Dear Fabrice,
I didn't know your solution so I'd choose to change inner-tunnel:
authroize {
...
if ( "%{outer.request:User-Name}" != "%{User-Name}" ) {
fail
}
Best regards
Enrico
Il 09/05/2019 23:52, Durand fabrice via PacketFence-users ha scritto:
Another solution can be to add an attribute in the reply (from the
external radius server) with the user name from the inner tunnel and in
post-proxy section rewrite to username.
Regards
Fabrice
Le 19-05-09 à 15 h 21, Enrico via PacketFence-users a écrit :
Hello Fabrice,
in fact you
Hello Fabrice,
in fact you understand very well, PF proxy doesn't show what is in the
inner tunnel
so I changed the config of my radius backend , to check and allow login
only if the identity
is the same as the username held in the inner tunnel.
Thanks again.
Best regards.
Enrico
Il 09/05/19
Hello Enrico,
as i understand your setup it looks that you proxy the request to
another server (based on the realm pg.infn.it) but since you proxy the
request packetfence doesn't have access to the inner tunnel.
So the only solution is to authenticate the radius request directly on
Il 07/05/2019 13:36, Nicolas Quiniou-Briand via PacketFence-users ha
scritto:
Hello Enrico,
Could you provide me a full example ?
1. a MAC address which has issue
2. Actual results
3. Expected results
4. packetfence.log for this MAC address
1) 70:54:d2:bc:be:91
2) login with 802.1X from
Hello Enrico,
Could you provide me a full example ?
1. a MAC address which has issue
2. Actual results
3. Expected results
4. packetfence.log for this MAC address
--
Nicolas Quiniou-Briand
n...@inverse.ca :: +1.514.447.4918 *140 :: https://inverse.ca
Inverse inc. :: Leaders behind SOGo
Il 29/04/2019 14:16, Nicolas Quiniou-Briand via PacketFence-users ha
scritto:
Hello,
On 2019-04-28 9:53 p.m., Enrico via PacketFence-users wrote:
Dear all,
I’ve been writing lots of emails to this list, but I think this one
is a very important one, because I’d like to find better
Hello,
On 2019-04-28 9:53 p.m., Enrico via PacketFence-users wrote:
Dear all,
I’ve been writing lots of emails to this list, but I think this one is a
very important one, because I’d like to find better information about
the question of access logging.
Packetfence is a software that
Dear all,
I’ve been writing lots of emails to this list, but I think this one is a
very important one, because I’d like to find better information about
the question of access logging.
Packetfence is a software that allows a web access following an
authentication. Logging of these accesses