PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
I've run into a problem when trying to sponsor multiple devices with a single sponsor user.
I'm running 5.6.1, made up to date with the /usr/local/pf/addons/pf-maint.pl script - it was a 5.6.0 install on Centos 6.
This is a out of band VLAN type enforcement, using a Cisco WISM2 system. VLAN switch works brilliantly. Can deregister devices, and they snap back into the registration vlan without issue.
First guest sponsor registration asks for username/password, and successfully authorizes the guest onto the network via AD ldap connector. All is good.
The subsequent registration (and all subsequent registrations) with a different device brings up this screen. (I've mangled a bunch of css to skin it with our logos somewhat).
Reloading the page shows a username/password box: (the same as the first device that was registered successfully)
After entering a correct domain username/password, it shows a successful auth:
Everything is great. VLAN switch happens, device gets the internet.
I've attached my packetfence log in trace mode, and I think this is the requisite line that's causing issues:
Feb 09 20:49:52 httpd.portal(11275) WARN: [mac:unknown] Use of uninitialized value $value in concatenation (.) or string at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Model/Portal/Session.pm line 271.
(captiveportal::PacketFence::Model::Portal::Session::ANON)
In the attached logs, I've anonymised a bunch of stuff. 130.217.99.99 is my client machine, the mac address of the device that's trying to be sponsored on is [mac:00:24:d7:00:00:01], my username is staff@waikato.ac.nz, and the target guest email address is user@example.com.
The laptop that's connecting is a windows 10 OS, but its happened with every device I've connected with.
I've attached packetfence.log, which is a snippet of the packetfence.log file - I've removed duplicate lines about caching.
I've also attached profiles.conf and authentication.conf.
louismunro
commented
8 years ago
I've run into a problem when trying to sponsor multiple devices with a single sponsor user.
I'm running 5.6.1, made up to date with the /usr/local/pf/addons/pf-maint.pl script - it was a 5.6.0 install on Centos 6. This is a out of band VLAN type enforcement, using a Cisco WISM2 system. VLAN switch works brilliantly. Can deregister devices, and they snap back into the registration vlan without issue.
First guest sponsor registration asks for username/password, and successfully authorizes the guest onto the network via AD ldap connector. All is good.
The subsequent registration (and all subsequent registrations) with a different device brings up this screen. (I've mangled a bunch of css to skin it with our logos somewhat).
Reloading the page shows a username/password box: (the same as the first device that was registered successfully)
After entering a correct domain username/password, it shows a successful auth:
Everything is great. VLAN switch happens, device gets the internet.
I've attached my packetfence log in trace mode, and I think this is the requisite line that's causing issues:
Feb 09 20:49:52 httpd.portal(11275) WARN: [mac:unknown] Use of uninitialized value $value in concatenation (.) or string at /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/Model/Portal/Session.pm line 271. (captiveportal::PacketFence::Model::Portal::Session::ANON)
In the attached logs, I've anonymised a bunch of stuff. 130.217.99.99 is my client machine, the mac address of the device that's trying to be sponsored on is [mac:00:24:d7:00:00:01], my username is staff@waikato.ac.nz, and the target guest email address is user@example.com.
The laptop that's connecting is a windows 10 OS, but its happened with every device I've connected with.
I've attached packetfence.log, which is a snippet of the packetfence.log file - I've removed duplicate lines about caching.
I've also attached profiles.conf and authentication.conf.
packetfence.log.txt profiles.conf.txt authentication.conf.txt