Re: [PacketFence-users] FreeRADIUS Debug

raddebug -f /usr/local/pf/var/run/radiusd.sock -t 0 Le mer. 22 mai 2024 à 09:00, Brian Blater via PacketFence-users < packetfence-users@lists.sourceforge.net> a écrit : > From a google search I did the following to get FreeRADIUS into debug mode: > > In System Configuration | Services I stopped r

[PacketFence-users] FreeRADIUS Debug

>From a google search I did the following to get FreeRADIUS into debug mode: In System Configuration | Services I stopped radiusd and radiusd-auth and tried using the following: freeradius -X -d /usr/local/pf/raddb -n auth That didn't work. What is the command to get FreeRADIUS into debug mode so

Re: [PacketFence-users] freeRADIUS Migration - PacketFence Deployment

I've tested both Cisco and Unifi and the issue seems to lie with Connection profiles - when trying to do MAC/MAB authentication, it falls through to default profile, and never hits the MACAuth ones to check local DB credentials. Just connects and gives SSID vlan assignment, default profile doesn't

Re: [PacketFence-users] freeRADIUS Migration - PacketFence Deployment

I seem to have run into another issue on MAC based Authentication - 802.1x w/ Dynamic tested and working on Cisco and Unifi. When I try to migrate our 'IoT Wireless' I am unable to get PF to MAC Auth onto the SSID. I have a MAC user/pw locally in PF but I don't think it ever hits/tries to look for

Re: [PacketFence-users] freeRADIUS Migration - PacketFence Deployment

Yogendra - Thank you for the link, this looks to fill in some of the missing pieces in my learning curve, much appreciated. Cory White Sr. Network Engineer 904.735.1600 c...@xpodigital.com On Fri, May 26, 2023 at 11:33 PM Yogendra Singh wrote: > Dear Cory, > > As an alternate guide for instal

Re: [PacketFence-users] freeRADIUS Migration - PacketFence Deployment

Dear Cory, As an alternate guide for installation, you can use Extreme Networks " A3 Installation and Usage Guide". The A3 is completely built upon Packetfence. The URL for the guide is https://documentation.extremenetworks.com/a3/4.1.1/A3-v4.1.0-InstallationAndUsageGuide-NV.pdf Thanks and regard

Re: [PacketFence-users] freeRADIUS Migration - PacketFence Deployment

Fabrice - Much appreciated - after back tracking into the docs it was obvious I was trying to make something more complicated than needed! Once I rolled back what I 'thought' was needed, I was able to successfully test Cisco and Unifi Dynamic VLAN (802.1x) assignments against local DB. I started

Re: [PacketFence-users] freeRADIUS Migration - PacketFence Deployment

Hello Cory, Yes, of course you can use PacketFence local authentication without any Windows AD integration. There are multiple ways but the simplest is to use the local PacketFence database to authenticate the users. It's also possible to interact with a LDAP server to do the 802.1x authentication

[PacketFence-users] freeRADIUS Migration - PacketFence Deployment

Hello - I've followed packetfence since 2015 but we never fully adopted its feature sets due to various reasons. Our original interest was for Captive Portals - but at the time it felt like overkill and we did not want in-band switch port management to deploy a simple 'coffee shop' portal. Times

Re: [PacketFence-users] FreeRADIUS security issue from 0.9.3 to 3.0.25

Hello Ludovic, For sure, EAP-SIM or EAP-PWD modules are not in the EAP profiles section(from GUI). [image: image.png] But it's possible to select EAP-SIM or EAP-PWD as "Connection Sub Type" filter when creating a new Standard Connection Profile: [image: image.png] [image: image.png] Now I'm

Re: [PacketFence-users] FreeRADIUS security issue from 0.9.3 to 3.0.25

Hello Mickael, As far I know, PF does not use those modules. Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us:

[PacketFence-users] FreeRADIUS security issue from 0.9.3 to 3.0.25

Hello Team, freeradius.org releases vulnerability notifications for all versions of FreeRADIUS from 0.9.3 to 3.0.25 : https://freeradius.org/security/ 2022.04.22 - Information leakage in EAP-PWD: The issue was fixed in commit 9e5e8f2f

[PacketFence-users] Freeradius (packetfence) - Error binding to port for 127.0.0.1 port 18121

Hi all, I did *killall freeradius* then I did the debugging *freeradius -X* is showing the following message Failed binding to auth address * port 1812 bound to server default: Address already in use /etc/freeradius/sites-enabled/default[59]: Error binding to port for 0.0.0.0 port 1812 */usr/sbin

Re: [PacketFence-users] Freeradius failure

Cool Le 20-06-02 à 01 h 23, Tanzanite Prime Gaming via PacketFence-users a écrit : I am trying to get Freeradius to work on Packetfence. I get auth requests I think. ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https:/

[PacketFence-users] Freeradius failure

I am trying to get Freeradius to work on Packetfence. I get auth requests I think. ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users

Re: [PacketFence-users] freeradius

Hello, It’s normal that you can’t do that because PacketFence has already started a radius process. Look into the /usr/local/pf/logs/radius.log Or check in the Auditing tab within the PacketFence administration web interface. Thanks, Ludovic Zammit lzam...@inverse.ca

[PacketFence-users] freeradius

Hello, can't authenticate over 802.1X. Get this error-output when I do "Freeradius -X" >>>Ignoring request to auth address * port 1812 bound to server default from >>>unknown client 10.0.0.254 port 1645 port udp<<< Mit freundlichen Grüßen Marco Schmid [cid:image001.png@01D01931.A875F8E0] Präsid

Re: [PacketFence-users] Freeradius Telnet 1812 and 1813 fails

0-a9d4-ca51ef41c8ff.gif] From: Antoine Amacher [mailto:aamac...@inverse.ca] Sent: Friday, December 16, 2016 3:07 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Freeradius Telnet 1812 and 1813 fails Hello Grant, If your switch has the proper RADIUS secret and he is able t

Re: [PacketFence-users] Freeradius Telnet 1812 and 1813 fails

Hello Grant, If your switch has the proper RADIUS secret and he is able to talk to the management interface, then you should be all set. You could try the following, 1. Ensure that communication is working (ping between mgmt interface and switch IP) 2. ensure that RADIUS receive requests f

[PacketFence-users] Freeradius Telnet 1812 and 1813 fails

Hello, The Packetfence server is up and running with AD bind and we can see devices checking in via DHCP but not via the test switch, the test switch is a Cisco 3750 and I can see it in packetfence in Configuration/switches. We have 3 VLANS configured on the switch and packetfence however we ar

Re: [PacketFence-users] freeradius

Hello Oumy, If you want to use 802.1x you have multiples choices. 1: join PacketFence server to your domain (Configuration -> Domain and also add a realm). 2: use the local PacketFence user database (https://packetfence.org/doc/PacketFence_Administration_Guide.html#_freeradius_configuration

Re: [PacketFence-users] freeradius

hello every one i'm again here for freeradius problem, i just want to know which table in mysql packefence keep local user of radius. i'm asking for that because in mysql my table radacct is empty and i have no idea of why. 2016-07-25 15:37 GMT+00:00 Oumy Coulibaly : > any body can help me with

[PacketFence-users] freeradius

any body can help me with that?? mschap: Program returned code (1) and output 'Reading winbind reply failed! (0xc001)' -- What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an inter

Re: [PacketFence-users] Freeradius Problem

Thank you Sir,now its says me : Mon Apr  4 10:19:35 2016 : Auth: Login incorrect (mschap: External script says Logon failure (0xc06d)): [P$Mon Apr  4 10:19:35 2016 : Auth: Login incorrect: [Prof-PC\\Prof] (from client 192.168.1.5/255.255.255.0 port $Mon Apr  4 10:20:33 2016 : Auth: Login in

Re: [PacketFence-users] Freeradius Problem

It’s not rocket science. Either: radiusd is not running on the ip and port in question, or something is blocking the packets from reaching the radiusd process (hint: iptables), or radiusd is ignoring the packets (hint: run radius in debug mode). Regards, -- Louis Munro lmu...@inverse.ca :: ww

Re: [PacketFence-users] Freeradius Problem

Yes Sir I can ping the radius server from my switch , I can also ping my Windows Server machine from the switch.tcpdumd host "the ip address of the switch " shows me this output,but after this nothing except the errors that i see in the sh logging of the switch  ( RADIUS: Marking server 192.168

[PacketFence-users] Freeradius Problem

Hi all , i a problem when connceting my host to a cisco 2950 switch i get this error,Packetfence management ip address is 192.168.10.1 :00:04:21: RADIUS: Marking server 192.168.10.1:1812,1813 dead00:04:21: RADIUS: Tried all servers.00:04:21: RADIUS: No valid server found. Trying any viable serv

Re: [PacketFence-users] Freeradius Problem

Can you ping the radius server from the switch? If not, then that is your first problem to fix. Suggested reading: # man ping, # man tcpdump. -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu)

Re: [PacketFence-users] freeradius issue with 802.1x

> On Feb 26, 2016, at 4:09 , BARÓCSI Gábor wrote: > > When I start freeradius in debug mode like you told me, it works fine. I see > data in packetfence.log and the switch port is switched to the registration > vlan. > sudo pkill freeradius; sudo freeradius -d /usr/local/pf/raddb -n auth -Xx

Re: [PacketFence-users] freeradius issue with 802.1x

se.ca] Sent: 2016. február 24. 22:19 To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] freeradius issue with 802.1x On Feb 24, 2016, at 15:59 , BARÓCSI Gábor wrote: Now the switchport went to Registration vlan, but I don't know understand why. I defined a Port

Re: [PacketFence-users] freeradius issue with 802.1x

> On Feb 24, 2016, at 15:59 , BARÓCSI Gábor wrote: > > Now the switchport went to Registration vlan, but I don't know understand > why. I defined a Portal profile with the following conditions: > 1. switch - switchIp > Source: A defined ADauthentication (is user in a group) > Provisioners: acc

Re: [PacketFence-users] freeradius issue with 802.1x

o: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] freeradius issue with 802.1x On Feb 24, 2016, at 10:47 , BARÓCSI Gábor wrote: Hello, Please help me with an issue. I've just installed packetfence and integrated to a windows AD domain. I can do AD queries. I use a

Re: [PacketFence-users] freeradius issue with 802.1x

.nl] > Sent: 2016. február 24. 17:12 > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] freeradius issue with 802.1x > > Hello, > > A start would be the packetfence logs > (/usr/local/pf/logs/packetfence.log) info/debug messages are written the

Re: [PacketFence-users] freeradius issue with 802.1x

> On Feb 24, 2016, at 10:47 , BARÓCSI Gábor wrote: > > Hello, > > Please help me with an issue. I've just installed packetfence and integrated > to a windows AD domain. I can do AD queries. I use a cisco sg300 switch which > sends the EAP requests to packetfence. > I see with tcpdump that re

Re: [PacketFence-users] freeradius issue with 802.1x

my config files or something? Thanks! Gábor Barócsi Network and System Engineer -Original Message- From: Bebbet van Dinges [mailto:beb...@bebbet.nl] Sent: 2016. február 24. 17:12 To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] freeradius issue with 802.1x

Re: [PacketFence-users] freeradius issue with 802.1x

Hello, A start would be the packetfence logs (/usr/local/pf/logs/packetfence.log) info/debug messages are written there. Is the switch in production? Else it only gives out access-accept packages, but no control logic is applied yet. Bebbet On 24-2-2016 16:55, BARÓCSI Gábor wrote: > Hello, > >

[PacketFence-users] freeradius issue with 802.1x

Hello, Please help me with an issue. I've just installed packetfence and integrated to a windows AD domain. I can do AD queries. I use a cisco sg300 switch which sends the EAP requests to packetfence. I see with tcpdump that requests are coming to packetfence, but there is no response to the sw

[PacketFence-users] freeradius issue with 802.1x

Hello, Please help me with an issue. I've just installed packetfence and integrated to a windows AD domain. I can do AD queries. I use a cisco sg300 switch which sends the EAP requests to packetfence. I see with tcpdump that requests are coming to packetfence, but there is no response to the sw

Re: [PacketFence-users] FreeRadius Configuration

Hi, I tried radiusd to start but it failed. So, I run debug mode radiusd -X -d /usr/local/pf/raddb/. It response "This server is not configured to listen any port". Regards, Harun GÜLEÇ 2016-02-23 22:10 GMT+02:00 Bebbet van Dinges : > Hello > > Have you restarted Radius after the configuration

Re: [PacketFence-users] FreeRadius Configuration

Hi Bebbet, I tried radiusd -X /usr/local/pf/raddb/ -n auth command and it start debug mode correctly but when I start it normally - like that /etc/init.d/radiusd start - it doesn't start . Why does this problem occur? Do you have any idea about that? Thanks&Regards 2016-02-24 15:39 GMT+02:00 Haru

Re: [PacketFence-users] FreeRadius Configuration

Hello Have you restarted Radius after the configuration change? And is radius started? Else you could try to start it as a process with something like /usr/sbin/radiusd –d /usr/local/pf/raddb –X and continue your process from there. Kind regards, Bebbet On 23-2-2016 16:01, Harun GÜLEÇ wrote: > H

[PacketFence-users] FreeRadius Configuration

Hi everybody, I am new user of PacketFence. I have a problem about configuration FreeRadius. I want to authenticate via local user. I added new user on /usr/local/pf/raddb/users like that >> user Cleartext-Password := "1234576" << and tried to test it via >> radtest user 1234576 localhost:18120

Re: [PacketFence-users] freeradius

I'm not a packetfence developer but I kinda asked the same question a while ago, because I had the same scenario as you: regular user VLAN using 802.1x and guest user VLAN without 802.1x on the WIRED network. >From what I understood, you would need here to use MAC authentication, in the switch yo

Re: [PacketFence-users] freeradius

Hi Louis, list, Things are progressing nicely here: Currently we have pf running inline (with registration portal) for the wlan, and in 802.1x mode for the wired network. It's all very cool, and it works great :-) There is however one remaing scenario we would like to do: Suppose an unkown cli

Re: [PacketFence-users] freeradius

Hi Louis, On 5/26/2015 17:21, Louis Munro wrote: > Then how about chgrp pf /var/lib/samba/winbindd_privileged/ ? Yes, that worked. > I believe this is only an issue using sernet packages. Then there is no need to update the docs. :-) MJ --

Re: [PacketFence-users] freeradius

Hi Louis and list, Next step on our 802.1x / radius journey: In the pf docs, it says: * "usermod -a -G winbindd_priv pf" to allow pf to authenticate users. We are on debian7, and there is NO winbindd_priv group. (running sernet-samba-4.1.17) Permissions on /var/lib/samba/winbindd_privilege

Re: [PacketFence-users] freeradius

Then how about chgrp pf /var/lib/samba/winbindd_privileged/ ? I believe this is only an issue using sernet packages. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (

Re: [PacketFence-users] freeradius

Hahaha Louis Munro schreef op 5 mei 2015 15:07:16 CEST: >On May 5, 2015, at 9:04 , mourik jan heupink wrote: > >> My witch will arrive next week. > > >Networking is not black magic, regardless of what some people would >have you believe. > > >-- >Louis Munro >lmu...@inverse.ca :: www.inverse.c

Re: [PacketFence-users] freeradius

On May 5, 2015, at 9:04 , mourik jan heupink wrote: > My witch will arrive next week. Networking is not black magic, regardless of what some people would have you believe. -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Le

Re: [PacketFence-users] freeradius

Hi Louis, Thanks very much. My witch will arrive next week. As soon as I have it, I'll start playing around with radius / packetfence / procurve5400. I guess, as you say, things will become much more concrete then. Again, you are a great help, thanks! MJ On 05/05/2015 02:58 PM, Louis Munro wro

Re: [PacketFence-users] freeradius

On May 5, 2015, at 3:42 , mourik jan heupink wrote: > I understand now, that each time a device boots, the complete > authentication sequence you explained is followed, and also the 802.1x > authentication is done using the credentials of the _enduser_? That depends on the way the supplicant is

Re: [PacketFence-users] freeradius

Hi Louis, Thanks for this clear explanation..! However, reading through it, I mostly see disadvantages to radius, but probably only due to my misunderstanding of things... I understand now, that each time a device boots, the complete authentication sequence you explained is followed, and also th

Re: [PacketFence-users] freeradius

On May 3, 2015, at 11:37 , mourik jan heupink wrote: > Is this all approximately correct? Hi Mourik, I would call it approximately fanciful. Assuming 802.1x with PEAP — which is the most common deployment — the actual workflow is something like this (gross handwaving and simplifications follo

[PacketFence-users] freeradius

Hi Louis, Ok, here is the separate thread, with some more freeradius questions... I realise that this is not packetfence-specific, but I hope this is still relevant enough te be discussed here. Do I understand correctly that when getting freeradius involved, things would work approx. like this:

[PacketFence-users] FreeRadius configuration

Hello all, Is my RADIUS daemon supposed to listen on UDP port 1812 only - or on TCP and UDP? Thanks. Boris. -- Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in part

Re: [PacketFence-users] Freeradius issue

original - De: "Louis Munro" Para: packetfence-users@lists.sourceforge.net Enviados: Jueves, 29 de Enero 2015 11:38:54 Asunto: Re: [PacketFence-users] Freeradius issue On Jan 29, 2015, at 6:38 , Christopher Coronado < ccoron...@sanclemente.cl > wrote: Hi Thanks for the an

Re: [PacketFence-users] Freeradius issue

On Jan 29, 2015, at 6:38 , Christopher Coronado wrote: > Hi > > Thanks for the answer, but I have tried the modification to the file with no > success, I believe the problem is with freeradius that gets installed with > packetfence, as I mentioned before hand, I tried to installed freeradius

Re: [PacketFence-users] Freeradius issue

ence-users@lists.sourceforge.net Enviados: Miércoles, 28 de Enero 2015 17:52:07 Asunto: Re: [PacketFence-users] Freeradius issue Christopher, It's probably that openssl on ubuntu 12.04 is not recognized as a heartbleed patched version by freeradius, so it won't start. It is patched, but t

Re: [PacketFence-users] Freeradius issue

Christopher, It's probably that openssl on ubuntu 12.04 is not recognized as a heartbleed patched version by freeradius, so it won't start. It is patched, but that's not the point... see: http://lists.freeradius.org/pipermail/freeradius-users/2014-April/071369.html and http://comments.gmane.org/g

[PacketFence-users] Freeradius issue

Hi I would like to ask if anyone can give me some help with the following issue: I have installed Ubuntu 12.04.5 on a server and have tried to install packetfence to no avail. The reason being the following error: * Checking FreeRADIUS daemon configuration...

[PacketFence-users] freeradius and packetfence - username associated with mac address -> assigned vlan

Hi I am a new user of PacketFence, I am having some issue regarding freeradius integration. More in detail my need is to move client pc in a predetermined vlan based on mac address or user auth (802.1x). At this moment I am interested only in wired devices. I am facing issues of communication bet

[PacketFence-users] FreeRadius - Local Authentication

Hi everybody, I have installed with success Packetfence on my CentOS 6.5, in out-of-band mode (with port-security and SNMPv2) and everything works well. My problem is the authentication source. I'm trying to use FreeRadius with Local Authentication modifying the Users file under /usr/local/pf/raddb

[PacketFence-users] FreeRadius - Local Authentication

Hi everybody, I have installed with success Packetfence on my CentOS 6.5, in out-of-band mode (with port-security and SNMPv2) and everything works well. My problem is the authentication source. I'm trying to use FreeRadius with Local Authentication modifying the Users file under /usr/local/pf/raddb

[PacketFence-users] Freeradius configuration

Hi everybody, I'm new in packetfence, I have a Inline implementation for Internet access only in PF 4.4.0 I have a infraestructure with a freeradius server in production I'd like to join the packetfence with this to get users logged by the openldap account. I saw in the administration guide that f

Re: [PacketFence-users] freeradius watchdog being rejected by post-auth checks

[[ "$OUTPUT" =~ ^"rad_recv: Access-Reject packet from host" ]]; then WORKING=1 fi done return $WORKING; Cheers, Andi From: Louis Munro [mailto:lmu...@inverse.ca] Sent: 06 August 2014 14:02 To: packetfence-users@lists.sourceforge.net Subject: Re: [

Re: [PacketFence-users] freeradius watchdog being rejected by post-auth checks

Hi Andi, This may look like a dumb question, but does it matter if the request is rejected? What I mean is that if you are only trying to ascertain that the service is running and replying, the fact that it replies is good enough. Otherwise, just send an actual MAC instead of 'testuser' and 'te

[PacketFence-users] freeradius watchdog being rejected by post-auth checks

Hey all, I'm trying to implement a check to make sure the radius service is running on my server, however I'm finding that the radtest gets rejected by the post-auth checks inside the packetfence virtual server: post-auth { exec # skip packetfence if we have already treated i

Re: [PacketFence-users] freeradius + active directory configuration - ntlm_auth works, radtest does not

On 2014-06-20, at 11:26 , Pete Hoffswell wrote: > [suffix] Looking up realm "ad.davenport.edu" for User-Name = > "phoff...@ad.davenport.edu" > [suffix] Found realm "ad.davenport.edu" > [suffix] Adding Stripped-User-Name = "phoffswe" > [suffix] Adding Realm = "ad.davenport.edu" > [suffix] Proxy

Re: [PacketFence-users] freeradius + active directory configuration - ntlm_auth works, radtest does not

Thanks again Louis. You are right. My lack of knowledge about these applications is my source of struggle. Thanks for helping me through this! /usr/local/bin/eapol_test -c peap-mschapv2.conf -a 10.1.3.48 -s radiuskey Failed for me, but I was able to see that it was because my client (the packe

Re: [PacketFence-users] freeradius + active directory configuration - ntlm_auth works, radtest does not

Hi Pete, You are sending your request to port 18120. That maps to a virtual server that may not be the right one for you. Try port 1812. Send the request to the IP where PF is running (not localhost). If you have configured raddb/modules/mschap correctly that should work. If not, please post the

Re: [PacketFence-users] freeradius + active directory configuration - ntlm_auth works, radtest does not

Good morning, Leo - Thank you very much for your note. You are right on the money with this one! I installed eappol_test and ran with the following config file: peap-mschapv2.conf # # eapol_test -c peap-mschapv2.conf -s testing123 # network={ ssid="example" key_mgmt=WPA-EAP

Re: [PacketFence-users] freeradius + active directory configuration - ntlm_auth works, radtest does not

Hi Pete, I believe the issue is a side effect of the testing more than the configuration. To begin with, radtest does not do PEAP, so you will not be able to test PacketFence/AD reliably with it. Secondly, you are sending it to the FreeRADIUS virtual server on localhost:18120. That virtual serv

[PacketFence-users] freeradius + active directory configuration - ntlm_auth works, radtest does not

Good morning, PF users! I've been making good progress with my initial configuration of packetfence. I'm hung up, however, of some subtle freeradius configuration. I've followed the freeradius configuration from the guide, and have ntlm_auth working fine: ntlm_auth --request-nt-key --domain=Ad.

Re: [PacketFence-users] FreeRadius Stopping

Hi Fletcher On 2013-09-06, at 1:10 PM, Fletcher Haynes wrote: > I'll give it a shot as soon as I can upgrade. I can't find the > libterm-ansicolor-perl package for debian anywhere...I think it might be in > perl-modules on Ubuntu? But I'm not sure. We restored the debian/ubuntu repositories.

Re: [PacketFence-users] FreeRadius Stopping

Unfortunately, trying to update packetfence to 4.0.6 on Ubuntu 12.04 gives this error: The following packages have unmet dependencies: packetfence : Depends: libterm-ansicolor-perl but it is not installable On Thu, Sep 5, 2013 at 5:59 PM, Fletcher Haynes wrote: > I will try that tomorrow...I m

Re: [PacketFence-users] FreeRadius Stopping

Hi Fletcher, The best I can say is "maybe". Since we don't know for sure what is causing the problem for you, it's impossible to say for sure that this will fix it. But it can't hurt and if this turns out to be what is causing your problem it will fix it. Regards, -- Louis Munro lmu...@inverse.c

Re: [PacketFence-users] FreeRadius Stopping

I will try that tomorrow...I moved it to a new RHEL server this afternoon (which has 4.0.6) to see if that made a difference. Working fine so far. Was the XML encoding bug that is listed as fixed the problem? On Thu, Sep 5, 2013 at 2:50 PM, Louis Munro wrote: > Try upgrading to 4.0.6 :-) > > -

Re: [PacketFence-users] FreeRadius Stopping

Try upgrading to 4.0.6 :-) -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On 2013-09-05, at 15:40 , Fletcher Haynes wrote: > Just to be sure, here is my ou

Re: [PacketFence-users] FreeRadius Stopping

Not to hijack Dave's thread, but I started having this issue again two days ago. Except this time, I am not getting any DB handle errors. This is all I see in radius.log: Wed Sep 4 20:54:22 2013 : Error: Discarding duplicate request from client 158.104.249.7 port 32768 - ID: 82 due to unfinished r

Re: [PacketFence-users] FreeRadius Stopping

This is 4.0.5-2. I did find that bug report and verified that the change made to fix it (adding proper headers, I believe it was) is present in the code. On Thu, Sep 5, 2013 at 12:36 PM, Fletcher Haynes wrote: > Here is the output: > mysql> show status like 'threads_created'; > +

Re: [PacketFence-users] FreeRadius Stopping

Just to be sure, here is my output from the commands you had Dave run: root@packetfence-1:/usr/local/pf# dpkg -s packetfence | egrep -i 'package:|status:|version:' Package: packetfence Status: install ok installed Version: 4.0.5-2 root@packetfence-1:/usr/local/pf# grep HTTPHEADER /usr/local/pf/radd

Re: [PacketFence-users] FreeRadius Stopping

Here is the output: mysql> show status like 'threads_created'; +-+---+ | Variable_name | Value | +-+---+ | Threads_created | 269 | +-+---+ 1 row in set (0.00 sec) mysql> show status like 'connections'; +---+---+ | Vari

Re: [PacketFence-users] FreeRadius Stopping

05, 2013 9:12 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] FreeRadius Stopping Hi Dave, Have you checked for errors in logs/webservices_errors_log and logs/webservices_access_log ? The packetfence module of FreeRADIUS calls on this webservice. The

Re: [PacketFence-users] FreeRadius Stopping

What version of PF is this? The was an XML parsing related bug fixed in 4.0.5-2. The error in the logs was exactly the same as what you are seeing. -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) a

Re: [PacketFence-users] FreeRadius Stopping

Actually, Just show us mysql> show status like 'threads_created'; In addition to mysql> show status like 'connections'; That will give us a better picture of the issue. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Le

Re: [PacketFence-users] FreeRadius Stopping

I cleared the radacct (had around 1 million rows) and radacct_log (had around 7 million rows) tables, turned off all accounting for our wireless, and now I am back to getting this error: Error: rlm_perl: perl_embed:: module = /usr/local/pf/raddb//packetfence.pm , func = post_auth exit status= synt

Re: [PacketFence-users] FreeRadius Stopping

Hi Fletcher, 8 could still be too low to make any significant difference. What is the output of the following two commands? mysql> show status like 'connections'; mysql> show status like 'threads_created'; Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 *125 ::

Re: [PacketFence-users] FreeRadius Stopping

Hi Louis and Ludovic, I set it to 8 yesterday and still had the issue. I had also run MySQL primer and followed its recommendations, but will run MySQL Tuner and see what it says. Thank you! On Thu, Sep 5, 2013 at 9:01 AM, Louis Munro wrote: > Hi Fletcher. > > In mysql, what is the value of t

Re: [PacketFence-users] FreeRadius Stopping

Sounds stupid. But try less cores. If your host goes into a wait state for an unavailable core it can cause pauses. Your mileage may vary. ;) Sent from my iPhone On Sep 5, 2013, at 10:59 AM, Fletcher Haynes wrote: Not to hijack Dave's thread, but I started having this issue again two days ago.

Re: [PacketFence-users] FreeRadius Stopping

Hi Fletcher. In mysql, what is the value of thread_cache_size? If it is 0, try setting it to 4 (to begin with). Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 *125 :: +1 (866) 353-6153 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packe

Re: [PacketFence-users] FreeRadius Stopping

On 2013-09-05 10:04 AM, Fletcher Haynes wrote: I see a lot of these, then it handles a few more requests and then dies. From what I can tell, this indicates a slow backend DB, but I have it running on a separate VM with 4GB of RAM and 4 cores. MySQL spikes 100% regularly on one CPU, memory is a

Re: [PacketFence-users] FreeRadius Stopping

Hi Dave, Have you checked for errors in logs/webservices_errors_log and logs/webservices_access_log ? The packetfence module of FreeRADIUS calls on this webservice. The issue could be related to that. Regards, -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 *125 :: +1 (8

Re: [PacketFence-users] FreeRadius Stopping

> Debug is probably the only way you'll get an answer. > > radiusd -X -d /usr/local/pf/raddb > /usr/local/pf/logs/radius.log 2>&1 Running FreeRADIUS in debug mode will remove the "multithreading" support which is almost all of the time the cause of the crash (not that multithreading is buggy in

Re: [PacketFence-users] FreeRadius Stopping

On 2013-09-03 6:40 PM, Bulanda, Dave G wrote: What other places/logs can I check? Try to apply this patch: https://github.com/inverse-inc/packetfence/commit/be9d4917ec04d91cb4f0cf0ee55bc2bf57a0ba52 If it doesn't do it, try to apply these in order: https://github.com/inverse-inc/packetfence/

Re: [PacketFence-users] FreeRadius Stopping

Bulanda, Dave G wrote: > Louis, > > Radius is still stopping. I have an external NMS monitor for the process > and alert and then restart the service pfcmd service radius restart (As > it is still leaving a pid file.) At least this is minimizing the impact > on my users, but I would like to resol

Re: [PacketFence-users] FreeRadius Stopping

On 2013-09-03 6:40 PM, Bulanda, Dave G wrote: Radius is still stopping. I have an external NMS monitor for the process and alert and then restart the service pfcmd service radius restart (As it is still leaving a pid file.) At least this is minimizing the impact on my users, but I would like t

Re: [PacketFence-users] FreeRadius Stopping

To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] FreeRadius Stopping That seems to confirm that you never upgraded the actual packetfence package (as opposed to packetfence-pfcmd-suid). At this point my recommendation is to plan for an upgrade. Try using aptitude instead of apt

Re: [PacketFence-users] FreeRadius Stopping

ce forward would be great. > > Thanks > > > David Bulanda > Network Services Manager > dgbula...@indianatech.edu > Indiana Tech > > > > > From: Louis Munro [mailto:lmu...@inverse.ca] > Sent: Saturday, August 31, 2013 3:44 PM > To: packetfe

Re: [PacketFence-users] FreeRadius Stopping

t; From: Louis Munro [mailto:lmu...@inverse.ca] Sent: Saturday, August 31, 2013 3:44 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] FreeRadius Stopping Hi Dave, Fletcher's sugestion makes sense. You should probably investigate it before changing anything else.

Re: [PacketFence-users] FreeRadius Stopping

ndianatech.edu/> From: Louis Munro [mailto:lmu...@inverse.ca] Sent: Saturday, August 31, 2013 3:44 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] FreeRadius Stopping Hi Dave, Fletcher's sugestion makes sense. You should probably investigate it before chang

  1   2   >