Re: [PacketFence-users] Captive Portal Issues

Hello, can you provide the packetfence.log file and the profiles.conf file ? Regards Fabrice Le 20-03-10 à 15 h 19, Zacharry Williams via PacketFence-users a écrit : Hey all, Randomly it matched the correct connection profile, one time. Is this like a 9.3 bug where connection profiles

Re: [PacketFence-users] Aruba AP and VLAN Mapping - Addition

Hello, Try assigning the vlan to the node and see if it works. Try installing 9.2 version. I have been stuck on similar one for 3 weeks. My nodes couldn't get the vlan I set in authenication source. With or without filter. With PF 9.2, it works flawlessly. Regards, Gregor Fajdiga

Re: [PacketFence-users] Captive Portal Issues

Hey all, Randomly it matched the correct connection profile, one time. Is this like a 9.3 bug where connection profiles aren't being match? On Mon, Mar 9, 2020 at 3:06 PM Zacharry Williams wrote: > Hey all, > > I've been working on setting up a guest LAN and a byod LAN for a few days > now.

Re: [PacketFence-users] Aruba AP and VLAN Mapping - Addition

Ive got the same problem (previously posted) without solving it yet.. pftest works as expected but real world only gets auth but no role.. Get Outlook for iOS From: Christian Sudec via PacketFence-users Sent: Tuesday, March 10, 2020

Re: [PacketFence-users] Aruba AP and VLAN Mapping

Hi, here the logs: Mar 10 12:10:21 ippf packetfence_httpd.aaa: httpd.aaa(848) INFO: [mac:02:de:ad:04:be:ef] handling radius autz request: from switch_ip => (10.71.100.63), connection_type => Wireless-802.11-EAP,switch_mac => (b8:3a:5a:c1:8d:aa), mac => [02:de:ad:04:be:ef], port => 0, username

Re: [PacketFence-users] Aruba AP and VLAN Mapping - Addition

Post the result of that command: cat /usr/local/pf/conf/realm.conf Thanks, Ludovic Zammit lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) and

Re: [PacketFence-users] [External] Re: Assign the default VLAN based on a mac address

I have now installed an older version of packetfence (9.2) and guess what. It works. It seems just like 9.3 is ignoring my authentication rules and filters. Regards, Gregor Fajdiga Sistemski administrator, Informatika System administrator, IT Delo, d.o.o. Dunajska 5, SI-1509 Ljubljana T:

Re: [PacketFence-users] Aruba AP and VLAN Mapping - Addition

Hi again! I ran 'pftest authentication Testy Testpwd' and these are the results: Authenticating against 'HTL_AD' in context 'admin'   Authentication SUCCEEDED against HTL_AD (Authentication successful.)   Matched against HTL_AD for 'authentication' rule Teachers     set_role : Teacher    

Re: [PacketFence-users] Aruba AP and VLAN Mapping

Hello Ludovic! On 10.03.2020 14:42, Ludovic Zammit wrote: Hello Christian, Are you doing VLAN enforcement or Role enforcement ? We're doing only 'RADIUS Enforcement' as this is the requirement for 802.1x (both wireless and wired). On Aruba you have to do one of them, not both at the same

Re: [PacketFence-users] Aruba AP and VLAN Mapping

Ok, so if you are doing 802.1x then most of the time you do auto-registration where you don’t display the captive portal. In that case, your access would be computed on the fly. Do that and remove device info: grep MAC_ADDRESS /usr/local/pf/logs/packetfence.log My guess is that you don’t

Re: [PacketFence-users] Aruba AP and VLAN Mapping

Hello Christian, Are you doing VLAN enforcement or Role enforcement ? On Aruba you have to do one of them, not both at the same time. How are you redirected on the captive portal ? By a radius request ? Once you get authenticated PF sends a radius disconnect message to the AP to kick your Mac

[PacketFence-users] Aruba AP and VLAN Mapping

Hi everybody! First the current situation so far: We installed a test-network, where the packetfence-server is reachable with an ip 10.5.1.4 (type management) and set 'RADIUS enforcement' as chosen method. Next we installed a Mikrotik-Switch (POE) with 4 VLANS (771-774) and attached an

Re: [PacketFence-users] Mikrotik routerboard cli/winbox access via Packetfence

Hello, The error is pretty obvious. It looks like your LDAP bind is failing, fix you AD-source and you would be good. Thanks, Ludovic Zammit lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca Inverse inc. :: Leaders behind

[PacketFence-users] Mikrotik routerboard cli/winbox access via Packetfence

Hi, I try to use packetfence for mikrotik device cli access. I want to access with my MS Active Directory users. First i try with freeradius via ldap connection. It's working but when i try with packetfence, it doesn't work. To my understanding, mikrotik try to ldap connection but packetfence

[PacketFence-users] Problem with fingerbank collector

Hello Everyone, Our fingerbank collector service began giving these errors over the weekend. It filled up the fingerbank.log file for each day with over 2GB worth of these over and over. Any ideas what could be the problem? Mar 9 09:32:38 stmartin fingerbank-collector: main.exitCleanup()

[PacketFence-users] PacketFence Zero-NAC 9.3

Hello, I have tried to get the basic 802.1x config setup with PF. Using the built-in roles/sources/sources/etc I am able to ge the basic (AD user auths with 802.1x against AD, PF uses the "catch all" rule and assigns them the 'default' role & this role is defined with the switch to a

[PacketFence-users] Captive Portal Issues

Hey all, I've been working on setting up a guest LAN and a byod LAN for a few days now. When I use a PSK or AD Authentication it works fine, but the captive portal isn't working like I think it should be. I revisited the guide a few times to check and I don't think i'm missing any settings. I

Re: [PacketFence-users] PacketFence Zero-NAC 9.3

Hello, Finally figured it out. The value for memberOf or groupMembership or isMemeberOf has to be the DN. Thanks From: Brandt Winchell Sent: Monday, March 09, 2020 10:33 PM To: packetfence-users@lists.sourceforge.net Subject: PacketFence Zero-NAC 9.3 Hello, I have tried to get the basic 802.1x