Re: [PacketFence-users] 802.1x

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello Alexander,

Did you enable the local authentication in the config/radiusd/packetfence-tunnel or not ?

Thanks,

Ludovic Zammit
lz...@in... <mailto:lz...@in...> ::  +1.514.447.4918 (x145) ::  www.inverse.ca <http://www.inverse.ca/>
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu <http://www.sogo.nu/>) and PacketFence (http://packetfence.org <http://packetfence.org/>) 

> On Feb 19, 2020, at 3:48 PM, Alexander Bird <ale...@cw...> wrote:
> 
> Hi Ludovic,
> 
> Thanks for the reply.
> I may have misunderstood however I am trying to authenticate against the local database within PacketFence. 
> I do not wish to use AD and have not configured any domains into PacketFence.
> 
> I have tried rebooting the PF VM after configuring all switches & users etc.
> 
> 
> Thanks
> Alexander
> 
> On 18/02/2020 13:18, Ludovic Zammit wrote:
>> Hello Alexander,
>> 
>> Have you restarted radius after joining the PF server to your domain ?
>> 
>> Did you assign the realms DEFAULT and NULL to your AD ?
>> 
>> Thanks,
>> Ludovic Zammit
>> 
>> 
>> 
>> 
>>> On Feb 17, 2020, at 4:55 PM, Alexander Bird via PacketFence-users <pac...@li... <mailto:pac...@li...>> wrote:
>>> 
>>> Hi,
>>> 
>>> I am using PacketFence for the fist time.
>>> First challenge is to setup very basic dot1x authentication for a LAN.
>>> 
>>> I have a switch passing the authentication requests to PacketFence.
>>> Within PacketFence I have added a connection profile for Ethernet eap with an authentication source of local.
>>> Switch also added, configuring the radius secret within the switch profile. 
>>> I have added a user account on the "users" tab.
>>> 
>>> The device (an IP camera using PEAP) is trying to authenticate with the details input on the "users" tab  however it is being rejected with the reason:
>>> 
>>> mschap: Program returned code (1) and output 'Reading winbind reply failed! (0xc0000001)'
>>> 
>>> From my research this indicate an authentication against AD, however I have no domains etc configured, I would like to authenticate against the local database. 
>>> 
>>> Although this is my first time using PacketFence I have successfully used used RadiusDesk in the past for basic dot1x authentication (And recently tried ROS V7 Userman Beta as it now has support), although PacketFrence looks like it has far greater potential.
>>> 
>>> Any help much appreciated, hopefully it is just something simple I have overlooked.
>>> 
>>> 
>>> 
>>> Thanks
>>> Alexander
>>> 
>>> 
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> PacketFence-users mailing list
>>> Pac...@li... <mailto:Pac...@li...>
>>> https://lists.sourceforge.net/lists/listinfo/packetfence-users <https://lists.sourceforge.net/lists/listinfo/packetfence-users>
>> 