Hi all,
I again ask in this mailing list to finish the setup of my PacketFence
server. I'm running Centos 7.6 x86 with packetfence-8.2.1-3.el7.noarch
and , as you can read from
the subject of this email, I need to activate 802.1X authentication
using TTLS and PAP.
I've one production vlan a
You have filtered to wireless-noeap than is mac auth. 8021x is witeless-eap
Le jeudi 20 décembre 2018, Enrico Becchetti via PacketFence-users <
packetfence-users@lists.sourceforge.net> a écrit :
> Hi all,
> I again ask in this mailing list to finish the setup of my PacketFence
> server. I'm run
Hello Enrico,
you need to add manually the ldap server in the freeradius
configuration.
(https://packetfence.org/doc/PacketFence_Installation_Guide.html#_eap_authentication_against_openldap)
Regards
Fabrice
Le 18-12-20 à 10 h 15, Enrico Becchetti via PacketFence-users a écrit :
Hi all
Dear All,
so If I understand I need to change Wireless-NOEAP to Wireless-EAP and
create, or change, /usr/local/pf/raddb/modules/ldap following
this guide: 16.3 EAP Authentication.
but tell more about because this file
/usr/local/pf/raddb/sites-available/packetfence-tunnel
shows nothing about
Dear Fabrice,
I looking at /usr/local/pf/raddb/sites-available/packetfence-tunnel
and/usr/local/pf/raddb/modules/ldap
I realized that this guide probably is related to an old Freeradius ,
may be version 2.
This is because in my PF 8.2.1 setup both are missing.
I've got:
/usr/local/pf/raddb/site
Hello Enrico,
what i would do is the following:
edit /usr/local/pf/raddb/mods-available/ldap and add that:
ldap ldap_user {
server = "MyLDAP"
identity = "CN=readuser,CN=Users,DC=acme,DC=com"
password = password
basedn = "DC=acme,DC=com"
filter = "(cn=%{%{Stripped-User-Name}
Hello Fabrice,
if you've got more time for me I tell you that a can't procede with Ldap
as backend.
This is my choice for reasons that not dependent on packetfence so I
need remains
to use PF to authenticate all users, wifi and cable, throught WPA
enterprise 802.1X
TTL and PAP but I'd like to
Hello Enrico,
i thought that your goal was to use a ldap server for authentication,
anyway.
What you can do is to wait for the 8.3 release (in 2 weeks) which
include the code for radius proxy feature you will need to proxy rhe
request to another server.
Also your issue looks to be that you
Dear Fabrice,
I'll wait release 8.3 because I need openvas integration and proxy. Do
you think that proxy can be set up through
web interface ?
Bye the way of your ldap consideration I basically agree with you about
the kind of protocol but It can't be applied
for some logical industry reason.
Hello Enrico,
Yes you will be able to configure the proxy from the admin interface.
In fact what you will need to do is to define a radius source in the
authentication source and assign this source to the realm you want to proxy.
The code for openvas and the radius proxy feature has been mer
10 matches
Mail list logo
