That seemed to make the trick, Fabrice.
I realized that it had to do with the domain part that should be used in the
whole string for the user ID.
I tried it both FQDN and NETBIOS domain name and it worked only for the former
even though I have two realms accordingly. Anyways, thanks !
Hi,
so I've deployed my Packetfence ZEN on VMware, i've followed the
documentation :
https://packetfence.org/doc/PacketFence_Installation_Guide.html#_going_through_the_configurator
and I've reach the testing part 5.7. Testing
Hello Alina,
there is no need to change anything in this section to make radius working.
The only thing you need to have is the switch configuration and the
radius shared secret defined.
With that you will be able to send radius access request to packetfence
from the AP/Controller/Switch.
Hello Eugene,
in the realm config assign the correct domain to the null realm and
restart radius.
Regards
Fabrice
Le 19-06-30 à 15 h 16, E.P. via PacketFence-users a écrit :
Guys,
Please point my eyes in the right direction in the attempt to
understand what’s wrong.
Perhaps it has
Hello Eugene,
it's something really easy to do.
First in the switch config assign -1 to the registration role (it will
reject the device that is not reg) and assign the correct vlan id for
the other roles.
Next create a connection profile with a filter that match the ssid and
don't assign
Hello Mike,
you need to run pf-maint.pl , it's a bug that has been fixed.
Regards
Fabrice
Le 19-07-03 à 07 h 02, Mike McGeer via PacketFence-users a écrit :
Hi all.
All I wan't it to use VLAN enforcement without Radius for now.
I am struggling with the following, SNMP traps are populating
Hi Nicolas,
Yes, I of course mean dot1x
My RADIUS authorization part is limited at this point, RADIUS doesn't assign
the VLAN to the endpoint session.
Should I interpret your advice as I have to implement authorization via RADIUS
and only then an unregistered/unassigned endpoint won't have
Now I’m getting confused after trying to understand RADIUS enforcement.
Reading the document that says:
Using RADIUS enforcement, everytime a device connects to the network, a
matching production VLAN will be assigned, depending on the rules in
Configuration→Policies and Access
HI,
thanks for your reply,
the only thing i didn't fulfill is the [CLUSTER] section in cluster.conf.
Do i really need a VIP for it to work ?
Thank you,
regards,
On Wed, 3 Jul 2019 at 13:46, Fabrice Durand via PacketFence-users <
packetfence-users@lists.sourceforge.net> wrote:
> Hello,
>
> Try
Fabrice,
never mind my question, i added that section and it works like a charm.
Thank you for your help,
Regards,
On Wed, 3 Jul 2019 at 14:32, pro fence wrote:
> HI,
>
> thanks for your reply,
>
> the only thing i didn't fulfill is the [CLUSTER] section in cluster.conf.
> Do i really need a
Hello,
Try that:
systemctl set-default packetfence-cluster
and check you cluster.conf file if there is no error.
Regards
Fabrice
Le 19-07-03 à 06 h 07, pro fence via PacketFence-users a écrit :
Hi,
i am configuring an active/active 3 mariadb servers cluster.
The proble is that i can't
Hi,
i am configuring an active/active 3 mariadb servers cluster.
The proble is that i can't start the "packetfence-radiusd-load_balancer"
service with the following error :
" Unable to open file "/usr/local/pf/raddb/load_balancer.conf": No such
file or directory
Errors reading or parsing
Hi all.
All I wan't it to use VLAN enforcement without Radius for now.
I am struggling with the following, SNMP traps are populating the SNMP logs.
I can manually change the switch port to registration and it is receiving a
DHCP ip.
However I cannot change the Node as the location information
Goodmorning,
below the log of PF after the client click to page of authentication for access
to internet (Null)
thanks a lot
R
Jul 3 06:33:46 PacketFence-ZEN packetfence_httpd.portal: httpd.portal(14441)
INFO: [mac:unknown] External captive portal detected !
Hello Max,
On 2019-07-03 12:33 a.m., Max McGrath via PacketFence-users wrote:
What are bypass VLANs and Roles for?
Bypass VLANs and bypass roles will always override roles or VLAN IDs
compute by rules.
Specifically, what is a scenario where one would use a bypass VLAN or
role?
I never
Hello Eugene,
On 2019-07-03 8:10 a.m., E.P. via PacketFence-users wrote:
Does it seem doable ?
Yes. When you say (via WPA2-Enterprise/RADIUS), you mean with 802.1X ?
I compared two endpoints, one of them is registered with a role and the
other one is unregistered without a role and both
Folks,
My boss wants to manually allow devices that connect to a specific SSID (via
WPA2-Enterprise/RADIUS) and the way to do it is manually register them
under Nodes section and also assign them a role including REJECT.
Does it seem doable ?
I compared two endpoints, one of them is registered
Hi Chad,
It’ll be very useful to know a bit about AD architecture
Overall, you can of course use any user from your AD but whatever was written
in the documentation was done for a reason.
This is how it all works.
The procedure is pretty much simple. I used this document to configure only
18 matches
Mail list logo