Hi everybody, While waiting an answer from the community, I try to understand why I can see the captive portal (when enabled on the management interface) in version 10.1, but not in version 11.2.
I set the log level for the portal daemon at debug, and I can see on version 11.2, that the problem seems to rely on the mac address (logs from 11.2, with a direct access to the portal: http://<ip_of_mgt>/captive-portal): Jun 7 12:22:47 packetfence packetfence_httpd.portal[1757]: httpd.portal(1757) DEBUG: [mac:0] invalid MAC: empty (pf::util::valid_mac) Jun 7 12:22:47 packetfence packetfence_httpd.portal[1757]: httpd.portal(1757) DEBUG: [mac:0] Rendering error.html (captiveportal::PacketFence::DynamicRouting::Application::render) In version 10.1, I have those logs instead, again, with a direct access: Jun 7 13:04:51 packetfence01 packetfence_httpd.portal: httpd.portal(4053) DEBUG: [mac:0] invalid MAC: empty (pf::util::valid_mac) Jun 7 13:04:51 packetfence01 packetfence_httpd.portal: httpd.portal(4053) DEBUG: [mac:0] Executing current module from session default_policy+default_registration_policy (captiveportal::PacketFence::DynamicRouting::ModuleManager::execute_child) Or it could be also a problem with the portal module engine, but the preview, on the connection profiles page, is working. If you have clues, I can test them. Thank you and best regards, Bénoni Delfosse. From: Bénoni Delfosse via PacketFence-users <[email protected]> Sent: Friday, 3 June 2022 12:38 To: [email protected] Cc: Bénoni Delfosse <[email protected]> Subject: Re: [PacketFence-users] Your computer was not found in the PacketFence database Hi, As I mentioned, I don’t have interfaces dedicated for registration and isolation. Only 1 NIC for management. So, no way to add the registration (or isolation) on it, physically. And as I said also, I added all daemons on the management interface. DHCP and DNS works correctly on the remote site, through the DHCP-relay and the routing in place. It’s just the mapping between the MAC and IP, that seems to not work. I already try to add a VLAN on the management interface for registration, with no access at all (just the definition in the GUI with an IP on the VLAN interface). The dhcp-relay on the other site points on the management IP, the only IP routable. And it changes nothing. I’ll give a new try just in case I forget something. If you have another idea, it’s welcome. Now, if PacketFence team confirms that this scenario is not possible at all, I can try to negotiate 2 more NIC on the VM. Best regards, Bénoni Delfosse. From: Baptiste Leroy via PacketFence-users <mailto:[email protected]> Sent: Tuesday, 31 May 2022 10:10 To: mailto:[email protected] Cc: Baptiste Leroy <mailto:[email protected]> Subject: Re: [PacketFence-users] Your computer was not found in the PacketFence database Hello. Have you enabled the registration (and isolation) interfaces ? Le lun. 30 mai 2022 à 23:21, Bénoni Delfosse via PacketFence-users <mailto:[email protected]> a écrit : Hi all, I setup a ZEN 11.2 in a datacentre to use it around different building for the same customer, first in a Wi-Fi environment, then with wired connections. My constraint is to use only one NIC, no VLAN allowed. So, I attached every additional daemon (DHCP, DHCP-listener, radius, and portal) on the management interface of PacketFence. I then configure a routed network for the registration network used remotely, with DHCP enabled. The connection part works correctly: I can connect to the WiFi, I receive an IP from the DHCP from the PacketFence, through a DHCP-relay, with PacketFence's management IP as DNS. On the registration network, each DNS resolution returns correctly the PacketFence's management IP (supposed to be the captive portal IP). My problem is I never receive the captive portal, always the following message: Your computer was not found in the PacketFence database. Please reboot to solve this issue. It's like PacketFence cannot map the IP address, it gave through the DHCP-relay connection, to the MAC address (used to give an IP address). I try also to set the log of each daemon involved in the process to debug level, but nothing more to give me a clue to continue the investigation. I did packet captures but, each time, I see the request for the captive portal check from the computer in the registration network, the answer to redirect to the captive portal, the request to get the captive portal, and finally the error page with the message as described here above. I try everything, relevant, in the mailing list, but nothing works. Could you help me to solve this strange behavior? If you need some logs, conf, please ask me. Thank you and best regards, Bénoni Delfosse _______________________________________________ PacketFence-users mailing list mailto:[email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
