[prev in list] [next in list] [prev in thread] [next in thread]
List: packetfence-users
Subject: Re: [PacketFence-users] Message says that "Your network should be enabled within a minute or two. If
From: Woo Seok Choi via PacketFence-users <packetfence-users () lists ! sourceforge ! net>
Date: 2019-11-03 23:44:55
Message-ID: SG2PR06MB354661772E6DB9EE9F8F3F9AF17C0 () SG2PR06MB3546 ! apcprd06 ! prod ! outlook ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
[Attachment #4 (text/plain)]
Hi Martin,
Thanks for the email, but I don't quite understand the below:
--------------------
Then you need to add an other rule for role derivation to match the role PF sends \
with the IAP role inspite of been both role the same. IAP differs from Controllers \
where the first one need explicit rules to assing roles and the second one needs rule \
to inhibit the one that a radius sends.
--------------------
Are you trying to say that a new role which is the same as the role test-guest-1 is \
required on the VC? Anyway, if you don't mind, could you please share your \
configurations on IAP and PacketFence, then I can compare it with mine.
Again, I am testing it with Null Source, so I believe it should not be hard like \
this.
Cheers.
Woo Seok Choi
Network Engineer
D: +61 292536532
[cid:image001.png@01D592FC.E0AB1520]<http://www.gbst.com/> \
[cid:image002.png@01D592FC.E0AB1520] <https://www.linkedin.com/company/gbst> \
[cid:image003.png@01D592FC.E0AB1520] <https://twitter.com/gbstholdings>
From: Martin Rodriguez \
<martinoscarrodriguez@gmail.com<mailto:martinoscarrodriguez@gmail.com>>
Sent: Thursday, 24 October 2019 11:02 PM
To: Woo Seok Choi <Wooseok.Choi@gbst.com<mailto:Wooseok.Choi@gbst.com>>
Subject: Re: [PacketFence-users] Message says that "Your network should be enabled \
within a minute or two. If it is not reboot your computer"
Hi. I am using IAP without problems. I am configuring the switch as Aruba and not \
Aruba::Instant_Access. Then you need to add an other rule for role derivation to \
match the role PF sends with the IAP role inspite of been both role the same. IAP \
differs from Controllers where the first one need explicit rules to assing roles and \
the second one needs rule to inhibit the one that a radius sends. About the security \
event in PF, i really do not know. But I have a similar one when the time zone in the \
server mismatch the TZ configure in PF. So I configured PF to use server TZ and \
reboot PZ services. MAC auth is important to PF to match the user with a location \
(with a switch). Otherwise you need to configure Aruba.pm (./bin/Switchs/Aruba.pm) to \
get the device location from the URL reading the VC IP. Regards
El mié., 23 oct. 2019 a las 21:21, Woo Seok Choi \
(<Wooseok.Choi@gbst.com<mailto:Wooseok.Choi@gbst.com>>) escribió: Hi Martin,
Thanks for the email again.
Anyway, most of configurations on the IAP had been configured as you mentioned \
before, but here are some comments:
--------------------
1) configure Virtual controller IP and enable Radius proxy (under system \
configuration). In PF configure a switch with the VC IP.
- Subnet of the Virtual Controller (VC) had been configured before in PacketFence, so \
added the VC IP address as a switch in the PF and tested it again, but it's still the \
same. [cid:image004.png@01D592FC.E0AB1520]
[cid:image006.png@01D592FC.E0AB1520]
2) enable MAC authentication and captive portal profile in the WLAN security tab.
- MAC authentication was disabled before because Captive Portal signup page did not \
pop-up automatically once it's connected while MAC Auth is enabled. Anyway, I have \
enabled it and tested it again, but it's still the same. \
[cid:image008.png@01D592FC.E0AB1520]
3) configure the derivation roles you need: the one PF will return to IAP after user \
authentication.
-Yes, the role had been set correctly to allow internet access only on the IAP.
[cid:image010.png@01D592FC.E0AB1520]
4) enable pre auth role with a role that allows http and https to your PF IP or FQDN.
-Yes, it had been set as the below:
[cid:image012.png@01D592FC.E0AB1520]
[cid:image014.png@01D592FC.E0AB1520]
Anyway, I am wondering whether the below security_event 1300003 force-closed log is \
related to the current connecton issue or not:
-------------
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19379) INFO: \
[mac:ac:b5:7d:9e:57:6c] Using sources null for matching \
(pf::authentication::match)
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19378) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] No provisioner found for ac:b5:7d:9e:57:6c. Continuing. \
(captiveportal::PacketFence::DynamicRouting::Module::Provisioning::execute_child)
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] security_event 1300003 force-closed for ac:b5:7d:9e:57:6c \
(pf::security_event::security_event_force_close)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19380) WARN: \
[mac:ac:b5:7d:9e:57:6c] Use of uninitialized value in concatenation (.) or string at \
/usr/local/pf/lib/captiveportal/PacketFence/DynamicRouting/Module/Root.pm line 89. \
(captiveportal::PacketFence::DynamicRouting::Module::Root::release)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19379) WARN: \
[mac:unknown] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19379) WARN: \
[mac:ac:b5:7d:9e:57:6c] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19379) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19379) WARN: \
[mac:ac:b5:7d:9e:57:6c] locale from the URL is not supported \
(captiveportal::PacketFence::Controller::Root::getLanguages)
-------------
Thanks in advance.
Woo Seok Choi
Network Engineer
D: +61 292536532
[cid:image001.png@01D592FC.E0AB1520]<https://aus01.safelinks.protection.outlook.com/?u \
rl=http%3A%2F%2Fwww.gbst.com%2F&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14 \
b72b60708d75879ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348565335&sdata=ZhaTXkGDLiUMGsbBvo7ZddECuOlzp6iVC88oUSr1WRs%3D&reserved=0> \
[cid:image002.png@01D592FC.E0AB1520] \
<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2F \
company%2Fgbst&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879ff \
75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348575329&sdata=LfMHuFDfaAm6v5MWsA8zkQ3fJ%2B%2BgLFWPVziwopB2Dgs%3D&reserved=0> \
[cid:image003.png@01D592FC.E0AB1520] \
<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fgbsth \
oldings&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879ff75%7C1c \
2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348575329&sdata=M%2BoVfiWKonkF3YhRRxWhI1DQ4dCBCbYsSylyqeC9qfM%3D&reserved=0>
From: Martin Rodriguez \
<martinoscarrodriguez@gmail.com<mailto:martinoscarrodriguez@gmail.com>>
Sent: Thursday, 24 October 2019 4:17 AM
To: Woo Seok Choi <Wooseok.Choi@gbst.com<mailto:Wooseok.Choi@gbst.com>>
Cc: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
Subject: Re: [PacketFence-users] Message says that "Your network should be enabled \
within a minute or two. If it is not reboot your computer"
Hi. I assumed you configure PF in the right way. Then for your IAP you need (your \
config files has many wlans so check the following in the one that you are using): 1) \
configure Virtual controller IP and enable Radius proxy (under system configuration). \
In PF configure a switch with the VC IP. 2) enable MAC authentication and captive \
portal profile in the WLAN security tab. 3) configure the derivation roles you need: \
the one PF will return to IAP after user authentication. 4) enable pre auth role with \
a role that allows http and https to your PF IP or FQDN. Regards
El mar., 22 oct. 2019 a las 19:11, Woo Seok Choi \
(<Wooseok.Choi@gbst.com<mailto:Wooseok.Choi@gbst.com>>) escribió: Hi Martin,
Thanks for the email. I've attached the file as you requested.
Cheers.
Woo Seok Choi
Network Engineer
D: +61 292536532
[cid:image001.png@01D592FC.E0AB1520]<https://aus01.safelinks.protection.outlook.com/?u \
rl=http%3A%2F%2Fwww.gbst.com%2F&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14 \
b72b60708d75879ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348585321&sdata=28TXmjVeGpm7JVQ5ZHiK6z5gISNsR%2BYguwhDAq7kZA4%3D&reserved=0> \
[cid:image002.png@01D592FC.E0AB1520] \
<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2F \
company%2Fgbst&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879ff \
75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348585321&sdata=bW93KIRPdjDn7bXT8Pvw8Aq10ms4RPNtgjsXhpuFW5w%3D&reserved=0> \
[cid:image003.png@01D592FC.E0AB1520] \
<https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Fgbsth \
oldings&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879ff75%7C1c \
2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348595317&sdata=HSTP%2BMlG1LQeq45eww0DOkOhPIRiXuB98PjOJeRCiNY%3D&reserved=0>
From: Martin Rodriguez \
<martinoscarrodriguez@gmail.com<mailto:martinoscarrodriguez@gmail.com>>
Sent: Tuesday, 22 October 2019 6:48 PM
To: packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>
Cc: Woo Seok Choi <Wooseok.Choi@gbst.com<mailto:Wooseok.Choi@gbst.com>>
Subject: Re: [PacketFence-users] Message says that "Your network should be enabled \
within a minute or two. If it is not reboot your computer"
Hi. Can you share the IAP config for the wlan network? I believe MAC auth is meassing \
and derivation roles too. Regards
El lun., 21 de oct. de 2019 08:14, Woo Seok Choi via PacketFence-users \
<packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> \
escribió: Hi,
I try to set up a PacketFence with Aruba IAP for guest wireless, but I get the \
Message says that "Your network should be enabled within a minute or two. If it is \
not reboot your computer" even though I can see the MAC & IP address on the page.
Anyway, I use Null Source for test. Here is the log from packetfence.log:
------------
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match_rule)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match_rule)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)
Oct 14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] No provisioner found for ac:b5:7d:xx:xx:xx. Continuing. \
(captiveportal::PacketFence::DynamicRouting::Module::Provisioning::execute_child)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] security_event 1300003 force-closed for ac:b5:7d:xx:xx:xx \
(pf::security_event::security_event_force_close)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Use of uninitialized value in concatenation (.) or string at \
/usr/local/pf/lib/captiveportal/PacketFence/DynamicRouting/Module/Root.pm line 89. \
(captiveportal::PacketFence::DynamicRouting::Module::Root::release)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:unknown] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] locale from the URL is not supported \
(captiveportal::PacketFence::Controller::Root::getLanguages)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Releasing device \
(captiveportal::PacketFence::DynamicRouting::Module::Root::release)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] re-evaluating access (manage_register called) \
(pf::enforcement::reevaluate_access)
Oct 14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Can't re-evaluate access because no open locationlog entry \
was found (pf::enforcement::reevaluate_access)
Oct 14 12:47:26 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)
Oct 14 12:47:26 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)
Oct 14 12:47:26 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Reevaluating access of device. \
(captiveportal::PacketFence::DynamicRouting::Module::Root::unknown_state)
Oct 14 12:47:26 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] re-evaluating access (manage_register called) \
(pf::enforcement::reevaluate_access)
Oct 14 12:47:26 packetfence packetfence_httpd.portal: httpd.portal(51577) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Can't re-evaluate access because no open locationlog entry \
was found (pf::enforcement::reevaluate_access)
Oct 14 12:50:09 packetfence pfipset[2046]: t=2019-10-14T12:50:09+1000 lvl=info \
msg="No Inline Network bypass ipsets reload" pid=2046
Oct 14 12:55:09 packetfence pfipset[2046]: t=2019-10-14T12:55:09+1000 lvl=info \
msg="No Inline Network bypass ipsets reload" pid=2046
Oct 14 13:00:09 packetfence pfipset[2046]: t=2019-10-14T13:00:09+1000 lvl=info \
msg="No Inline Network bypass ipsets reload" pid=2046
------------
Please let me know if you need more info.
Thanks.
Best Regards,
Woo Seok Choi
The information transmitted is intended only for the person or entity to which it is \
addressed and may contain confidential and / or privileged material that may be \
governed by confidential information provisions contained in the agreement between \
GBST and your company. Any disclosure, copying, distribution, or other use without \
the express consent of the sender is prohibited. If you received this in error, \
please contact the sender and delete the material from any computer. All rights in \
the information transmitted, including copyright, are reserved. Nothing in this \
message should be interpreted as a digital signature that can be used to authenticate \
a document. No warranty is given by the sender that any attachments to this email are \
free from viruses or other defects. _______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://aus01.safelink \
s.protection.outlook.com/?url=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2 \
Fpacketfence-users&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d758 \
79ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348595317&sdata=t0Y%2BgpJ3LBeNzNon5j1eBUPuNfenUlK4K928FBxE8G4%3D&reserved=0>
The information transmitted is intended only for the person or entity to which it is \
addressed and may contain confidential and / or privileged material that may be \
governed by confidential information provisions contained in the agreement between \
GBST and your company. Any disclosure, copying, distribution, or other use without \
the express consent of the sender is prohibited. If you received this in error, \
please contact the sender and delete the material from any computer. All rights in \
the information transmitted, including copyright, are reserved. Nothing in this \
message should be interpreted as a digital signature that can be used to authenticate \
a document. No warranty is given by the sender that any attachments to this email are \
free from viruses or other defects.
The information transmitted is intended only for the person or entity to which it is \
addressed and may contain confidential and / or privileged material that may be \
governed by confidential information provisions contained in the agreement between \
GBST and your company. Any disclosure, copying, distribution, or other use without \
the express consent of the sender is prohibited. If you received this in error, \
please contact the sender and delete the material from any computer. All rights in \
the information transmitted, including copyright, are reserved. Nothing in this \
message should be interpreted as a digital signature that can be used to authenticate \
a document. No warranty is given by the sender that any attachments to this email are \
free from viruses or other defects.
The information transmitted is intended only for the person or entity to which it is \
addressed and may contain confidential and / or privileged material that may be \
governed by confidential information provisions contained in the agreement between \
GBST and your company. Any disclosure, copying, distribution, or other use without \
the express consent of the sender is prohibited. If you received this in error, \
please contact the sender and delete the material from any computer. All rights in \
the information transmitted, including copyright, are reserved. Nothing in this \
message should be interpreted as a digital signature that can be used to authenticate \
a document. No warranty is given by the sender that any attachments to this email are \
free from viruses or other defects.
[Attachment #5 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Malgun Gothic";
panose-1:2 11 5 3 2 0 0 2 0 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
@font-face
{font-family:Cambria;
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"\@Malgun Gothic";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-AU" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Hi Martin,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks for the email, but I don't quite understand the \
below:<o:p></o:p></p> <p class="MsoNormal">--------------------<o:p></o:p></p>
<p class="MsoNormal">Then you need to add an other rule for role derivation to match \
the role PF sends with the IAP role inspite of been both role the same. IAP differs \
from Controllers where the first one need explicit rules to assing roles and the \
second one needs rule to inhibit the one that a radius sends. <o:p></o:p></p>
<p class="MsoNormal">--------------------<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Are you trying to say that a new role which is the same as the \
role <span style="color:red">test-guest-1 </span>is required on the VC? Anyway, if \
you don't mind, could you please share your configurations on IAP and PacketFence, \
then I can compare it with mine.<o:p></o:p></p> <p \
class="MsoNormal"><o:p> </o:p></p> <p class="MsoNormal">Again, I am testing it \
with Null Source, so I believe it should not be hard like this.<o:p></o:p></p> <p \
class="MsoNormal"><o:p> </o:p></p> <p class="MsoNormal">Cheers.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734">Woo Seok Choi<o:p></o:p></span></b></p> <p \
class="MsoNormal"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734">Network Engineer<o:p></o:p></span></p> <p \
class="MsoNormal"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734">D: +61 292536532 \
<o:p></o:p></span></p> <p class="MsoNormal"><a href="http://www.gbst.com/" \
target="_blank"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="200" \
height="45" style="width:2.0833in;height:.4666in" id="Picture_x0020_1" \
src="cid:image001.png@01D592FC.E0AB1520"></span></a><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><a \
href="https://www.linkedin.com/company/gbst" target="_blank"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="35" \
height="45" style="width:.3666in;height:.4666in" id="Picture_x0020_2" \
src="cid:image002.png@01D592FC.E0AB1520"></span></a><a \
href="https://twitter.com/gbstholdings" target="_blank"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="35" \
height="45" style="width:.3666in;height:.4666in" id="Picture_x0020_3" \
src="cid:image003.png@01D592FC.E0AB1520"></span></a><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"><o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"><o:p> </o:p></span></p> <p \
class="MsoNormal"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"><o:p> </o:p></span></p> <p \
class="MsoNormal"><o:p> </o:p></p> <p class="MsoNormal"><b><span \
lang="EN-US">From:</span></b><span lang="EN-US"> Martin Rodriguez <<a \
href="mailto:martinoscarrodriguez@gmail.com">martinoscarrodriguez@gmail.com</a>> \
<br> <b>Sent:</b> Thursday, 24 October 2019 11:02 PM<br>
<b>To:</b> Woo Seok Choi <<a \
href="mailto:Wooseok.Choi@gbst.com">Wooseok.Choi@gbst.com</a>><br> <b>Subject:</b> \
Re: [PacketFence-users] Message says that "Your network should be enabled within \
a minute or two. If it is not reboot your computer"<o:p></o:p></span></p> <p \
class="MsoNormal"><o:p> </o:p></p> <div>
<div>
<p class="MsoNormal">Hi. I am using IAP without problems. I am configuring the switch \
as Aruba and not Aruba::Instant_Access. Then you need to add an other rule for role \
derivation to match the role PF sends with the IAP role inspite of been both role the \
same. IAP differs from Controllers where the first one need explicit rules to assing \
roles and the second one needs rule to inhibit the one that a radius sends. \
<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">About the security event in PF, i really do not know. But I have \
a similar one when the time zone in the server mismatch the TZ configure in PF. So I \
configured PF to use server TZ and reboot PZ services. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">MAC auth is important to PF to match the user with a location \
(with a switch). Otherwise you need to configure Aruba.pm (./bin/Switchs/Aruba.pm) to \
get the device location from the URL reading the VC IP.<o:p></o:p></p> </div>
<div>
<p class="MsoNormal">Regards<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">El mié., 23 oct. 2019 a las 21:21, Woo Seok Choi (<<a \
href="mailto:Wooseok.Choi@gbst.com">Wooseok.Choi@gbst.com</a>>) \
escribió:<o:p></o:p></p> </div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm \
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt"> <div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi \
Martin,<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thanks \
for the email again.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Anyway, \
most of configurations on the IAP had been configured as you mentioned before, but \
here are some comments:<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">--------------------<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">1) \
configure Virtual controller IP and enable Radius proxy (under system configuration). \
In PF configure a switch with the VC IP.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="color:red">- \
Subnet of the Virtual Controller (VC) had been configured before in PacketFence, so \
added the VC IP address as a switch in the PF and tested it again, but it's still \
the same.</span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red"><img border="0" width="402" height="35" \
style="width:4.1916in;height:.3666in" id="gmail-m_8158878552815078697Picture_x0020_8" \
src="cid:image004.png@01D592FC.E0AB1520"></span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red"><img border="0" width="1322" height="106" \
style="width:13.7666in;height:1.1in" id="gmail-m_8158878552815078697Picture_x0020_9" \
src="cid:image006.png@01D592FC.E0AB1520"></span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">2) enable MAC \
authentication and captive portal profile in the WLAN security tab.<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red">- MAC authentication was disabled before because Captive Portal \
signup page did not pop-up automatically once it's connected while MAC Auth is \
enabled. Anyway, I have enabled it and tested it again, but it's still the \
same.</span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><img border="0" \
width="662" height="412" style="width:6.9in;height:4.2916in" \
id="gmail-m_8158878552815078697Picture_x0020_7" \
src="cid:image008.png@01D592FC.E0AB1520"><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">3) \
configure the derivation roles you need: the one PF will return to IAP after user \
authentication.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red">-Yes, the role had been set correctly to allow internet access only \
on the IAP.</span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><img border="0" \
width="442" height="244" style="width:4.6083in;height:2.5416in" \
id="gmail-m_8158878552815078697Picture_x0020_10" \
src="cid:image010.png@01D592FC.E0AB1520"><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">4) \
enable pre auth role with a role that allows http and https to your PF IP or \
FQDN. <o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red">-Yes, it had been set as the below</span>:<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><img \
border="0" width="454" height="157" style="width:4.725in;height:1.6333in" \
id="gmail-m_8158878552815078697Picture_x0020_11" \
src="cid:image012.png@01D592FC.E0AB1520"><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><img \
border="0" width="836" height="474" style="width:8.7083in;height:4.9416in" \
id="gmail-m_8158878552815078697Picture_x0020_12" \
src="cid:image014.png@01D592FC.E0AB1520"><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span></b><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Anyway, \
<span style="color:red">I am wondering whether the below security_event 1300003 \
force-closed log is related to the current connecton issue or \
not:</span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">-------------<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19379) INFO: \
[mac:ac:b5:7d:9e:57:6c] Using sources null for matching \
(pf::authentication::match)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:51 \
packetfence packetfence_httpd.portal: httpd.portal(19378) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:51 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:51 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:51 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] No provisioner found for ac:b5:7d:9e:57:6c. Continuing. \
(captiveportal::PacketFence::DynamicRouting::Module::Provisioning::execute_child)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
24 08:36:51 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:51 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:51 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:52 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:52 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:52 \
packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="color:red">Oct 24 08:36:52 packetfence packetfence_httpd.portal: \
httpd.portal(19380) INFO: [mac:ac:b5:7d:9e:57:6c] security_event 1300003 force-closed \
for ac:b5:7d:9e:57:6c \
(pf::security_event::security_event_force_close)</span><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 \
08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19380) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:52 \
packetfence packetfence_httpd.portal: httpd.portal(19380) WARN: \
[mac:ac:b5:7d:9e:57:6c] Use of uninitialized value in concatenation (.) or string at \
/usr/local/pf/lib/captiveportal/PacketFence/DynamicRouting/Module/Root.pm line \
89.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">(captiveportal::PacketFence::DynamicRouting::Module::Root::release)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
24 08:36:52 packetfence packetfence_httpd.portal: httpd.portal(19379) WARN: \
[mac:unknown] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:52 \
packetfence packetfence_httpd.portal: httpd.portal(19379) WARN: \
[mac:ac:b5:7d:9e:57:6c] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:52 \
packetfence packetfence_httpd.portal: httpd.portal(19379) INFO: \
[mac:ac:b5:7d:9e:57:6c] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 24 08:36:52 \
packetfence packetfence_httpd.portal: httpd.portal(19379) WARN: \
[mac:ac:b5:7d:9e:57:6c] locale from the URL is not supported \
(captiveportal::PacketFence::Controller::Root::getLanguages)<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">-------------<o:p></o:p></p>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thanks \
in advance.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span></b><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:#032734">Woo \
Seok Choi</span></b><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734">Network Engineer</span><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:#032734">D: \
+61 292536532 </span><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><a \
href="https://aus01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.gbst.com%2F \
&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879ff75%7C1c2da \
354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348565335&sdata=ZhaTXkGDLiUMGsbBvo7ZddECuOlzp6iVC88oUSr1WRs%3D&reserved=0" \
target="_blank"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="200" \
height="45" style="width:2.0833in;height:.4666in" \
id="gmail-m_8158878552815078697Picture_x0020_4" \
src="cid:image001.png@01D592FC.E0AB1520"></span></a><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><a \
href="https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.c \
om%2Fcompany%2Fgbst&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b6070 \
8d75879ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348575329&sdata=LfMHuFDfaAm6v5MWsA8zkQ3fJ%2B%2BgLFWPVziwopB2Dgs%3D&reserved=0" \
target="_blank"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="35" \
height="45" style="width:.3666in;height:.4666in" \
id="gmail-m_8158878552815078697Picture_x0020_5" \
src="cid:image002.png@01D592FC.E0AB1520"></span></a><a \
href="https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2F \
gbstholdings&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879 \
ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348575329&sdata=M%2BoVfiWKonkF3YhRRxWhI1DQ4dCBCbYsSylyqeC9qfM%3D&reserved=0" \
target="_blank"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="35" \
height="45" style="width:.3666in;height:.4666in" \
id="gmail-m_8158878552815078697Picture_x0020_6" \
src="cid:image003.png@01D592FC.E0AB1520"></span></a><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
lang="EN-US">From:</span></b><span lang="EN-US"> Martin Rodriguez <<a \
href="mailto:martinoscarrodriguez@gmail.com" \
target="_blank">martinoscarrodriguez@gmail.com</a>> <br>
<b>Sent:</b> Thursday, 24 October 2019 4:17 AM<br>
<b>To:</b> Woo Seok Choi <<a href="mailto:Wooseok.Choi@gbst.com" \
target="_blank">Wooseok.Choi@gbst.com</a>><br> <b>Cc:</b> <a \
href="mailto:packetfence-users@lists.sourceforge.net" target="_blank"> \
packetfence-users@lists.sourceforge.net</a><br> <b>Subject:</b> Re: \
[PacketFence-users] Message says that "Your network should be enabled within a \
minute or two. If it is not reboot your computer"</span><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi. I \
assumed you configure PF in the right way. Then for your IAP you need (your config \
files has many wlans so check the following in the one that you are \
using):<o:p></o:p></p> </div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">1) \
configure Virtual controller IP and enable Radius proxy (under system configuration). \
In PF configure a switch with the VC IP.<o:p></o:p></p> </div>
<div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">2) \
enable MAC authentication and captive portal profile in the WLAN security \
tab.<o:p></o:p></p> </div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">3) \
configure the derivation roles you need: the one PF will return to IAP after user \
authentication.<o:p></o:p></p> </div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">4) \
enable pre auth role with a role that allows http and https to your PF IP or \
FQDN. <o:p></o:p></p> </div>
<div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Regards<o:p></o:p></p> \
</div> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
</div>
</div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> \
<div> <div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">El \
mar., 22 oct. 2019 a las 19:11, Woo Seok Choi (<<a \
href="mailto:Wooseok.Choi@gbst.com" target="_blank">Wooseok.Choi@gbst.com</a>>) \
escribió:<o:p></o:p></p> </div>
<blockquote style="border:none;border-left:solid windowtext 1.0pt;padding:0cm 0cm 0cm \
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt;border-color:currentcolor \
currentcolor currentcolor rgb(204,204,204)"> <div>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi \
Martin,<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thanks \
for the email. I've attached the file as you requested.<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Cheers.<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:#032734">Woo \
Seok Choi</span></b><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734">Network Engineer</span><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:#032734">D: \
+61 292536532 </span><o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><a \
href="https://aus01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.gbst.com%2F \
&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879ff75%7C1c2da \
354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348585321&sdata=28TXmjVeGpm7JVQ5ZHiK6z5gISNsR%2BYguwhDAq7kZA4%3D&reserved=0" \
target="_blank"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="200" \
height="45" style="width:2.0833in;height:.4666in" \
id="gmail-m_8158878552815078697gmail-m_-7607417287706494104Picture_x0020_1" \
src="cid:image001.png@01D592FC.E0AB1520"></span></a><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><a \
href="https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.c \
om%2Fcompany%2Fgbst&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b6070 \
8d75879ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348585321&sdata=bW93KIRPdjDn7bXT8Pvw8Aq10ms4RPNtgjsXhpuFW5w%3D&reserved=0" \
target="_blank"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="35" \
height="45" style="width:.3666in;height:.4666in" \
id="gmail-m_8158878552815078697gmail-m_-7607417287706494104Picture_x0020_2" \
src="cid:image002.png@01D592FC.E0AB1520"></span></a><a \
href="https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2F \
gbstholdings&data=02%7C01%7CWooseok.Choi%40gbst.com%7Cf8714537aec14b72b60708d75879 \
ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C637075153348595317&sdata=HSTP%2BMlG1LQeq45eww0DOkOhPIRiXuB98PjOJeRCiNY%3D&reserved=0" \
target="_blank"><span style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734;text-decoration:none"><img border="0" width="35" \
height="45" style="width:.3666in;height:.4666in" \
id="gmail-m_8158878552815078697gmail-m_-7607417287706494104Picture_x0020_3" \
src="cid:image003.png@01D592FC.E0AB1520"></span></a><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
lang="EN-US">From:</span></b><span lang="EN-US"> Martin Rodriguez <<a \
href="mailto:martinoscarrodriguez@gmail.com" \
target="_blank">martinoscarrodriguez@gmail.com</a>> <br>
<b>Sent:</b> Tuesday, 22 October 2019 6:48 PM<br>
<b>To:</b> <a href="mailto:packetfence-users@lists.sourceforge.net" target="_blank">
packetfence-users@lists.sourceforge.net</a><br>
<b>Cc:</b> Woo Seok Choi <<a href="mailto:Wooseok.Choi@gbst.com" \
target="_blank">Wooseok.Choi@gbst.com</a>><br> <b>Subject:</b> Re: \
[PacketFence-users] Message says that "Your network should be enabled within a \
minute or two. If it is not reboot your computer"</span><o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi. \
Can you share the IAP config for the wlan network? I believe MAC auth is meassing and \
derivation roles too. <o:p></o:p></p> <div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Regards<o:p></o:p></p> \
</div> </div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> \
<div> <div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">El \
lun., 21 de oct. de 2019 08:14, Woo Seok Choi via PacketFence-users <<a \
href="mailto:packetfence-users@lists.sourceforge.net" \
target="_blank">packetfence-users@lists.sourceforge.net</a>> \
escribió:<o:p></o:p></p> </div>
<blockquote style="border:none;border-left:solid windowtext 1.0pt;padding:0cm 0cm 0cm \
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0cm;margin-bottom:5.0pt;border-color:currentcolor \
currentcolor currentcolor rgb(204,204,204)"> <div>
<div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Hi,<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">I \
try to set up a PacketFence with Aruba IAP for guest wireless, but I get the Message \
says that "Your network should be enabled within a minute or two. If it is not \
reboot your computer" even though I can see the MAC & IP address on the \
page.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Anyway, \
I use Null Source for test. Here is the log from packetfence.log:<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">------------<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match_rule)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match_rule)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Matched rule (catchall) in source null, returning actions. \
(pf::Authentication::Source::match)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(52273) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Calling match with empty/invalid rule class. Defaulting to \
'authentication' (pf::authentication::match)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:15 packetfence packetfence_httpd.portal: httpd.portal(52273) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Using sources null for matching \
(pf::authentication::match)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:15 \
packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] No provisioner found for ac:b5:7d:xx:xx:xx. Continuing. \
(captiveportal::PacketFence::DynamicRouting::Module::Provisioning::execute_child)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] security_event 1300003 force-closed for ac:b5:7d:xx:xx:xx \
(pf::security_event::security_event_force_close)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(51577) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Use of uninitialized value in concatenation (.) or string at \
/usr/local/pf/lib/captiveportal/PacketFence/DynamicRouting/Module/Root.pm line \
89.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">(captiveportal::PacketFence::DynamicRouting::Module::Root::release)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:unknown] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] locale from the URL is not supported \
(captiveportal::PacketFence::Controller::Root::getLanguages)<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 \
12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Releasing device \
(captiveportal::PacketFence::DynamicRouting::Module::Root::release)<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 \
12:47:16 packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] locale from the URL is not supported \
(pf::Portal::Session::getLanguages)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(53669) INFO: \
[mac:ac:b5:7d:xx:xx:xx] re-evaluating access (manage_register called) \
(pf::enforcement::reevaluate_access)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:16 \
packetfence packetfence_httpd.portal: httpd.portal(53669) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Can't re-evaluate access because no open locationlog entry \
was found (pf::enforcement::reevaluate_access)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:26 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Instantiate profile default \
(pf::Connection::ProfileFactory::_from_profile)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:26 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] User default has authenticated on the portal. \
(Class::MOP::Class:::after)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:26 \
packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] Reevaluating access of device. \
(captiveportal::PacketFence::DynamicRouting::Module::Root::unknown_state)<o:p></o:p></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct \
14 12:47:26 packetfence packetfence_httpd.portal: httpd.portal(51577) INFO: \
[mac:ac:b5:7d:xx:xx:xx] re-evaluating access (manage_register called) \
(pf::enforcement::reevaluate_access)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:47:26 \
packetfence packetfence_httpd.portal: httpd.portal(51577) WARN: \
[mac:ac:b5:7d:xx:xx:xx] Can't re-evaluate access because no open locationlog entry \
was found (pf::enforcement::reevaluate_access)<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 12:50:09 \
packetfence pfipset[2046]: t=2019-10-14T12:50:09+1000 lvl=info msg="No \
Inline Network bypass ipsets reload" pid=2046<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 \
12:55:09 packetfence pfipset[2046]: t=2019-10-14T12:55:09+1000 lvl=info \
msg="No Inline Network bypass ipsets reload" pid=2046<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Oct 14 \
13:00:09 packetfence pfipset[2046]: t=2019-10-14T13:00:09+1000 lvl=info \
msg="No Inline Network bypass ipsets reload" pid=2046<o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">------------<o:p></o:p></p>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Please \
let me know if you need more info.<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Thanks.<o:p></o:p></p>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> <p \
class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">Best \
Regards,<o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:#032734">Woo \
Seok Choi</span></b><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span \
style="font-size:9.0pt;font-family:"Segoe \
UI",sans-serif;color:#032734"> </span><o:p></o:p></p> <p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"> <o:p></o:p></p> \
</div> <p style="line-height:9.0pt"><span \
style="font-size:8.0pt;font-family:"Cambria",serif">The information \
transmitted is intended only for the person or entity to which it is addressed and \
may contain confidential and / or privileged material that may be governed by \
confidential information provisions contained in the agreement between GBST and your \
company. Any disclosure, copying, distribution, or other use without the express \
consent of the sender is prohibited. If you received this in error, please contact \
the sender and delete the material from any computer. All rights in the information \
transmitted, including copyright, are reserved. Nothing in this message should be \
interpreted as a digital signature that can be used to authenticate a document. No \
warranty is given by the sender that any attachments to this email are free from \
viruses or other defects. </span><o:p></o:p></p>
</div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto">_______________________________________________<br>
PacketFence-users mailing list<br>
<a href="mailto:PacketFence-users@lists.sourceforge.net" \
target="_blank">PacketFence-users@lists.sourceforge.net</a><br> <a \
href="https://aus01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.sourcefo \
rge.net%2Flists%2Flistinfo%2Fpacketfence-users&data=02%7C01%7CWooseok.Choi%40gbst. \
com%7Cf8714537aec14b72b60708d75879ff75%7C1c2da354196b481891e4f760cbaac9e4%7C0%7C0%7C63 \
7075153348595317&sdata=t0Y%2BgpJ3LBeNzNon5j1eBUPuNfenUlK4K928FBxE8G4%3D&reserved=0" \
target="_blank">https://lists.sourceforge.net/lists/listinfo/packetfence-users</a><o:p></o:p></p>
</blockquote>
</div>
</div>
<p style="line-height:9.0pt"><span \
style="font-size:8.0pt;font-family:"Cambria",serif">The information \
transmitted is intended only for the person or entity to which it is addressed and \
may contain confidential and / or privileged material that may be governed by \
confidential information provisions contained in the agreement between GBST and your \
company. Any disclosure, copying, distribution, or other use without the express \
consent of the sender is prohibited. If you received this in error, please contact \
the sender and delete the material from any computer. All rights in the information \
transmitted, including copyright, are reserved. Nothing in this message should be \
interpreted as a digital signature that can be used to authenticate a document. No \
warranty is given by the sender that any attachments to this email are free from \
viruses or other defects. </span><o:p></o:p></p>
</div>
</blockquote>
</div>
</div>
<p style="line-height:9.0pt"><span \
style="font-size:8.0pt;font-family:"Cambria",serif">The information \
transmitted is intended only for the person or entity to which it is addressed and \
may contain confidential and / or privileged material that may be governed by \
confidential information provisions contained in the agreement between GBST and your \
company. Any disclosure, copying, distribution, or other use without the express \
consent of the sender is prohibited. If you received this in error, please contact \
the sender and delete the material from any computer. All rights in the information \
transmitted, including copyright, are reserved. Nothing in this message should be \
interpreted as a digital signature that can be used to authenticate a document. No \
warranty is given by the sender that any attachments to this email are free from \
viruses or other defects. <o:p></o:p></span></p>
</div>
</blockquote>
</div>
</div>
<p style="font-size:8pt; line-height:9pt; font-family: 'Cambria','times \
roman',serif;"> The information transmitted is intended only for the person or entity \
to which it is addressed and may contain confidential and / or privileged material \
that may be governed by confidential information provisions contained in the \
agreement between GBST and your company. Any disclosure, copying, distribution, or \
other use without the express consent of the sender is prohibited. If you received \
this in error, please contact the sender and delete the material from any computer. \
All rights in the information transmitted, including copyright, are reserved. \
Nothing in this message should be interpreted as a digital signature that can be used \
to authenticate a document. No warranty is given by the sender that any attachments \
to this email are free from viruses or other defects. </p>
<div></div>
</body>
</html>
["image001.png" (image/png)]
["image002.png" (image/png)]
["image003.png" (image/png)]
["image004.png" (image/png)]
["image006.png" (image/png)]
["image008.png" (image/png)]
["image010.png" (image/png)]
["image012.png" (image/png)]
["image014.png" (image/png)]
[Attachment #15 (--===============4358513314336613523==)]
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic