Hello André,
so you have to choose nessus6 and not nessus.
Restart
Fabrice
Le 2018-01-10 à 17:53, André Scrivener a écrit :
Hello Fabrice,
Last version for centos 7!
Version is Nessus 7.
Regards,
André
Em 10 de jan de 2018, às 18:14, Fabrice Durand via PacketFence-users
Hello André,
what is the version of nessus ?
Regards
Fabrice
Le 2018-01-10 à 15:59, André Scrivener via PacketFence-users a écrit :
> Hey guys!
>
>
> I'm enabling nessus to scan hosts, but I'm trying out these logs below:
>
>
> Jan 10 18:33:25 packetfence pfqueue: pfqueue(12693) INFO:
>
Did you set ca_file = [% install_dir %]/conf/ssl/tls_certs/MYCA.pem in
conf/radiusd/eap.conf ? (MYCA.pem is the CA public key of of your PKI)
Le 2018-01-10 à 15:43, E.P. a écrit :
>
> More to this issue, Fabrice,
>
> I changed to PEAP method on the same Windows laptop and kept an option
> of
Hey guys!
I'm enabling nessus to scan hosts, but I'm trying out these logs below:
Jan 10 18:33:25 packetfence pfqueue: pfqueue(12693) INFO:
[mac:84:7b:eb:e5:ea:e2] Instantiate profile default
(pf::Connection::ProfileFactory::_from_profile)
Jan 10 18:33:26 packetfence pfqueue: pfqueue(12693)
More to this issue, Fabrice,
I changed to PEAP method on the same Windows laptop and kept an option of
validating server certificate by pointing it directly the name as it shows in
CN of the PF RADIUS server. No problem at all, authentication goes through.
I checked for similar errors
I found that by removing my select roles limitations and allowed all roles it
started working again. Seems brand new nodes that show up as unregistered start
with "no role." This is what was causing an issue and appearing read only. Is
there a way to allow "no role" access if you decide to
Hello Yan,
i checked the logs and all looks to be ok, 802.1x authentication works
correctly.
What i can imagine that you maybe lost the connection between
PacketFence and the AP/Controller or maybe a cache on the AP/Controller.
What you can do to check that is to install netdata on the
Has anyone experienced Read Only unregistered nodes in version 7.2.0? I made a
clone entry for "Node Manager" in Admin access. Only thing I changed is what
roles this Manager had access to. This Admin role when login sees these read
only records. Do I need to add an extra permission? Thanks.
Fabrice,
In a previous email, I reported that I got no response from the radius server.
That was with the Dell N1500 module. I tried it with the Force 10 module no md5
and got some results. Unfortunately those results are the same as originally
reported. Expected peap and received md5 instead.
Hi Fabrice,
I already dug it around.
The CA certificate (*.pem format) was imported into Windows without any problem
and I see it under “Trusted Root Certification Authorities” container. Just in
case placed the CA cert into “Third –party root certification authority”
On the client PC I have
Fabrice,
Thank you for your quick response. I disabled md5 authentication, and that did
not work. The switch did not communicate at all with the radius server.
Raddebug did not capture anything at all and no entries appeared in the radius
log file. Anything else I can try?
Regards,
Peter
Hello Yan,
you need to check on the PacketFence side what happen:
run that (raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000) , try
to connect and paste the result
Also take a look in audit in packetfence gui and check for a mac address
where you have the issue.
Regards
Fabrice
Le
Hello Eugene,
you probably need to import the CA certificate or uncheck verify server
certificate in your supplicant config.
Regards
Fabrice
Le 2018-01-10 à 03:57, E.P. via PacketFence-users a écrit :
>
> And here comes the culmination of my saga with PKI ;)
>
> Actually, I was slowly going
Fabrice,
Can you please elaborate on provisioners and connection profiles within PKI
context
Let’s say I created a provisioner for Windows endpoints as described in the
guide.
How would it allow Windows host to automatically connect to a specific SSID?
As far as I know you can put a check
Hi dear users,
We use PF V7.3 in our office integrated with Aruba AC. Recently our wireless
behaves very strange. Some users can connected to wireless, passed the 802.1x
auth and can get the correct role and IP, but they just couldn't access any
network. There is no wired in PF logs. But as
And here comes the culmination of my saga with PKI ;)
Actually, I was slowly going towards it and really hoped I will jump through
this final hoop smoothly.
Alas… Anyways, to cut the long story short, I failed TLS authentication for
Windows 10 endpoint.
Here’s what I did so far. We want to
16 matches
Mail list logo