Re: [PacketFence-users] cisco WLC

Hi, yes Regards Fabrice Le 2018-07-23 à 01:54, Advancedata Network via PacketFence-users a écrit : Hi, Do packetfence support cisco WLC? Sent from Mail for Windows 10 --

Re: [PacketFence-users] cisco WLC

Yes, we are running Packetfence with and old WLC 4000 series and it works very well. Sendt fra min iPhone Den 23. jul. 2018 kl. 14.33 skrev Advancedata Network via PacketFence-users mailto:packetfence-users@lists.sourceforge.net>>: Hi, Do packetfence support cisco WLC? Sent from Mail

Re: [PacketFence-users] Cisco WLC isssues

1) According to the errors, it seems that your database is not running or you have or there is a mis-configuration. 2) Are you running inline? if not, it sounds to me like an issue of your dhcp server setup and the dns server it is sending out. Lupe Silva On Mon, Aug 25, 2014 at 1:31 PM, PFSu

Re: [PacketFence-users] Cisco WLC isssues

. From: Lupe Silva [lupe.si...@gmail.com] Sent: Tuesday, August 26, 2014 10:02 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC isssues 1) According to the errors, it seems that your database is not running or you have or there is a

Re: [PacketFence-users] Cisco WLC isssues

assign client access and ACL on the wirless controller. *From:* Lupe Silva [lupe.si...@gmail.com] *Sent:* Tuesday, August 26, 2014 10:02 AM *To:* packetfence-users@lists.sourceforge.net *Subject:* Re: [PacketFence-users] Cisco

Re: [PacketFence-users] Cisco WLC isssues

quest 0 ID 213 with timestamp +336 Ready to process requests. ________ From: Fabrice DURAND [fdur...@inverse.ca] Sent: Tuesday, August 26, 2014 11:24 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC isssues Hi PFSupport, the secret is i

Re: [PacketFence-users] Cisco WLC isssues

nel-Type:0 = VLAN Tunnel-Medium-Type:0 = IEEE-802 Airespace-ACL-Name = "Authorize_any" Finished request 0. Going to the next request Waking up in 4.8 seconds. Cleaning up request 0 ID 213 with timestamp +336 Ready to process requests. -------------

Re: [PacketFence-users] Cisco WLC isssues

___________ From: Fabrice DURAND [fdur...@inverse.ca<mailto:fdur...@inverse.ca>] Sent: Tuesday, August 26, 2014 11:24 AM To: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net> Subject: Re: [PacketFence-users] Cisco WLC isssues Hi PFSupport, th

Re: [PacketFence-users] Cisco WLC isssues

. *From:* Fabrice DURAND [fdur...@inverse.ca] *Sent:* Tuesday, August 26, 2014 1:47 PM *To:* packetfence-users@lists.sourceforge.net *Subject:* Re: [PacketFence-users] Cisco WLC isssues Ok so it look that you use the wrong module for web auth. Use Cisco Wireless Controller (WLC HTTP

Re: [PacketFence-users] Cisco WLC isssues

Added pair NAS-IP-Address = 172.16.32.30 rlm_perl: Added pair Tunnel-Private-Group-Id = 3100 rlm_perl: Added pair SQL-User-Name = 0026c7a88a3e rlm_perl: Added pair Tunnel-Medium-Type = IEEE-802 rlm_perl: Added pair Calling-Station-Id = 172.16.50.15 rlm_perl: Added pair Cisco-AVPair = audit-session-id=

Re: [PacketFence-users] Cisco WLC 5508 Firmware

If you explain what kind of issues you are having, that would help. Cheers! dw. -- Derek Wuelfrath dwuelfr...@inverse.ca :: www.inverse.ca +1.514.447.4918 (x110) :: +1.866.353.6153 (x110) Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On May 23, 2014, at

Re: [PacketFence-users] Cisco WLC 5508 Firmware

In following the documentation, I have setup the Secure SSID and Public SSID. Secure is working fine. The public does not seem to work. It appears that packet fence is sending the appropriate vlan via radius to the WLC, but the device running on the public don't seem to connect. I suspect they

Re: [PacketFence-users] Cisco WLC ver 8.2.

Hi Domingos, i am no expert, but i think that you should uncheck "fast transition". regards, On Thu, 1 Aug 2019 at 09:48, Domingos Varela via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > Hi, > > I am setting up a cisco wlc version 8, and when using the manual settings >

Re: [PacketFence-users] Cisco WLC ver 8.2.

Hello, It's working without FT. Thanks. Regards A quinta, 1/08/2019, 09:31, pro fence via PacketFence-users < packetfence-users@lists.sourceforge.net> escreveu: > Hi Domingos, > > i am no expert, but i think that you should uncheck "fast transition". > > regards, > > On Thu, 1 Aug 2019 at 09:4

Re: [PacketFence-users] CISCO WLC and DHCP bug

Are your WLANs configured for central or local switching? On Fri, Jul 18, 2014 at 8:22 AM, luca comes wrote: > Hi all, > I've got a strange problem with DHCP after deauthentication. I'm running > Cisco virtual WLC (last release 7.6.120) and Packetfence 4.3.0 deployed to > serve wireless guest a

Re: [PacketFence-users] CISCO WLC and DHCP bug

Hi Fletcher, my WLAN is configured for central switching in our datacenter where also the DHCP server is located. Thanks Luca Date: Fri, 18 Jul 2014 08:27:56 -0700 From: fhay...@willamette.edu To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] CISCO WLC and DHCP bug

Re: [PacketFence-users] CISCO WLC and DHCP bug

server is located. > > Thanks > > Luca > > -- > Date: Fri, 18 Jul 2014 08:27:56 -0700 > From: fhay...@willamette.edu > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] CISCO WLC and DHCP bug > > > Are your

Re: [PacketFence-users] CISCO WLC and DHCP bug

testing and replace the system with the Cisco captive portal page. Luca Date: Mon, 21 Jul 2014 07:05:56 -0700 From: fhay...@willamette.edu To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] CISCO WLC and DHCP bug Do you have DHCP proxy configured on the WiSM globally? Have

Re: [PacketFence-users] CISCO WLC and DHCP bug

gt; > From: fhay...@willamette.edu > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] CISCO WLC and DHCP bug > > Do you have DHCP proxy configured on the WiSM globally? Have you > configured interfaces on the WiSM for each VLAN you are using? >

Re: [PacketFence-users] CISCO WLC and DHCP bug

gs are working fine and I don't want to throw away months of working and testing and replace the system with the Cisco captive portal page. Luca Date: Mon, 21 Jul 2014 07:05:56 -0700 From: fhay...@willamette.edu To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-use

Re: [PacketFence-users] CISCO WLC and DHCP bug

gt; -- > Date: Mon, 21 Jul 2014 09:22:04 -0700 > > From: fhay...@willamette.edu > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] CISCO WLC and DHCP bug > > I am using PF with a WiSM2 on 7.6.120, so I know it works. =)

Re: [PacketFence-users] Cisco WLC and Meraki WebAuth

Which firmware version do you use on Cisco wlc 2504? From: KUHN, BENJAMIN [mailto:bek...@rochester.k12.mn.us] Sent: Wednesday, March 15, 2017 7:20 PM To: packetfence-users@lists.sourceforge.net Subject: [PacketFence-users] Cisco WLC and Meraki WebAuth I am attempting to set up PacketFence to

Re: [PacketFence-users] Cisco WLC Radius accounting issue

Hello Jamison, i have already met this issue and i think it´s because your controller is the dhcp server. To fix that you have to play in radius configuration. First add in the policy file (/usr/local/pf/raddb/policy.conf) these lines: # Add "rewrite.calling_station_id_accounting" in

Re: [PacketFence-users] Cisco WLC Radius accounting issue

mailto:fdur...@inverse.ca>> Reply-To: mailto:packetfence-users@lists.sourceforge.net>> Date: Fri, 12 Apr 2013 13:20:54 -0400 To: mailto:packetfence-users@lists.sourceforge.net>> Subject: Re: [PacketFence-users] Cisco WLC Radius accounting issue Hello Jamison, i have already met this issu

Re: [PacketFence-users] Cisco WLC Radius accounting issue

mailto:fdur...@inverse.ca>> Reply-To: <mailto:packetfence-users@lists.sourceforge.net>> Date: Fri, 12 Apr 2013 13:20:54 -0400 To: <mailto:packetfence-users@lists.sourceforge.net>> Subject: Re: [PacketFence-users] Cisco WLC Radius accounting issue Hello Jamison, i have alr

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

-SNIP- Right now as it stands, if a users chooses the private SSID, and authenticates, they are sent to the appropriate. VLAN (staff or student). If that users then chooses the public SSID, they will go there fine still on their appropriate vlan they had registered with earlier, but in

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

Thanks for the response. My objective is as follows: One private SSID for staff and students that uses WPA2/802.1X that assigns to the vlan according to their role. We have Active Directory and with this setup, users only need to log into their workstations and their roles will be assigned accordi

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

8 Phax: 254-295-4221 From: Lupe Silva [lupe.si...@gmail.com] Sent: Tuesday, June 17, 2014 10:14 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC, Private and Public WLANs Thanks for the response. My objective is as follows: O

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

gt; From: Lupe Silva [lupe.si...@gmail.com] > Sent: Tuesday, June 17, 2014 10:14 AM > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] Cisco WLC, Private and Public WLANs > > Thanks for the response. > My objective is as follows: > One private SSID for

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

-4221 From: Lupe Silva [lupe.si...@gmail.com] Sent: Tuesday, June 17, 2014 3:29 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC, Private and Public WLANs Thanks for the reply. Yes, a re-evaluation would have been good. I did

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > > From: Lupe Silva [lupe.si...@gmail.com] > Sent: Tuesday, June 17, 2014 3:29 PM > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] Cisco WLC, Private and Public

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

From: Durand fabrice [fdur...@inverse.ca] Sent: Tuesday, June 17, 2014 4:21 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC, Private and Public WLANs Hi all, in the incoming 4.3 release we introduce vlan filter, the goal of this feature is to remove a part o

Re: [PacketFence-users] Cisco WLC, Private and Public WLANs

gt; encrypted wifi they would then be given the vlan their credentials say they >> should be on. >> >> Jake Sallee >> Godfather of Bandwidth >> System Engineer >> University of Mary Hardin-Baylor >> WWW.UMHB.EDU >> >> 900 College St. >&

Re: [PacketFence-users] Cisco WLC same SSID different vlans

Yo! Jake here. Sorry it has taken me a bit to get back with you, its a bit crazy for me right now. We have attempted to solve the same SSID + different VLan issue in two ways. The first way involved some custom code and a custom DB table. Basically the way it worked was when a user authentic

Re: [PacketFence-users] Cisco WLC same SSID different vlans

- From: "Sallee, Jake" Date: 03/12/2014 19:12 (GMT+01:00) To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC same SSID different vlans Yo! Jake here. Sorry it has taken me a bit to get back with you, its a bit crazy for me right now. We have at

Re: [PacketFence-users] Cisco WLC same SSID different vlans

Thanks Jake, I have an interface setup on vlan 20 for the access-points for a test. the wlan with the duplicated SSID is using 121. I have applied it to it's own AP group for that building. The packetfence is seeing the source still as the mgmt of the controller. I have been through the inte

Re: [PacketFence-users] Cisco WLC same SSID different vlans

I found it... under WLANs > Edit > Security > AAA Servers "Radius Server Overwrite interface and check it enabled. Set the interface Priority to WLAN and then apply. The radius request then comes from the ip of the wlan you specify on the general tab for Interface. Note - If you are using ac

Re: [PacketFence-users] Cisco WLC Web Auth @ PacketFence 6.4

Hellor Talan, my answer bellow. Le 2017-01-25 à 09:33, Talan Westby a écrit : Hi, We have recently attempted to upgrade from 5.7 to 6.4, unfortunately we have faced some issues which are proving difficult to figure out. Here are the issues: 1.When an iOS device connects in an “unregister

Re: [Packetfence-users] Cisco WLC 4400 Wireless Lan Crontroller

Hi Jake, This is the mac filtering in the WLC. Basically, you enable the mac filtering in your security tab for the ssid, and in the AAA server, you point in to your RADIUS. On 11-09-16 4:36 PM, Sallee, Stephen (Jake) wrote: @ all: I understand that PF supports the Cisco 4

Re: [Packetfence-users] Cisco WLC 4400 Wireless Lan Crontroller

ry Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 From: Francois Gaudreault [mailto:fgaudrea...@inverse.ca] Sent: Friday, September 16, 2011 3:46 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [Packetfence-users] Cisco WLC 4400 Wireless Lan Crontr

Re: [Packetfence-users] Cisco WLC 4400 Wireless Lan Crontroller

Le Vendredi 16 Septembre 2011 17.12 EDT, "Sallee, Stephen (Jake)" a écrit: Ah, that makes *a little* sense. I actually had already done that : ) I think I may be in for a TAC call because I need a way to have more than one VLan on a single SSID and I am not seeing anywhere on the WLC that it

Re: [Packetfence-users] Cisco WLC 4400 Wireless Lan Crontroller

You need to setup the three interfaces (VLANs) that your going to use. Assign the normal VLAN to the SSID. Then also make sure AAA Override is turned on so the PF FreeRADIUS server can send the VLAN override like Ludovic mentioned. Jonathan On Fri, Sep 16, 2011 at 3:51 PM, Ludovic Marcotte wrote

Re: [PacketFence-users] Cisco WLC users, a question for you.

Are you using the Radius Server Overwrite Interface option that is in the AAA section for each WLAN? I think option 2 is unlikely, heh. At least not in a timely manner. On Thu, Dec 11, 2014 at 8:13 AM, Sallee, Jake wrote: > My fellow PacketFence users: > > Good day! I know few of you are runnin

Re: [PacketFence-users] Cisco WLC users, a question for you.

5-4658 Phax: 254-295-4221 From: Fletcher Haynes [fhay...@willamette.edu] Sent: Thursday, December 11, 2014 10:31 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC users, a question for you. Are you using the Radius Server Ove

Re: [PacketFence-users] Cisco WLC users, a question for you.

s [fhay...@willamette.edu] > Sent: Thursday, December 11, 2014 10:31 AM > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] Cisco WLC users, a question for you. > > Are you using the Radius Server Overwrite Interface option that is in the > AAA sec

Re: [PacketFence-users] Cisco WLC users, a question for you.

295-4221 From: Fletcher Haynes [fhay...@willamette.edu] Sent: Thursday, December 11, 2014 11:14 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC users, a question for you. Ah. Are you doing that because you don't route between

Re: [PacketFence-users] Cisco WLC users, a question for you.

College St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > > From: Fletcher Haynes [fhay...@willamette.edu] > Sent: Thursday, December 11, 2014 11:14 AM > To: packetfence-users@lists.sourceforge.net > Subject: Re:

Re: [PacketFence-users] Cisco WLC users, a question for you.

:17 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC users, a question for you. Well, maybe I am not understanding something about your setup...we are also a college campus, and we have various subnets and VLANs for collections of buildings. I have one WiSM2 that serv

Re: [PacketFence-users] Cisco WLC users, a question for you.

> From: Fletcher Haynes [fhay...@willamette.edu] > Sent: Thursday, December 11, 2014 12:17 PM > To: packetfence-users@lists.sourceforge.net > Subject: Re: [PacketFence-users] Cisco WLC users, a question for you. > > Well, maybe I am not understanding something about your setup...we are

Re: [PacketFence-users] Cisco WLC users, a question for you.

ersity of Mary Hardin-Baylor >> WWW.UMHB.EDU [1] >> >> 900 College St. >> Belton, Texas >> 76513 >> >> Fone: 254-295-4658 [2] >> Phax: 254-295-4221 [3] >> ________ >> From: Fletcher Haynes [fhay...@willamette.edu] >> Sent: Thursday,

Re: [PacketFence-users] Cisco WLC users, a question for you.

gt; Godfather of Bandwidth >>> System Engineer >>> University of Mary Hardin-Baylor >>> WWW.UMHB.EDU [1] >>> >>> 900 College St. >>> Belton, Texas >>> 76513 >>> >>> Fone: 254-295-4658 [2] >>> Phax: 254-295-4221 [3]

Re: [PacketFence-users] Cisco WLC users, a question for you.

et you look at our config. >>>> Maybe the way your are doing it is the way I should be. >>>> >>>> Jake Sallee >>>> Godfather of Bandwidth >>>> System Engineer >>>> University of Mary Hardin-Baylor >>>> WWW.UMHB.E

Re: [PacketFence-users] Cisco WLC users, a question for you.

014 10:35 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC users, a question for you. Hello, controller_ip is the parameter you are looking for. Just set it in your switch configuration and packetfence will use it instead of the radius source ip. Rega

Re: [PacketFence-users] Cisco WLC users, a question for you.

t; 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > > > From: Fabrice DURAND [fdur...@inverse.ca] > Sent: Monday, December 15, 2014 10:35 AM > To: packetfence-users@lists.sourcef

Re: [PacketFence-users] Cisco wlc 2500 Extract Ssid not working

Hello Helen, fist you need to configure the WLC to send mac:ssid in the Called-Station-Id (Security -> Radius -> Authentication : Call Station ID Type). Next your redirection url is wrong, set this instead: http://10.1.254.126/Cisco::WLC Next untick Role by Vlan id in PacketFence switch config,

Re: [PacketFence-users] Cisco WLC and sponsor guest reconnect issue

Hello Enrico, Did you enable the CoA correctly on the radius server where you defined the pf IP address ? Also known as RFC 3576. Thanks, > On Sep 7, 2019, at 8:48 AM, Enrico Pasqualotto via PacketFence-users > wrote: > > Dear all, I've a running setup with PF 9 in VLAN enforcement mode wh

Re: [PacketFence-users] Cisco WLC and sponsor guest reconnect issue

Hello Ludovic, CoA can be the issue as I saw into the logs: Sep 9 14:32:03 jit-pf pfqueue: pfqueue(13703) WARN: [mac:90:00:4e:c2:03:1d] Unable to perform RADIUS CoA-Request on (WLC_IP): Timeout waiting for a reply from WLC_IP on port 1700 at /usr/local/pf/lib/pf/util/radius.pm line 166. (pf::S

Re: [PacketFence-users] Cisco WLC and sponsor guest reconnect issue

UPDATE using aaa debug on WLC I saw: (Cisco Controller) >*radiusRFC3576TransportThread: Sep 10 14:47:42.311: processIncomingMessages: Received RFC3576 message from PacketFence_IP of len 57 with return 0 *radiusRFC3576TransportThread: Sep 10 14:47:42.312: Request Authenticator(recv'd) - 96:35:c

Re: [PacketFence-users] Cisco WLC and sponsor guest reconnect issue

Hello Enrico, First, CoA Messages and Disconnect-Messages are different, see RFC5176 [1] but they use same port 3799. In some cases 1700. Based on this: *radiusRFC3576TransportThread: Sep 10 14:47:42.312: RFC3576 - Received IP Address : WLC_IP, Vlan ID: (received 0), management IP WLC_IP *r

Re: [PacketFence-users] Cisco WLC and sponsor guest reconnect issue

Hi Enrico, On 18/09/2019 15:32, Enrico Pasqualotto wrote: Hi Nicolas, I found the issue in my WLC version. Unfortunatelly mobility express controller with version < 8.7 have the CoA support broken (Cisco TAC verified). Good to know, thanks for your feedback. -- Nicolas Quiniou-Briand n...@inv

Re: [PacketFence-users] Cisco WLC and sponsor guest reconnect issue

Hi Nicolas, I found the issue in my WLC version. Unfortunatelly mobility express controller with version < 8.7 have the CoA support broken (Cisco TAC verified). Enrico On 18/09/19 15:27, Nicolas Quiniou-Briand via PacketFence-users wrote: Hello Enrico, First, CoA Messages and Disconnect-Messa

Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA)

Hello Levgen, can you provide the packetfence.log snippet when you register on the portal ? Regards Fabrice Le ven. 5 janv. 2024 à 08:18, Ievgen Lepekha via PacketFence-users < packetfence-users@lists.sourceforge.net> a écrit : > Hi, all, > > Need help. > > > > I was integrate PacketFence 13 w

Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA)

Hello, Yes, of course. File in attach Device’s mac: a8:64:f1:d7:fa:e6 From: Fabrice Durand Sent: Friday, January 5, 2024 5:34 PM To: packetfence-users@lists.sourceforge.net Cc: Ievgen Lepekha Subject: Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA) Hello Levgen, can you

Re: [PacketFence-users] Cisco WLC and guest reconnect issue (CoA)

Hi  Ievgen, Did you figure out this issue you reported in January?  It looks like I am also having the same issue. Sent from Mail for Windows  ___ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/

Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius

I think I see the issue now, but I don't know how to fix... Please help! Localhost test yields: Thu Oct 4 15:37:03 2012 : Auth: Login OK: [guest/password] (from client localhost port 12) Thu Oct 4 15:37:03 2012 : Info: rlm_perl: MAC address is empty or invalid in this request. It could be nor

Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius

Hi thomas, Try to run raduis as debug mode: ps -edf |grep radius kill -15 (the pid of radius) And launch radius with -X (copy and paste the line from ps -edf and add -X) You will see exactly what happen . Fabrice Thomas Tsai a écrit : >I think I see the issue now, but I don't know how to fix..

Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius

] Sent: Thursday, October 04, 2012 3:48 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius Hi thomas, Try to run raduis as debug mode: ps -edf |grep radius kill -15 (the pid of radius) And launch radius with -X (copy and paste

Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius

SCHAPv2 > >More poking to do. > >-Original Message- >From: Fabrice Durand [mailto:fdur...@inverse.ca] >Sent: Thursday, October 04, 2012 3:48 PM >To: packetfence-users@lists.sourceforge.net >Subject: Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRad

Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius

On 04/10/12 19:19, Thomas Tsai wrote: > Exec-Program output: Exec-Program: FAILED to execute /usr/bin/ntlm_auth: No > such file or directory > Exec-Program-Wait: plaintext: Exec-Program: FAILED to execute > /usr/bin/ntlm_auth: No such file or directory That should ring a bell, doesn't it? ;-) --

Re: [PacketFence-users] Cisco WLC 5508 wireless auth to PF FreeRadius

Ignore my problems with the 401 Auth. Issue between keyboard and chair. ** Email Disclaimer: This email, including attachments, may contain proprietary, confidential or privileged information. If you are not the intended recipient, please (i) do not u

Re: [PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Anyone who can help me about this problem? Luca Da: luca comes via PacketFence-users Inviato: giovedì 19 aprile 2018 11:37 A: packetfence-users@lists.sourceforge.net Cc: luca comes Oggetto: [PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Re: [PacketFence-users] Cisco WLC unable to reevaluate access on cluster

Hello Luca, did it worked before ? Can you see some specific messages in packetfence.log when PacketFence try to reevaluate the access ? Regards Fabrice Le 2018-04-26 à 02:52, luca comes via PacketFence-users a écrit : > > Anyone who can help me about this problem? > > > Luca > > > > ---

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Hello Nelson, i am not sure to understand what you really want to do. Let's say you have a registration network: VLAN 4 A production network for the staff and a production network for the guest (5). When a device is unreg then packetfence will return the vlan 5 and the device will hit the portal

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Fabrice, I am purely Web Auth via Cisco WLC. So, in that configuration, I dont believe there is any way to change VLANs - as Web Auth is purely controlling access via ACL's on the WLC. - now if i'm wrong on this, I need to be pointed in the right direction. So, I am trying to figure out how to ba

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Hi John, so you will have to go in the code because there is only one portal url per switch config. So let's do a hack: https://github.com/inverse-inc/packetfence/blob/devel/lib/pf/Switch/Cisco/WLC_http.pm#L161 my $portal_url; if ( $ssid eq "Staff") { $portal_url="10.4.0.3"; }elsif ( $ssid eq "G

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Fabrice, I tried to add what you provided to the code of WLC_http.pm, but once I do it, I get put into an endless redirect loop on both networks. I do see that each network is trying to redirect to the proper portal IP. I'm putting what I have in WLC_http.pm - i'm including some lines before and

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Hi Nelson, my bad: $portal_url="10.4.0.3"; => $portal_url='http://10.4.0.3'; $portal_url="10.5.0.3"; => $portal_url='http://10.5.0.3'; Regards Fabrice Le 2015-05-21 10:47, J Nelson a écrit : > Fabrice, > > I tried to add what you provided to the code of WLC_http.pm, but once > I do it, I get pu

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Closer, but not quite. So, my code now looks like: my $portal_url; if ( $ssid eq "Webreg-Production") { $portal_url='http://10.4.0.3'; }elsif ( $ssid eq "Augie-Guest") { $portal_url='http://10.5.0.3'; } else { $portal_url=$this->{'_portalURL'};

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

The function is like that ? : sub returnRadiusAccessAccept { my ($this, $vlan, $mac, $port, $connection_type, $user_name, $ssid, $wasInline, $user_role) = @_; my $logger = Log::Log4perl::get_logger( ref($this) ); my $radius_reply_ref = {}; my $role = $this->getRoleByName($user_ro

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

I'm running version 4.5.1 my subroutine looks like: sub returnRadiusAccessAccept { my ($this, $vlan, $mac, $port, $connection_type, $user_name, $ssid, $wasInline, $user_role) = @_; my $logger = Log::Log4perl::get_logger( ref($this) ); my $radius_reply_ref = {}; my $role = $this->

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Ok so the problem is elsewhere. Can you check with radius in debug mode is the vsa are correct ? radiusd -d /usr/local/pf/raddb/ -X And on the client side with Live HTTP Headers (firefox extension) what contain the redirection ? Regards Fabrice Le 2015-05-21 15:46, J Nelson a écrit : > I'm run

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Ok, so the headers looks something like this, it repeats forever when redirected: GET /cep0a5a10 HTTP/1.1 Host: 10.5.0.3 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:38.0) Gecko/20100101 Firefox/38.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Hello Justin, to have radius in debug mode let's kill radius before (pkill radiusd) and retry. Other stuff, can you check in httpd.portal.access to see if it's the portal that loop or the wlc. If it's the wlc then you probably have to check the debug/acl. Regards Fabrice Le 2015-05-22 11:29, J

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Fabrice, 1st of all: thanks for all the help. 2nd: my issue wound up being my WLC access list - i forgot to permit the guest network PF portal ip address ( 10.5.0.3) in my PreAuthACL. So, once I put that in, the loop on the guest side stopped, and its working like I had wanted. Testing so far

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Fabrice, well, I spoke too soon. Just as I was feeling pretty good about things - i discovered that apple IOS will not load the captive web portal page. It looks like the redirect is happening, just no love on the IOS side. I know OSX, Windows 7, and Droid are working, but not Apple IOS. I have

Re: [PacketFence-users] Cisco WLC HTTP authentication - multiple roles/subnets vs one portal

Here is what even more awesome - I just fired up my first PF test install. Same CentOS, same PF Version, same WLC Webauth, and it works for IOS. But, what is interesting, is that on my first, test PF install, after logging in at the captive portal, I got a server not found error, so you had me do:

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

Bump - can anyone offer any suggestions as to how to troubleshoot this particular problem? From: Thomas Tsai [mailto:tt...@canyonpartners.com] Sent: Thursday, October 04, 2012 7:11 PM To: 'packetfence-users@lists.sourceforge.net' Subject: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - In

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

Well this is a shared secret issue, so make sure they are right... sometimes there is a trailing character at the end. If you run in HA, make sure the VIP is listed in the AAA server list on your WLC. On 2012-10-05 2:52 PM, Thomas Tsai wrote: > Bump – can anyone offer any suggestions as to how

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

ssage- From: Francois Gaudreault [mailto:fgaudrea...@inverse.ca] Sent: Friday, October 05, 2012 12:19 PM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator Well this is a shared secret issue, so make

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

...@canyonpartners.com] Sent: Friday, October 05, 2012 3:39 PM To: 'packetfence-users@lists.sourceforge.net' Subject: Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator I'm a little lost - how can this be a radius shared secret issue if the W

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

sourceforge.net' Subject: Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator Thomas, Is your WLC set to use RFC 3576? I believe when that is not enabled that is the message that the WLC returns when you send the COA/DeAuth. David Bulanda Netw

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

th radtest 2.6. Will provide updates as they are avail. -Original Message- From: Thomas Tsai Sent: Friday, October 05, 2012 4:14 PM To: 'packetfence-users@lists.sourceforge.net' Subject: RE: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message aut

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

network.) But the authenticator is incorrect. Any suggestions? This is a very odd behavior. -Original Message- From: Thomas Tsai Sent: Friday, October 05, 2012 4:53 PM To: 'packetfence-users@lists.sourceforge.net' Subject: RE: [PacketFence-users] Cisco WLC 5508 DeAuth / COA i

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

600.6651 (c) > > > *From*: Thomas Tsai [mailto:tt...@canyonpartners.com] > *Sent*: Friday, October 19, 2012 11:04 AM > *To*: 'packetfence-users@lists.sourceforge.net' > > *Subject*: Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - > Invalid RADIU

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

From: Francois Gaudreault [mailto:fgaudrea...@inverse.ca] Sent: Monday, October 22, 2012 11:19 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator I still continue to believe a wrong shared secret. Do y

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

> Also, if it's a wrong shared secret, the initial authentication request > via WLC (not deauth), would fail as well. But it does not. > > Am I incorrect in thinking this? Possibly. The authentication request goes from WLC to PacketFence. The CoA goes from PacketFence to WLC. I don't have a WL

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

On 2012-10-22 2:27 PM, Thomas Tsai wrote: > *radiusRFC3576TransportThread: Oct 19 11:02:14.140: Request >>Authenticator(recv'd) - >>*31:42:70:62:b8:0e:0e:ea:a3:ef:01:1e:fa:c5:58:5a* >> >>*radiusRFC3576TransportThread: Oct 19 11:02:14.140: Request >>Authenticator(calc'd) - >>*8e:5f:11:72:7e:f4:28:bf

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

onday, October 22, 2012 11:19 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator I still continue to believe a wrong shared secret. Do you have special chars in your secret? On 2012-10-22 11:49 AM, T

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

onday, October 22, 2012 11:47 AM To: 'packetfence-users@lists.sourceforge.net' Subject: Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator Francois, FWIW, I read other freeradius forums regarding 64bit platforms (Which I'm using) where so

Re: [PacketFence-users] Cisco WLC 5508 DeAuth / COA issue - Invalid RADIUS message authenticator

Actually I did not put radiusSecret in switches.conf. Let me try that now. -Original Message- From: Francois Gaudreault [mailto:fgaudrea...@inverse.ca] Sent: Monday, October 22, 2012 11:39 AM To: packetfence-users@lists.sourceforge.net Subject: Re: [PacketFence-users] Cisco WLC 5508

  1   2   >