For the machine auth, are you using the machine account (host/machinename)?
I’d still do it via GPO, but only have the GPO enforce to your test machine(s).
Also, make sure that wireless autoconfig is enabled. That’s bitten me before.
Thanks,
Bill
Sent from my iPad
On Jul 5, 2020, at 11:30
Group Policy for 802.1x - under Computer in GPO Editor, security settings,
wireless. You can set up so GPO has the end system connects to the SSID and
authenticates via 802.1x.
Set up your AD server as the authentication source in PF. It’s explained in
the install doc.
Lots of google
at any vendor specific radius attribute I’ve attempted is not passed
to the switch…
Thanks,
Bill
From: Bill Handler via PacketFence-users
Sent: Tuesday, May 12, 2020 8:45 AM
To: Ludovic Zammit
Cc: Bill Handler ; packetfence-users@lists.sourceforge.net
Subject: Re: [PacketFence-users] Role
it
lzam...@inverse.ca<mailto:lzam...@inverse.ca> :: +1.514.447.4918 (x145) ::
www.inverse.ca<http://www.inverse.ca/>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu<http://www.sogo.nu/>)
and PacketFence (http://packetfence.org<http://packetfence.org/>)
On
Charbel,
The first thing I’d check is the DNS settings. Are you using your domain’s DNS
servers for PacketFence?
Thanks,
Bill
From: Charbel Rizk via PacketFence-users
Sent: Monday, May 11, 2020 7:43 AM
To: packetfence-users@lists.sourceforge.net
Cc: Charbel Rizk
Subject:
org<http://packetfence.org/>)
On May 5, 2020, at 6:02 PM, Bill Handler via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
wrote:
Team,
Is there a way to push a tagged VLAN to the switch when a device authenticates?
For example a VoIP phone, or AP. We’ve tes
; :: +1.514.447.4918 (x145) ::
www.inverse.ca<http://www.inverse.ca/>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu<http://www.sogo.nu/>)
and PacketFence (http://packetfence.org<http://packetfence.org/>)
On May 5, 2020, at 6:02 PM, Bill Handler via PacketFence-use
zam...@inverse.ca> :: +1.514.447.4918 (x145) ::
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
On May 5, 2020, at 6:02 PM, Bill Handler via PacketFence-users
mailto:packetfence-users@lists.sourceforge.
Team,
Is there a way to push a tagged VLAN to the switch when a device authenticates?
For example a VoIP phone, or AP. We’ve tested with a phone with a PC on the
passthrough port. The PC authenticates fine on the correct VLAN, but we don’t
know how to configure PF to send the phone VLAN as
ketfence.org)
On Apr 29, 2020, at 4:48 PM, Bill Handler via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
wrote:
Checking on if this is possible with PacketFence (using v10)…
For 802.1x authentication, we have set up for Users and Computers to
authenticate. Current
(x145) ::
www.inverse.ca<http://www.inverse.ca>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
On Apr 29, 2020, at 4:48 PM, Bill Handler via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
wrote:
Checking on i
and PacketFence (http://packetfence.org<http://packetfence.org/>)
On Apr 29, 2020, at 4:48 PM, Bill Handler via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
wrote:
Checking on if this is possible with PacketFence (using v10)…
For 802.1x authen
4.447.4918 (x145) ::
www.inverse.ca<http://www.inverse.ca/>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu<http://www.sogo.nu/>)
and PacketFence (http://packetfence.org<http://packetfence.org/>)
On Apr 29, 2020, at 4:48 PM, Bill Handler via PacketFence-us
Checking on if this is possible with PacketFence (using v10)...
For 802.1x authentication, we have set up for Users and Computers to
authenticate. Currently, when a machine accesses the network it is
automatically authenticated and gets the Machine role (we're working with
Windows 10 and
atus($self->source->id,
$self->current_mac, $pf::auth_log::FAILED, $self->app->profile->name);
$self->app->flash->{error} = "OAuth2 Error: Failed to validate the
token, please retry";
$self->landing();
good luck!
Cheers
On Thu, Apr 23, 2
FAILED, $self->app->profile->name);
$self->app->flash->{error} = "OAuth2 Error: Failed to validate the
token, please retry";
$self->landing();
good luck!
Cheers
On Thu, Apr 23, 2020 at 3:04 AM Jonathan Nathanson
mailto:jmhnathan...@gmail
t;{error} = "OAuth2 Error: Failed to validate the
token, please retry";
$self->landing();
good luck!
Cheers
On Thu, Apr 23, 2020 at 3:04 AM Jonathan Nathanson
mailto:jmhnathan...@gmail.com>> wrote:
I had this very similar problem recently. Does A3 mana
::auth_log::FAILED, $self->app->profile->name);
$self->app->flash->{error} = "OAuth2 Error: Failed to validate the
token, please retry";
$self->landing();
good luck!
Cheers
On Thu, Apr 23, 2020 at 3:04 AM Jonathan Nathanson
mailto:jmhnathan.
please retry";
$self->landing();
good luck!
Cheers
On Thu, Apr 23, 2020 at 3:04 AM Jonathan Nathanson
mailto:jmhnathan...@gmail.com>> wrote:
I had this very similar problem recently. Does A3 manage DHCP in the reg VLAN?
The role should be assigned following a
hnathan...@gmail.com>> wrote:
I had this very similar problem recently. Does A3 manage DHCP in the reg VLAN?
The role should be assigned following a disconnect / COA packet sent to the
client device to get them to reconnect, I believe.
You should do a packet trace and check. You might also
ou should be able to see your PF server making a request to google to
validate the returned token.
On which version of PF are you? I've been using google auth successfully all
the way up to 9.2 (I haven tested anything newer though).
Also, not sure the logic you're using but you might want to
u're using but you might want to check that the
google source is assigning a role to the device in question..
On Wed, Apr 22, 2020 at 5:51 PM Bill Handler via PacketFence-users
mailto:packetfence-users@lists.sourceforge.net>>
wrote:
Running into an issue with Google oauth2 authentic
Running into an issue with Google oauth2 authentication via Captive Portal...
* Have it configured and set as an External Authentication Source
* Have all the correct settings on Google Developer site
What's happening is that after entering the username/password in the Google
display
Kevin,
Is the machine domain joined? I found that when I was logging in with a domain
machine via 802.1x, if I used the domain name in my username either domain\user
or u...@domain.com, it would fail. When I just used the username it succeeded
Thanks,
Bill
Sent from my iPhone
On Apr 15,
The installation documentation mentions that the ZEN VM can be deployed on
Hyper-V, however, there is only an OVA file to download. Is there another
location to d/l the Hyper-V VM?
Thanks,
Bill
___
PacketFence-users mailing list
25 matches
Mail list logo
