Hi,
I'm hoping someone could point me at some documentation which may provide
necessary steps to extend the MikroTik module to additionally support 802.1x
for ethernet.
I tried adding 'WiredDot1x' and 'WiredMacAuth' to
/usr/local/pf/lib/pf/Switch/Mikrotik.pm in the pf::SwitchSupports stansa bu
Hello David,
1. Which features do you use on Mikrotik module: Wireless MAC Auth ? Webauth
Wireless ? Or both ?
If you only use Wireless MAC Auth, you can try to create your own switch
template [1] to support features you need ('WiredDot1x' and 'WiredMacAuth').
[1]
https://www.packetfence.org/
Hello David,
you are in the good tracks.
First you need to append that:
use pf::SwitchSupports qw(
WiredMacAuth
WiredDot1x ... );
Then retry.
Also can you provide a raddebug output when you connect ?
raddebug -f /usr/local/pf/var/run/radiusd.sock
Regards
Fabrice
Le mar. 18 mai 2021 à 01:22,
>{'vlan'} . "",
};
}
PS: RADIUS disconnect nor CoA on 802.1x wired appears to be working but this
may also require alterations…
Regards
David Herselman
From: Fabrice Durand
Sent: Tuesday, 18 May 2021 2:40 PM
To: packetfence-users@lists.sourceforge.
Hi Nicolas,
MikroTik have at least 3 integration options with their products. Most people
appear to want to integrate their centrally managed WiFi solutions called
CAPsMAN, but most of my integration to Packet Fence has been with individual
MikroTik routers with wireless interfaces. We have RAD
Hi again,
Enabling debugging on the router appears to reveal my problem:
22:18:30 radius,debug,packet received Access-Accept with id 128 from
192.168.55.55:1812
22:18:30 radius,debug,packet Signature = 0x
22:18:30 radius,debug,packet User-Name = "REDACTED\d
;,
+'Tunnel-Private-Group-ID' => $args->{'vlan'} . "",
+};
+}
}
$logger->info("(".$self->{'_id'}.") Returning ACCEPT with VLAN
$args->{'vlan'} and role $role");
LANID-Type' => "0",
>
> +};
>
> +} else {
>
> +$radius_reply_ref = {
>
> + 'Tunnel-Type' => "13",
>
> +'Tunnel-Medium-Type' => "6",
>
> +
@lists.sourceforge.net
Cc: Fabrice Durand
Subject: Re: [PacketFence-users] MikroTik dot1x (Ethernet not WiFi)
Hello David,
I will be happy to review your PR once done.
Btw i am always impressed by the Mikrotik features, it's like a network
equipment switch knife.
Last thing, if the deauth method is no
