Re: [PacketFence-users] MSCHAP and Local Auth

Yes it looks that you made a typo in raddb/policy.d/packetfence Oct 31 00:53:38 pf.jcc.com.ar radiusd[17061]: /usr/local/pf/raddb/sites-enabled/packetfence[190]: Failed to parse "packetfence-mschap-authenticate" entry. Le 20-10-30 à 21 h 00, Enrique Gross a écrit : Th

Re: [PacketFence-users] MSCHAP and Local Auth

Thanks Fabrice I probably messed up something, and should start over with my testing setup, this isjournalctl when starting radiusd, i have been checking config files regarding sql modules, but with not luck. Thanks, and good weekend Oct 31 00:53:38 pf.jcc.com.ar radiusd[17061]: rlm_sql_mysql: S

Re: [PacketFence-users] MSCHAP and Local Auth

Hello Enrique, i did the same on my side and i am able to restart radiusd. Take a look at journalctl to see why it fail to start. Regards Fabrice Le 20-10-30 à 14 h 44, Enrique Gross a écrit : Hi all! Thanks for your help Fabrice When changing function to packetfence-local-auth, radius-au

Re: [PacketFence-users] PacketFence certificate issues

And a little follow up on this question. Same attempt was made from Apple iPad, I had to manually accept and trust the certificate but then the page came up: Not implemented, GET to /guest/s/q4b0wgkk/ not supported. Eugene From: ype...@gmail.com Sent: Friday, October 30, 2020 12:42 P

[PacketFence-users] PacketFence certificate issues

Guys, Sorry for flooding you with questions regarding public WiFi via captive portal. I'm making baby steps going ahead and now ran into one more problem. The endpoint (Windows 10) associates to a guest SSID and the web browser opens up a page with a URL pointing to PacketFence (172.16.0.120) I

Re: [PacketFence-users] Issues with roles and VLAN assignment

Hello, I will break down quickly the PacketFence involvement in both most popular authentication. WiFi: RADIUS EAP PEAP MSCHAPv2: - Device submitting EAP Identity - AP receiving that info transmitting it to the controller - Controller sends the radius authentication to PF - PF receives it and

Re: [PacketFence-users] 802.1x client authentication without supplying the domain name.

Hi Peter, I'm not part of the Packetfence support group but I'm evaluating it for a similar task. I think you need to configure two realms, i.e. DEFAULT and NULL with the AD domain that you need to create under "Active Directory Domains" It works to me for WiFi authentications Eugene Fro

Re: [PacketFence-users] MSCHAP and Local Auth

Hi all! Thanks for your help Fabrice When changing function to packetfence-local-auth, radius-auth fails to start, i am not getting so much info of radius.log Oct 30 18:39:09 pf auth[7031]: Signalled to terminate Oct 30 18:39:09 pf auth[7031]: Exiting normally Oct 30 18:39:09 pf auth[7031]: rlm_

Re: [PacketFence-users] Issues with roles and VLAN assignment

Actually it was your hint about device registration that clicked and made me check my connection profile. Still, it ALWAYS helps to ask questions and read answers and advices very carefully 😉 Ludovic, please guide me through the connection profile creation for public WiFi with captive port

Re: [PacketFence-users] Issues with roles and VLAN assignment

Hi Ludovic, Thanks for looking into it. My search through packetfence.log didn’t produce any matches for the specific MAC address. Let me paraphrase my question. The group of switches (or rather Wireless AP) has a list of roles. The top is registration with VLAN 2. Then go three more, i.e. is

Re: [PacketFence-users] 10.2.0 Eap gtc sub module failed

hi Durand fabrice here is the result of raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000 (10522) Fri Oct 30 21:32:00 2020: Debug: Received Status-Server Id 97 from 127.0.0.1:51783 to 127.0.0.1:18121 length 50 (10522) Fri Oct 30 21:32:00 2020: Debug: Message-Authenticator = 0x595be7422b20b

Re: [PacketFence-users] Wifi Hotspot with SMS OTP Authentication Needed

Also, regarding the same subject, what logs on PacketFence would I need to start looking into if captive portal doesn't work at all. I followed the documentation and added "Portal" as an additional daemon to the management interface and restarted required services. How would I link SMS based regist

Re: [PacketFence-users] 10.2.0 Eap gtc sub module failed

hi Durand fabrice here is the result of raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000 (10522) Fri Oct 30 21:32:00 2020: Debug: Received Status-Server Id 97 from 127.0.0.1:51783 to 127.0.0.1:18121 length 50 (10522) Fri Oct 30 21:32:00 2020: Debug: Message-Authenticator = 0x595be742

Re: [PacketFence-users] Issues with roles and VLAN assignment

That’s what I missed, namely the connection profile for devices registration wasn’t enabled. Thank you, Ludovic! From: Ludovic Zammit Sent: Friday, October 30, 2020 10:24 AM To: ype...@gmail.com Cc: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Issues with roles a

[PacketFence-users] 802.1x client authentication without supplying the domain name.

I hope everyone is well. We are currently deploying a test instance of PacketFence ZEN v10.1. and looking for some advices on how to get 802.1x radius authentication working without supplying the domain name as part of the user name. Any advice is greatly appreciated. Thank you, Peter Chin | S

Re: [PacketFence-users] Wifi Hotspot with SMS OTP Authentication Needed

Hello, I looked through archive of the emails on the topic in the subject and found that this question has never been answered. Is there any reference or at least high level instruction how to do it ? Eugene -Original Message- From: Sina Owolabi via PacketFence-users Sent: Saturday, Aug

Re: [PacketFence-users] Issues with roles and VLAN assignment

The logs don’t lie ;-) Thanks, Ludovic Zammit lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu ) and PacketFence (http://packetfence.org

Re: [PacketFence-users] Issues with roles and VLAN assignment

If you node has: status = registered and a role, PacketFence would return the VLAN for the role from the switch (inherited configuration from switch groups or not). Do an authentication and send the logs.packetfence.log. Thanks, Ludovic Zammit lzam...@inverse.ca ::

Re: [PacketFence-users] 10.2.0 Eap gtc sub module failed

At least when you try to connect ... Le 20-10-30 à 06 h 37, Sonali Gulia a écrit : hi Durand fabrice here is the result of raddebug -f /usr/local/pf/var/run/radiusd.sock -t 3000 (10522) Fri Oct 30 21:32:00 2020: Debug: Received Status-Server Id 97 from 127.0.0.1:51783

Re: [PacketFence-users] Issues with roles and VLAN assignment

Hello Eugene, The answer is in your logs. grep MAC_ADDRESS /usr/local/pf/logs/packetfence.log Thanks, Ludovic Zammit lzam...@inverse.ca :: +1.514.447.4918 (x145) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu