Hi, I’m using a vWLC (running 8.5.120) for a new client that wants very dynamic captive portal and I so my steps into PacketFence are starting ;).
As the whole infrastructure is new, (not the hardware though), I have no real limits on how to make things work. For the switches, I’m using Cisco 2960S stacks, which work great and combined with dot1x/mab work flawlessly. As for the wireless, I have a bit of trouble… I’m using an SSID with Mac authentication that is on the registration vlan (498). PacketFence has a network card in that vlan, setup as Registration role, with DHCP enabled. The Portal role is enabled on the Management interface, and all is going great so far. Clients get an ip from PacketFence (as they are on the correct vlan) and are greeted with the captive portal page. Here the message states a problem has arisen, and that the device needs a restart for it to work. After investigating I noticed that no device was registrated as Nodes, so I dug into the logs. Here is the output for the relevant ones: Dec 2 14:31:29 packetfence pfdhcp[829]: t=2021-12-02T14:31:29+0100 lvl=info msg="DHCPDISCOVER from 86:7d:9e:24:a3:3a ()" pid=829 mac=86:7d:9e:24:a3:3a Dec 2 14:31:30 packetfence pfdhcp[829]: t=2021-12-02T14:31:30+0100 lvl=info msg="DHCPOFFER on 10.49.9.135 to 86:7d:9e:24:a3:3a ()" pid=829 mac=86:7d:9e:24:a3:3a Dec 2 14:31:31 packetfence pfdhcp[829]: t=2021-12-02T14:31:31+0100 lvl=info msg="DHCPREQUEST for 10.49.9.135 from 86:7d:9e:24:a3:3a ()" pid=829 mac=86:7d:9e:24:a3:3a Dec 2 14:31:31 packetfence pfdhcp[829]: t=2021-12-02T14:31:31+0100 lvl=info msg="DHCPACK on 10.49.9.135 to 86:7d:9e:24:a3:3a ()" pid=829 mac=86:7d:9e:24:a3:3a Dec 2 14:32:32 packetfence pfdhcp[829]: t=2021-12-02T14:32:32+0100 lvl=info msg="86:7d:9e:24:a3:3a 10.49.9.135 Added back in the pool none on index 381" pid=829 (DHCP works) Dec 2 14:27:33 packetfence auth[1421]: [mac:86:7d:9e:24:a3:3a] Accepted user: and returned VLAN 498 Dec 2 14:27:33 packetfence auth[1421]: (12640) Login OK: [867d9e24a33a] (from client 10.51.0.10/32 port 1 cli 86:7d:9e:24:a3:3a) (Radius returns the correct vlan) Dec 2 14:31:33 packetfence pfdns[930]: t=2021-12-02T14:31:33+0100 lvl=eror msg="Ip2Mac (ipv4) mac for 10.49.9.135 not found sql: no rows in result set\n" pid=930 request-uuid=2a36c1c3-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:33 packetfence pfdns[930]: t=2021-12-02T14:31:33+0100 lvl=eror msg="ERROR cannot find mac for ip 10.49.9.135\n" pid=930 request-uuid=2a36c1c3-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:33 packetfence pfdns[930]: t=2021-12-02T14:31:33+0100 lvl=eror msg="Ip2Mac (ipv4) mac for 10.49.9.135 not found sql: no rows in result set\n" pid=930 request-uuid=2a36c181-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:33 packetfence pfdns[930]: t=2021-12-02T14:31:33+0100 lvl=eror msg="ERROR cannot find mac for ip 10.49.9.135\n" pid=930 request-uuid=2a36c181-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:33 packetfence pfdns[930]: t=2021-12-02T14:31:33+0100 lvl=eror msg="error getting node status 00:00:00:00:00:00 sql: no rows in result set\n" pid=930 request-uuid=2a36c181-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:33 packetfence pfdns[930]: t=2021-12-02T14:31:33+0100 lvl=eror msg="error getting node status 00:00:00:00:00:00 sql: no rows in result set\n" pid=930 request-uuid=2a36c1c3-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:34 packetfence pfdns[930]: t=2021-12-02T14:31:34+0100 lvl=eror msg="Ip2Mac (ipv4) mac for 10.49.9.135 not found sql: no rows in result set\n" pid=930 request-uuid=2b34a5df-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:34 packetfence pfdns[930]: t=2021-12-02T14:31:34+0100 lvl=eror msg="ERROR cannot find mac for ip 10.49.9.135\n" pid=930 request-uuid=2b34a5df-5374-11ec-9d53-5a6eb019f05c Dec 2 14:31:34 packetfence pfdns[930]: t=2021-12-02T14:31:34+0100 lvl=eror msg="error getting node status 00:00:00:00:00:00 sql: no rows in result set\n" pid=930 request-uuid=2b34a5df-5374-11ec-9d53-5a6eb019f05c (PFDNS hits an error about not being able to find a MAC address for the ip ) Dec 2 14:31:34 packetfence packetfence_httpd.portal[96262]: httpd.portal(96262) WARN: [mac:unknown] Unable to match MAC address to IP '10.49.9.135' (pf::ip4log::ip2mac) Dec 2 14:31:34 packetfence packetfence_httpd.portal[96262]: httpd.portal(96262) WARN: [mac:0] Unable to match MAC address to IP '10.49.9.135' (pf::ip4log::ip2mac) Dec 2 14:31:34 packetfence pfqueue[95729]: pfqueue(95729) ERROR: [mac:unknown] Unable to fetch query arguments for Fingerbank query. Aborting. (pf::fingerbank::process) Dec 2 14:31:35 packetfence packetfence_httpd.portal[95978]: httpd.portal(95978) WARN: [mac:unknown] Unable to match MAC address to IP '10.49.9.135' (pf::ip4log::ip2mac) Dec 2 14:31:35 packetfence packetfence_httpd.portal[95978]: httpd.portal(95978) WARN: [mac:0] Unable to match MAC address to IP '10.49.9.135' (pf::ip4log::ip2mac) (And Again in PacketFence.log, issues sixth matching the MAC address to the IP) I guess there is something I’m missing? But what… _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
