Re: [PacketFence-users] Captive Portal Error on 8.1

nverse.ca> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) On Aug 6, 2018, at 9:05 AM, luca comes via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote: Dear list, I had some problem to update my cluster from 7.4.0 t

Re: [PacketFence-users] Captive Portal Error on 8.1

(x145) :: www.inverse.ca<http://www.inverse.ca> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) On Aug 6, 2018, at 9:05 AM, luca comes via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote: Dear list, I had some pr

[PacketFence-users] Captive Portal Error on 8.1

Dear list, I had some problem to update my cluster from 7.4.0 to the new 8.1 so I decided to create a new Server and make a fresh install of the latest release. I've configured the portal for my wireless guest access but the portal page is not shown, the message shown underneath is returned ins

[PacketFence-users] Problem after upgrade

Dear all, I'm trying to update my cluster from PF 7.4.0 to the last release 8.1.0. After third node is upgraded I tried to verify functionality but I have many errors. The biggest problem is that my wired clients are not authenticated anymore. I can see in the log (attached) the error: radius

Re: [PacketFence-users] Problem after upgrade

I forgot the attachment sorry. Da: luca comes Inviato: giovedì 26 luglio 2018 18:20 A: packetfence-users@lists.sourceforge.net Oggetto: Problem after upgrade Dear all, I'm trying to update my cluster from PF 7.4.0 to the last release 8.1.0. After third node i

Re: [PacketFence-users] Database Warning

n fixed but pfmaint.pl to fetch the latest fixes. Regards Fabrice Le 2018-06-01 à 03:13, luca comes via PacketFence-users a écrit : Hi all, I'm running PF 7.4.0 on a cluster, I noted that sometimes this warning is showed in the log: Jun 1 08:53:39 pfnac01 pfqueue: pfqueue(31016

[PacketFence-users] Database Warning

Hi all, I'm running PF 7.4.0 on a cluster, I noted that sometimes this warning is showed in the log: Jun 1 08:53:39 pfnac01 pfqueue: pfqueue(31016) WARN: [mac:c8:cb:b8:0e:b8:8d] database query failed with: MySQL server has gone away (errno: 2006), will try again (pf::dal::db_execute) Is th

Re: [PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Anyone who can help me about this problem? Luca Da: luca comes via PacketFence-users Inviato: giovedì 19 aprile 2018 11:37 A: packetfence-users@lists.sourceforge.net Cc: luca comes Oggetto: [PacketFence-users] Cisco WLC unable to reevaluate access on cluster

[PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Hi all, I'm on production with my PF cluster that is serving at the moment more or less 400 clients on cabled network and a wifi guest with sponsored email to a Cisco WLC. Today I'm facing a problem on the guest, all the procedure seems to work well but when the user is authorized and need to b

Re: [PacketFence-users] AD first login from registration VLAN

Anyone has some hint on how to solve my problem? I'm in production and this is blocking many users that has password expired. Luca Inviato da Outlook<http://aka.ms/weboutlook> ____ Da: luca comes via PacketFence-users Inviato: giovedì 15 marzo 2

[PacketFence-users] AD first login from registration VLAN

Hi all, I need users from registration VLAN access our Active Directory to make first login on thei clients. I'm working in Out of Band enforcement so I created some permit rules on my firewall to guarantee access from the registration VLAN to my domain controllers. The problem is that I can't

[PacketFence-users] portal error after upgrade

Hi all, I have another problem after my technical partner has update the master machine of my cluster. I don't know what they updated but I think perl is involved so the portal page show a 503 Service Unavailable from the haproxy. After checking and restarting httpd.portal I can see it start bu

Re: [PacketFence-users] Image Broken

.py to see if it use sqlite or mysql, if it use sqlite then do that: ln -sf /usr/local/pf/var/conf/local_settings.py /usr/lib/python2.7/site-packages/graphite/local_settings.py Regards Fabrice Le 2018-02-16 à 04:27, luca comes via PacketFence-users a écrit : Hi Fabrice, I changed the permi

[PacketFence-users] Image Broken

Hi all, I have a problem with my dashboard's graphs. In my cluster when the master node is started I see the images broken but when I shut it and second node takes ownership graphs are ok. Graphite is started but if I try to connect to it I receive a generic Internal Server Error. In the httpd.g

[PacketFence-users] R: R: R: R: No client IP update in cluster

github for that: https://github.com/inverse-inc/packetfence/pull/2887 Regards Fabrice Le 2018-01-31 à 03:40, luca comes via PacketFence-users a écrit : Hi Fabrice, I checked and what I can see is that pfdhcplistener is populated only on the master machine. The other 2 nodes have queue empty. The

[PacketFence-users] R: R: R: No client IP update in cluster

e how many. Le 2018-01-25 à 11:24, luca comes via PacketFence-users a écrit : Hi Fabrice, I then installed dhcp forwarder on my DHCP and I can see traffic arrive with tcpdump. The client IP on the gui has changed but after a long long time. It's strange because in a standalone configuration th

[PacketFence-users] R: R: R: Can't synchronize new cluster databases

ally. -- Jason Trinklein Wireless Engineering Manager College of Charleston 81 St. Philip Street | Office 311D | Charleston, SC 29403 trinkle...@cofc.edu<mailto:trinkle...@cofc.edu> | (843) 300–8009 From: luca comes via PacketFence-users Reply-To: "packetfence-users@lists.sourceforge.n

[PacketFence-users] R: R: No client IP update in cluster

ux: https://github.com/inverse-inc/packetfence-dhcp-forwarder/tree/master/dhcp-forwarder so you can install it on each cluster's member. Le 2018-01-22 à 10:34, luca comes via PacketFence-users a écrit : Hi Fabrice, I'm using a cluster of ISC DHCPD on CentOS 7 so think I can't us

[PacketFence-users] R: No client IP update in cluster

e management interface to see if you receive something on the port 767. (tshark -i eth0 -f "port 767") Regards Fabrice Le 2018-01-18 à 09:43, luca comes via PacketFence-users a écrit : Hi all, I've migrated my single node infrastructure to a 3 node cluster. At the moment I&

[PacketFence-users] R: R: Can't synchronize new cluster databases

x27;t synchronize new cluster databases What i can also recommend is to remove the content of /var/lib/mysql on the other server (not the master one of course) and restart packetfence-mariadb Regards Fabrice Le 2018-01-19 à 04:38, luca comes via PacketFence-users a écrit : Hi Jason, I had the same pr

[PacketFence-users] R: Can't synchronize new cluster databases

Hi Jason, I had the same problem last week. First check on your master server if it is joined and synced with the cluster you can do that reading the file .err in /var/lib/mysql/ and in the database with the query show status like 'wsrep%' as stated in the clustering guide. Luca

[PacketFence-users] No client IP update in cluster

Hi all, I've migrated my single node infrastructure to a 3 node cluster. At the moment I'm testing 802.1x with a Cisco catalyst 2950 and the authentication is working fine. I also have in production a wireless guest access with sponsor on Cisco WLC taht is working really well. Unfortunately I no

[PacketFence-users] R: R: R: no httpd portal in a Cluster

nnaio 2018 14:37 A: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] no httpd portal in a Cluster Hello Lucas, can i have the cluster.conf file ? Regards Fabrice Le 2018-01-15 à 05:10, luca comes

[PacketFence-users] R: R: no httpd portal in a Cluster

brice Durand Oggetto: Re: [PacketFence-users] no httpd portal in a Cluster Hello Lucas, can i have the cluster.conf file ? Regards Fabrice Le 2018-01-15 à 05:10, luca comes via PacketFence-users a écrit : Hi all, I've successfully migrated a single node infrastructure to a full 3 node cl

[PacketFence-users] R: no httpd portal in a Cluster

: Re: [PacketFence-users] no httpd portal in a Cluster Hello Lucas, can i have the cluster.conf file ? Regards Fabrice Le 2018-01-15 à 05:10, luca comes via PacketFence-users a écrit : Hi all, I've successfully migrated a single node infrastructure to a full 3 node cluster, all thing

[PacketFence-users] no httpd portal in a Cluster

Hi all, I've successfully migrated a single node infrastructure to a full 3 node cluster, all things has gone well but I have only one problem. After the cluster configuration the https port is not listening neither on the virtual IP nor the local IPs of each server on the management interface.

Re: [PacketFence-users] Active Directory Domains problem

Hi André, I don't remember the details. Anyway in my case the problem was that the machine was joined to domain before and the rejoin didn't work. So I removed it from the AD and rebuilt the procedure. Luca Inviato da Outlook Da: A

Re: [PacketFence-users] Packetfence doesn't change VLAN after registration

time i am busy. So the packetfence.log is not enough complete because what is interesting is just a after and we should suppose to see "Deauthenticating ...". Regards Fabrice Le 2017-12-15 à 06:17, luca comes via PacketFence-users a écrit : Hi all, I ask a new question hoping t

[PacketFence-users] Packetfence doesn't change VLAN after registration

Hi all, I ask a new question hoping this time someone would answer to me. I'm configuring a guest wireless LAN on Cisco WLC and Packetfence (last version 7.3) on CentOS 7. The authentication on the guest is made with sponsor authorization so the client access the guest but is correctly moved on

[PacketFence-users] Sponsor httpd doesn't work

Hi all, I have a strange behaviour on my PF. I configured a guest WiFi LAN with sponsored access and it seems working fine. The user connect to the WLAN (created on a Cisco WLC) and when the address is obtained from DHCP it is redirected to the registration page where user can put his informatio

[PacketFence-users] Two Factor Authentication

Dear list, I'm studying a system to provide two factor authentication for my company. The system ideally should be used to perform authentication on many different services such as ssh, ssl vpn (provided by fortinet firewall) and so on. I would like to use my PF installation but I don't know if

[PacketFence-users] Radius Active Directory with IP released

Dear list, I need a new hint to deploy a configuration on my PF. I have a Fortinet firewall which is the peer for our SSL VPN client, at the moment it authenticates client directly from LDAP. I want set client IP directly so the firewall can do specific rules for that IP. I tried to set the Dial

Re: [PacketFence-users] Bandwidth limit

custom what RADIUS answer you send. For instance >Filter-Id => 10, You have examples in the file conf/radius_filter.conf.example Thanks On 09/08/2017 08:52 AM, luca comes via PacketFence-users wrote: Ok Diego, I will try but it's not so clear to me how to proceed. I understand t

Re: [PacketFence-users] Bandwidth limit

de" of PF. I haven't seen any options to do bandwidth limiting in the UI though, so I would not keep my hopes up. What controller do you have? On Thu, Sep 7, 2017 at 3:37 AM, luca comes via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote: Hi Diego, th

Re: [PacketFence-users] Bandwidth limit

width limit Hi Luca, I don't have experience with the "inline mode" of PF. I haven't seen any options to do bandwidth limiting in the UI though, so I would not keep my hopes up. What controller do you have? On Thu, Sep 7, 2017 at 3:37 AM, luca comes via PacketFence-

Re: [PacketFence-users] Bandwidth limit

doing the access. If its a fairly advanced wifi, you could do it, but might be impossible or hard on wired switches (especially lower end) On Mon, Sep 4, 2017 at 5:41 AM, luca comes via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote: Dear all, I have a custom

[PacketFence-users] Bandwidth limit

Dear all, I have a customer who need to restrict bandwidth to IP/user when they exceed the limit. Is there the possibility using PF? Can you drive me to documentation or some example to understand the possibilities? Thanks Luca Inviato da Outlook

Re: [PacketFence-users] Inconsistent roles in switches definition

s.sourceforge.net>> wrote: On 7/13/17 04:31, luca comes via PacketFence-users wrote: Dear all, any suggestion on this problem? Is there a way to clean remove roles from pf? Any roles created and then removed from roles.conf is shown even after reload. As far as I understand it, the defin

Re: [PacketFence-users] Inconsistent roles in switches definition

Dear all, any suggestion on this problem? Is there a way to clean remove roles from pf? Any roles created and then removed from roles.conf is shown even after reload. Thanks Luca Da: luca comes via PacketFence-users Inviato: martedì 4 luglio 2017 11:07 A

Re: [PacketFence-users] Machine authentication

Hi Fabrice, I solved my problem. You put me on the right way, I was doing an error in the base DN where PF was serching for machine names. I really thank you. Luca Inviato da Outlook<http://aka.ms/weboutlook> ____ Da: luca comes via PacketFence-users I

Re: [PacketFence-users] Machine authentication

rceforge.net> Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and restart radius. Regards Fabrice Le 2017-07-10 à 05:58, luca comes via PacketFence-users a écrit : I've found this error in radius.log

Re: [PacketFence-users] Machine authentication

Hi MJ, any help is really appreciated I'm also not a packetfence expert 😊 The first error I think is not relevant because I'm not using SNMP I will check it after the basic config will run fine. The other one is strange, as I was writing to Fabrice my source is apparently correctly configured b

Re: [PacketFence-users] Machine authentication

.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and restart radius. Regards Fabrice Le 2017-07-10 à 05:58, luca comes via PacketFence

Re: [PacketFence-users] Machine authentication

cketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and restart radius. Regards Fabrice Le 2017-07-10 à 05:58, luca comes via PacketFence-users a écrit : I've found this error in radius.log ERROR: mschap_machine: Program returned code (1

Re: [PacketFence-users] Machine authentication

-users@lists.sourceforge.net Cc: Fabrice Durand Oggetto: Re: [PacketFence-users] Machine authentication Hello Luca, add a realm dm.loc and assign it to your domain and restart radius. Regards Fabrice Le 2017-07-10 à 05:58, luca comes via PacketFence-users a écrit : I've found this error in

Re: [PacketFence-users] Machine authentication

ssage":"CLI Access is not allowed by PacketFence on this switch","control:PacketFence-Authorization-Status":"allow"} Are you seeing this same message about CLI access? MJ On 07/10/2017 11:58 AM, luca comes via PacketFence-users wrote: > I've found

Re: [PacketFence-users] Machine authentication

st are fine (wbinfo -u etc.). I added my domain to the LOCAL realm as per Antoine mail but is still doesn't work. Thanks for your help Luca Inviato da Outlook<http://aka.ms/weboutlook> ____________ Da: luca comes via PacketFence-users Inviato: venerdì 7 l

Re: [PacketFence-users] Machine authentication

ms/weboutlook> ____ Da: luca comes via PacketFence-users Inviato: venerdì 7 luglio 2017 17:40 A: packetfence-users@lists.sourceforge.net Cc: luca comes Oggetto: Re: [PacketFence-users] Machine authentication Hi Antoine, thank you for your answer, unfortunately it doesn't w

Re: [PacketFence-users] Machine authentication

017 17:20 A: packetfence-users@lists.sourceforge.net Cc: Antoine Amacher Oggetto: Re: [PacketFence-users] Machine authentication Lucas, Map the domain on which they should authenticate with the REALM LOCAL. In configuration -> policies and access control -> realms Thanks On 07/07/2017 11:15 A

[PacketFence-users] Machine authentication

Hi all, I'm trying to do machine authentication vs Windows AD but it doesn't work. I've created the domain and the realm but in the radius debug log I can see that it is not catching the correct realm: (20) Fri Jul 7 16:29:45 2017: Debug: Received Access-Request Id 103 from 10.10.10.4:1645

[PacketFence-users] Inconsistent roles in switches definition

Dear list, I'm facing a strange problem I'm sure you can help me to understand. During my tests I've created a role for machine authentication and applied to a test switch. After that I realized that the name was wrong (some capital letters inside the name wasMAchine_Auth_Role) so I decided to

Re: [PacketFence-users] Active Directory Domains problem

Ok guys, thank you again for your co-operation. Luca Inviato da Outlook Da: lists via PacketFence-users Inviato: martedì 27 giugno 2017 15:54 A: packetfence-users@lists.sourceforge.net Cc: lists Oggetto: Re: [PacketFence-users] Acti

Re: [PacketFence-users] Active Directory Domains problem

<http://www.packetfence.org>) On Jun 26, 2017, at 02:45, luca comes via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>> wrote: Hi all, any help on how can I troubleshoot the AD Join problem? Also I need to remove all the folders inside /chroot/ created for my nu

Re: [PacketFence-users] Active Directory Domains problem

Hi all, any help on how can I troubleshoot the AD Join problem? Also I need to remove all the folders inside /chroot/ created for my numerous tests, is that possible? Luca Inviato da Outlook<http://aka.ms/weboutlook> ____ Da: luca comes via PacketFence

Re: [PacketFence-users] Active Directory Domains problem

7-06-19 à 11:11, luca comes via PacketFence-users a écrit : Hi all, I'm going crazy to configure active directory domain as part of freeradius configuration. I'm running PF 7.1.0 on a CentOS 7 fresh minimal install. When I try to add the domain I've got error from the gui no useful

[PacketFence-users] Active Directory Domains problem

Hi all, I'm going crazy to configure active directory domain as part of freeradius configuration. I'm running PF 7.1.0 on a CentOS 7 fresh minimal install. When I try to add the domain I've got error from the gui no useful log in log.winbindd. After that is impossible to access the again the ac

Re: [PacketFence-users] mab+802.1x authentication

a client which is not in the domain. Thnaks On 06/07/2017 08:47 AM, luca comes via PacketFence-users wrote: Hi Antoine, I'm doing more tests but it's not so clear point 2. To match the new connection profile I need to specify also a source other than the connection type filter? In that c

Re: [PacketFence-users] mab+802.1x authentication

Hi Antoine, I'm doing more tests but it's not so clear point 2. To match the new connection profile I need to specify also a source other than the connection type filter? In that case which type of source should I add? I want that clients not 802.1x able or outside of my domain take a specific