:13:13 2017: Debug:-->
(38) Wed Nov 1 21:13:13 2017: Debug: if ("%{8}") -> FALSE
(38) Wed Nov 1 21:13:13 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(38) Wed Nov 1 21:13:13 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) -> FALSE
(38) Wed Nov 1 21:13:13 2017: Debug:
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Hello Fabrice, Not that I am aware of, but then again, the Netgear switch is new to me. I am more familiar with Cisco equipment. Here are the relevant commands on the Netgear switch; maybe the NAS-IP-Address will be spotted with a second set of eyes. :-) (Passwords have been edited) (M4300-52G-PoE+) #show run !Current Configuration: ! !System Description "M4300-52G-PoE+ ProSAFE 48-port 1G PoE+ and 2-port 10GBASE-T and 2-port 10G SFP+, 12.0.2.15, 1.0.0.8" !System Software Version "12.0.2.15" !System Up Time "1 days 5 hrs 38 mins 42 secs" !Additional Packages QOS,Multicast,IPv6,IPv6 Management,Stacking,Routing !Current SNTP Synchronized Time: SNTP Last Attempt Status Is Not Successful ! vlan database vlan 20,30,100-101 vlan name 20 "PF_Registration" vlan name 30 "PF_Isolation" vlan name 100 "PF_Production" vlan routing 1 1 vlan routing 101 2 exit configure stack member 1 4 exit ip name server 192.168.1.1 slot 1/0 4 set slot power 1/0 no set slot disable 1/0 snmptrap "ngTrap" ipaddr 192.168.8.5 aaa session-id unique dot1x system-auth-control dot1x system-auth-control monitor aaa authentication dot1x default radius authorization network radius radius accounting mode radius server host auth "192.168.1.5" name "Default-RADIUS-Server" radius server key auth "192.168.1.5" encrypted * radius server primary "192.168.1.5" radius server attribute 4 192.168.1.5 radius server host acct "192.168.1.5" name Default-RADIUS-Server radius server key acct "192.168.1.5" encrypted * aaa server radius dynamic-author client 192.168.8.5 server-key "*" exit line console exit line telnet exit line ssh exit ! snmp-server community "ngRead" snmp-server community "ngWrite" snmp-server community rw ngWrite interface 1/0/1 dot1x port-control mac-based dot1x mac-auth-bypass exit interface 1/0/3 dot1x mac-auth-bypass exit interface 1/0/48 dot1x port-control force-authorized vlan pvid 101 vlan participation include 20,30,101 vlan tagging 1,20,30 exit interface vlan 1 routing ip address dhcp exit interface vlan 101 routing ip address 192.168.1.12 255.255.255.0 exit ip management vlan 101 192.168.1.12 255.255.255.0 ip management source-interface vlan 101 router rip exit router ospf exit ipv6 router ospf exit ip default-gateway 192.168.1.1 exit >Hello James, > >little bit weird , the NAS-IP-Address is equal to 192.168.1.5 and should >be equal to 192.168.1.12. > >Did you changed something the the Netgear config to set NAS IP Address >with the wrong value ? > >Regards > >Fabrice James Garcellano -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Here's is the other test with the 'radius server attribute 4 192.168.1.5'
command taken out.
(19) Wed Nov 1 20:23:01 2017: Debug: Received Access-Request Id 199 from
192.168.1.12:42371 to 192.168.1.5:1812 length 193
(19) Wed Nov 1 20:23:01 2017: Debug: User-Name = "PFDOMAIN\\testme"
(19) Wed Nov 1 20:23:01 2017: Debug: Called-Station-Id = "b0-b9-8a-46-3d-0e"
(19) Wed Nov 1 20:23:01 2017: Debug: Calling-Station-Id = "00:21:70:d8:ac:45"
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-Identifier = "b0-b9-8a-46-3d-0c"
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-IP-Address = 192.168.1.5
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-Port = 1
(19) Wed Nov 1 20:23:01 2017: Debug: Framed-MTU = 1500
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-Port-Type = Ethernet
(19) Wed Nov 1 20:23:01 2017: Debug: State =
0x8486bcf2838ea5c8f46e2d7c49360c33
(19) Wed Nov 1 20:23:01 2017: Debug: EAP-Message =
0x020800251900170303001a00036316860ca21a6feb5ba6b143952509a3497c
(19) Wed Nov 1 20:23:01 2017: Debug: Message-Authenticator =
0xa5b0c93919523b9f5645ee9214488c57
(19) Wed Nov 1 20:23:01 2017: Debug: session-state: No cached attributes
(19) Wed Nov 1 20:23:01 2017: Debug: # Executing section authorize from file
/usr/local/pf/raddb/sites-enabled/packetfence
(19) Wed Nov 1 20:23:01 2017: Debug: authorize {
(19) Wed Nov 1 20:23:01 2017: Debug: update {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %{Packet-Src-IP-Address}
(19) Wed Nov 1 20:23:01 2017: Debug: --> 192.168.1.12
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %l
(19) Wed Nov 1 20:23:01 2017: Debug: --> 1509567781
(19) Wed Nov 1 20:23:01 2017: Debug: } # update = noop
(19) Wed Nov 1 20:23:01 2017: Debug: policy rewrite_calling_station_id {
(19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
-> TRUE
(19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: update request {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(19) Wed Nov 1 20:23:01 2017: Debug: --> 00:21:70:d8:ac:45
(19) Wed Nov 1 20:23:01 2017: Debug: } # update request = noop
(19) Wed Nov 1 20:23:01 2017: Debug: [updated] = updated
(19) Wed Nov 1 20:23:01 2017: Debug: } # if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
= updated
(19) Wed Nov 1 20:23:01 2017: Debug: ... skipping else: Preceding "if"
was taken
(19) Wed Nov 1 20:23:01 2017: Debug: } # policy rewrite_calling_station_id
= updated
(19) Wed Nov 1 20:23:01 2017: Debug: policy rewrite_called_station_id {
(19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
-> TRUE
(19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: update request {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(19) Wed Nov 1 20:23:01 2017: Debug: --> b0:b9:8a:46:3d:0e
(19) Wed Nov 1 20:23:01 2017: Debug: } # update request = noop
(19) Wed Nov 1 20:23:01 2017: Debug: if ("%{8}") {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %{8}
(19) Wed Nov 1 20:23:01 2017: Debug:-->
(19) Wed Nov 1 20:23:01 2017: Debug: if ("%{8}") -> FALSE
(19) Wed Nov 1 20:23:01 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(19) Wed Nov 1 20:23:01 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) -> FALSE
(19) Wed Nov 1 20:23:01 2017: Debug: elsif (Aruba-Essid-Name) {
(19) Wed Nov 1 20:
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
After looking at the configuration, there was one line that seemed to stand out... radius server attribute 4 192.168.1.5 Other Netgear documentation that I have found states the following in regards to the 'radius server attribute' command: radius server attribute Use this command to specify the RADIUS client to use the NAS-IPAddress attribute in the RADIUS requests. If the specific IP address is configured while enabling this attribute, the RADIUS client uses that IP address while sendingNAS-IP-Addressattribute in RADIUS communication. Format radius server attribute <4> [] Mode Global Config Let me take that out and test again. >Hello Fabrice, > >Not that I am aware of, but then again, the Netgear switch is new to me. I am >more familiar with Cisco equipment. > >Here are the relevant commands on the Netgear switch; maybe the >NAS-IP-Address will be spotted with a second set of eyes. :-) (Passwords have >been edited) > >(M4300-52G-PoE+) #show run > >!Current Configuration: >! >!System Description "M4300-52G-PoE+ ProSAFE 48-port 1G PoE+ and 2-port >10GBASE-T and 2-port 10G SFP+, 12.0.2.15, 1.0.0.8" >!System Software Version "12.0.2.15" >!System Up Time "1 days 5 hrs 38 mins 42 secs" >!Additional Packages QOS,Multicast,IPv6,IPv6 Management,Stacking,Routing >!Current SNTP Synchronized Time: SNTP Last Attempt Status Is Not Successful ! >vlan database >vlan 20,30,100-101 >vlan name 20 "PF_Registration" >vlan name 30 "PF_Isolation" >vlan name 100 "PF_Production" >vlan routing 1 1 >vlan routing 101 2 >exit > >configure >stack >member 1 4 >exit >ip name server 192.168.1.1 >slot 1/0 4 >set slot power 1/0 >no set slot disable 1/0 >snmptrap "ngTrap" ipaddr 192.168.8.5 >aaa session-id unique >dot1x system-auth-control >dot1x system-auth-control monitor >aaa authentication dot1x default radius >authorization network radius >radius accounting mode >radius server host auth "192.168.1.5" name "Default-RADIUS-Server" >radius server key auth "192.168.1.5" encrypted * radius server primary >"192.168.1.5" >radius server attribute 4 192.168.1.5 >radius server host acct "192.168.1.5" name Default-RADIUS-Server radius server >key acct "192.168.1.5" encrypted * aaa server radius dynamic-author client >192.168.8.5 server-key "*" >exit >line console >exit > >line telnet >exit > >line ssh >exit >! >snmp-server community "ngRead" >snmp-server community "ngWrite" >snmp-server community rw ngWrite > >interface 1/0/1 >dot1x port-control mac-based >dot1x mac-auth-bypass >exit > > > >interface 1/0/3 >dot1x mac-auth-bypass >exit > > > >interface 1/0/48 >dot1x port-control force-authorized >vlan pvid 101 >vlan participation include 20,30,101 >vlan tagging 1,20,30 >exit > > > >interface vlan 1 >routing >ip address dhcp >exit > > > >interface vlan 101 >routing >ip address 192.168.1.12 255.255.255.0 >exit > > >ip management vlan 101 192.168.1.12 255.255.255.0 ip management >source-interface vlan 101 router rip exit router ospf exit >ipv6 router ospf >exit >ip default-gateway 192.168.1.1 >exit > >>Hello James, >> >>little bit weird , the NAS-IP-Address is equal to 192.168.1.5 and >>should be equal to 192.168.1.12. >> >>Did you changed something the the Netgear config to set NAS IP Address >>with the wrong value ? >> >>Regards >> >>Fabrice > >James Garcellano James Garcellano -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
It looks like the other test still showed the NAS IP as 192.168.1.5.
I rebooted the switch and did another test.
Here is the raddebug from that...
(38) Wed Nov 1 21:13:13 2017: Debug: Received Access-Request Id 201 from
192.168.1.12:42371 to 192.168.1.5:1812 length 158
(38) Wed Nov 1 21:13:13 2017: Debug: User-Name = "PFDOMAIN\\testme"
(38) Wed Nov 1 21:13:13 2017: Debug: Called-Station-Id = "b0-b9-8a-46-3d-0e"
(38) Wed Nov 1 21:13:13 2017: Debug: Calling-Station-Id = "00:21:70:d8:ac:45"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Identifier = "b0-b9-8a-46-3d-0c"
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-IP-Address = 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port = 1
(38) Wed Nov 1 21:13:13 2017: Debug: Framed-MTU = 1500
(38) Wed Nov 1 21:13:13 2017: Debug: NAS-Port-Type = Ethernet
(38) Wed Nov 1 21:13:13 2017: Debug: EAP-Message =
0x0214015046444f4d41494e5c746573746d65
(38) Wed Nov 1 21:13:13 2017: Debug: Message-Authenticator =
0x935d535299b823f31e7748c9271d6225
(38) Wed Nov 1 21:13:13 2017: Debug: # Executing section authorize from file
/usr/local/pf/raddb/sites-enabled/packetfence
(38) Wed Nov 1 21:13:13 2017: Debug: authorize {
(38) Wed Nov 1 21:13:13 2017: Debug: update {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %{Packet-Src-IP-Address}
(38) Wed Nov 1 21:13:13 2017: Debug: --> 192.168.1.12
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %l
(38) Wed Nov 1 21:13:13 2017: Debug: --> 1509570793
(38) Wed Nov 1 21:13:13 2017: Debug: } # update = noop
(38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_calling_station_id {
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
-> TRUE
(38) Wed Nov 1 21:13:13 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: update request {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(38) Wed Nov 1 21:13:13 2017: Debug: --> 00:21:70:d8:ac:45
(38) Wed Nov 1 21:13:13 2017: Debug: } # update request = noop
(38) Wed Nov 1 21:13:13 2017: Debug: [updated] = updated
(38) Wed Nov 1 21:13:13 2017: Debug: } # if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
= updated
(38) Wed Nov 1 21:13:13 2017: Debug: ... skipping else: Preceding "if"
was taken
(38) Wed Nov 1 21:13:13 2017: Debug: } # policy rewrite_calling_station_id
= updated
(38) Wed Nov 1 21:13:13 2017: Debug: policy rewrite_called_station_id {
(38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
-> TRUE
(38) Wed Nov 1 21:13:13 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(38) Wed Nov 1 21:13:13 2017: Debug: update request {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(38) Wed Nov 1 21:13:13 2017: Debug: --> b0:b9:8a:46:3d:0e
(38) Wed Nov 1 21:13:13 2017: Debug: } # update request = noop
(38) Wed Nov 1 21:13:13 2017: Debug: if ("%{8}") {
(38) Wed Nov 1 21:13:13 2017: Debug: EXPAND %{8}
(38) Wed Nov 1 21:13:13 2017: Debug:-->
(38) Wed Nov 1 21:13:13 2017: Debug: if ("%{8}") -> FALSE
(38) Wed Nov 1 21:13:13 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(38) Wed Nov 1 21:13:13 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) -> FALSE
(38) Wed Nov 1 21:13:13 2017: Debug: elsif (Aruba-Essid-Name) {
(38) Wed Nov 1 21:13:13 2017: Debug: elsif (Aruba-Essid-Name) -> FALSE
(38) Wed Nov 1 21:13:13 2017: Debug: elsif ( (Cisco-AVPair) &&
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Hello James,
little bit weird , the NAS-IP-Address is equal to 192.168.1.5 and should
be equal to 192.168.1.12.
Did you changed something the the Netgear config to set NAS IP Address
with the wrong value ?
Regards
Fabrice
Le 2017-11-01 à 16:48, James Garcellano via PacketFence-users a écrit :
> Hello Fabrice,
>
> Here is the raddebug ouput when the laptop is plugged into port 1/0/1 on the
> Netgear switch.
>
> (19) Wed Nov 1 20:23:01 2017: Debug: Received Access-Request Id 199 from
> 192.168.1.12:42371 to 192.168.1.5:1812 length 193
> (19) Wed Nov 1 20:23:01 2017: Debug: User-Name = "PFDOMAIN\\testme"
> (19) Wed Nov 1 20:23:01 2017: Debug: Called-Station-Id =
> "b0-b9-8a-46-3d-0e"
> (19) Wed Nov 1 20:23:01 2017: Debug: Calling-Station-Id =
> "00:21:70:d8:ac:45"
> (19) Wed Nov 1 20:23:01 2017: Debug: NAS-Identifier = "b0-b9-8a-46-3d-0c"
> (19) Wed Nov 1 20:23:01 2017: Debug: NAS-IP-Address = 192.168.1.5
> (19) Wed Nov 1 20:23:01 2017: Debug: NAS-Port = 1
> (19) Wed Nov 1 20:23:01 2017: Debug: Framed-MTU = 1500
> (19) Wed Nov 1 20:23:01 2017: Debug: NAS-Port-Type = Ethernet
> (19) Wed Nov 1 20:23:01 2017: Debug: State =
> 0x8486bcf2838ea5c8f46e2d7c49360c33
> (19) Wed Nov 1 20:23:01 2017: Debug: EAP-Message =
> 0x020800251900170303001a00036316860ca21a6feb5ba6b143952509a3497c
> (19) Wed Nov 1 20:23:01 2017: Debug: Message-Authenticator =
> 0xa5b0c93919523b9f5645ee9214488c57
> (19) Wed Nov 1 20:23:01 2017: Debug: session-state: No cached attributes
> (19) Wed Nov 1 20:23:01 2017: Debug: # Executing section authorize from file
> /usr/local/pf/raddb/sites-enabled/packetfence
> (19) Wed Nov 1 20:23:01 2017: Debug: authorize {
> (19) Wed Nov 1 20:23:01 2017: Debug: update {
> (19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %{Packet-Src-IP-Address}
> (19) Wed Nov 1 20:23:01 2017: Debug: --> 192.168.1.12
> (19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %l
> (19) Wed Nov 1 20:23:01 2017: Debug: --> 1509567781
> (19) Wed Nov 1 20:23:01 2017: Debug: } # update = noop
> (19) Wed Nov 1 20:23:01 2017: Debug: policy rewrite_calling_station_id {
> (19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
> (&Calling-Station-Id =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
> {
> (19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
> (&Calling-Station-Id =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
> -> TRUE
> (19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
> (&Calling-Station-Id =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
> {
> (19) Wed Nov 1 20:23:01 2017: Debug: update request {
> (19) Wed Nov 1 20:23:01 2017: Debug: EXPAND
> %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
> (19) Wed Nov 1 20:23:01 2017: Debug: --> 00:21:70:d8:ac:45
> (19) Wed Nov 1 20:23:01 2017: Debug: } # update request = noop
> (19) Wed Nov 1 20:23:01 2017: Debug: [updated] = updated
> (19) Wed Nov 1 20:23:01 2017: Debug: } # if (&Calling-Station-Id &&
> (&Calling-Station-Id =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
> = updated
> (19) Wed Nov 1 20:23:01 2017: Debug: ... skipping else: Preceding "if"
> was taken
> (19) Wed Nov 1 20:23:01 2017: Debug: } # policy
> rewrite_calling_station_id = updated
> (19) Wed Nov 1 20:23:01 2017: Debug: policy rewrite_called_station_id {
> (19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
> (&Called-Station-Id =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
> {
> (19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
> (&Called-Station-Id =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
> -> TRUE
> (19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
> (&Called-Station-Id =~
> /^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
> {
> (19) Wed Nov 1 20:23:01 2017: Debug: update request {
> (19) Wed Nov 1 20:23:01 2017: Debug: EXPAND
> %{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
> (19) Wed Nov 1 20:23:01 2017: Debug: --> b0:b9:8a:46:3d:0e
> (19) Wed Nov 1 20:23:01 2017: Debug: } # update request = noop
> (19) Wed Nov 1 20:23:01 2017: Debug: if ("%{8}") {
> (19) Wed Nov 1 20:23:01 2017: Debug:
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Hello Fabrice,
Here is the raddebug ouput when the laptop is plugged into port 1/0/1 on the
Netgear switch.
(19) Wed Nov 1 20:23:01 2017: Debug: Received Access-Request Id 199 from
192.168.1.12:42371 to 192.168.1.5:1812 length 193
(19) Wed Nov 1 20:23:01 2017: Debug: User-Name = "PFDOMAIN\\testme"
(19) Wed Nov 1 20:23:01 2017: Debug: Called-Station-Id = "b0-b9-8a-46-3d-0e"
(19) Wed Nov 1 20:23:01 2017: Debug: Calling-Station-Id = "00:21:70:d8:ac:45"
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-Identifier = "b0-b9-8a-46-3d-0c"
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-IP-Address = 192.168.1.5
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-Port = 1
(19) Wed Nov 1 20:23:01 2017: Debug: Framed-MTU = 1500
(19) Wed Nov 1 20:23:01 2017: Debug: NAS-Port-Type = Ethernet
(19) Wed Nov 1 20:23:01 2017: Debug: State =
0x8486bcf2838ea5c8f46e2d7c49360c33
(19) Wed Nov 1 20:23:01 2017: Debug: EAP-Message =
0x020800251900170303001a00036316860ca21a6feb5ba6b143952509a3497c
(19) Wed Nov 1 20:23:01 2017: Debug: Message-Authenticator =
0xa5b0c93919523b9f5645ee9214488c57
(19) Wed Nov 1 20:23:01 2017: Debug: session-state: No cached attributes
(19) Wed Nov 1 20:23:01 2017: Debug: # Executing section authorize from file
/usr/local/pf/raddb/sites-enabled/packetfence
(19) Wed Nov 1 20:23:01 2017: Debug: authorize {
(19) Wed Nov 1 20:23:01 2017: Debug: update {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %{Packet-Src-IP-Address}
(19) Wed Nov 1 20:23:01 2017: Debug: --> 192.168.1.12
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %l
(19) Wed Nov 1 20:23:01 2017: Debug: --> 1509567781
(19) Wed Nov 1 20:23:01 2017: Debug: } # update = noop
(19) Wed Nov 1 20:23:01 2017: Debug: policy rewrite_calling_station_id {
(19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
-> TRUE
(19) Wed Nov 1 20:23:01 2017: Debug: if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: update request {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(19) Wed Nov 1 20:23:01 2017: Debug: --> 00:21:70:d8:ac:45
(19) Wed Nov 1 20:23:01 2017: Debug: } # update request = noop
(19) Wed Nov 1 20:23:01 2017: Debug: [updated] = updated
(19) Wed Nov 1 20:23:01 2017: Debug: } # if (&Calling-Station-Id &&
(&Calling-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$/i))
= updated
(19) Wed Nov 1 20:23:01 2017: Debug: ... skipping else: Preceding "if"
was taken
(19) Wed Nov 1 20:23:01 2017: Debug: } # policy rewrite_calling_station_id
= updated
(19) Wed Nov 1 20:23:01 2017: Debug: policy rewrite_called_station_id {
(19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
-> TRUE
(19) Wed Nov 1 20:23:01 2017: Debug: if ((&Called-Station-Id) &&
(&Called-Station-Id =~
/^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})(:(.+))?$/i))
{
(19) Wed Nov 1 20:23:01 2017: Debug: update request {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND
%{tolower:%{1}:%{2}:%{3}:%{4}:%{5}:%{6}}
(19) Wed Nov 1 20:23:01 2017: Debug: --> b0:b9:8a:46:3d:0e
(19) Wed Nov 1 20:23:01 2017: Debug: } # update request = noop
(19) Wed Nov 1 20:23:01 2017: Debug: if ("%{8}") {
(19) Wed Nov 1 20:23:01 2017: Debug: EXPAND %{8}
(19) Wed Nov 1 20:23:01 2017: Debug:-->
(19) Wed Nov 1 20:23:01 2017: Debug: if ("%{8}") -> FALSE
(19) Wed Nov 1 20:23:01 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) {
(19) Wed Nov 1 20:23:01 2017: Debug: elsif ( (Colubris-AVPair) &&
"%{Colubris-AVPair}" =~ /^ssid=(.*)$/i) -> FALSE
(19) Wed Nov 1 20:23:01 2017: Debug: elsif (Aruba-Essid-Name) {
(19
Re: [PacketFence-users] Netgear GSM4352PS (M4300-52G) Switch Support
Hello James, can you run radius in debug mode and retry a connection, i would like to see the radius request. raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000 Regards Fabrice Le 2017-11-01 à 14:21, James Garcellano via PacketFence-users a écrit : > > Hello everyone, > > > > I would like to find out if the Netgear GSM4325PS (M4300 series) > switch is supported with PacketFence. > > > > The documentation for support network switches state that the Netgear > M-Series switches are supported for 802.1x Wired Authentication, so > I’m assuming the configuration guidelines that are given should work. > > > > I have configured one such switch in a test lab that I put together. > When I plug in a laptop, while monitoring the > /usr/local/pf/log/packetfence.log, I see the following messages: > > > > Nov 1 18:18:33 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) > INFO: [mac:00:21:70:d8:ac:45] handling radius autz request: from > switch_ip => (192.168.1.5), connection_type => Ethernet-EAP,switch_mac > => (b0:b9:8a:46:3d:0e), mac => [00:21:70:d8:ac:45], port => 1, > username => "PFDOMAIN\testme" (pf::radius::authorize) > > Nov 1 18:18:33 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) > ERROR: [mac:00:21:70:d8:ac:45] Wired 802.1X is not supported on switch > type pf::Switch::PacketFence. Please let us know what hardware you are > using. (pf::Switch::supportsWiredDot1x) > > Nov 1 18:18:33 packetfence-zen packetfence_httpd.aaa: httpd.aaa(2852) > WARN: [mac:00:21:70:d8:ac:45] (192.168.1.5) Sending REJECT since > switch is unsupported (pf::radius::_switchUnsupportedReply) > > > > 192.168.1.5 is the PacketFence server. > > 00:21:70:d8:ac:45 is a Dell laptop with Windows 10 configured with > 802.1x Security and associated credentials. > > > > A similar setup is working with the same laptop connected to a Cisco > 2960G series switch. > > > > If any more information is required, please let me know. > > > > Thank you all! > > > > James Garcellano > > > > > > -- > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > ___ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand fdur...@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
