[PacketFence-users] Dot1X authentication error message (Urgent pls!!!..)

Durand fabrice

2017-05-19 22:17:25 UTC

Hello Akala,

I need more debug, can you paste radius debug ?

raddebug -f var/run/radius.sock -t 300

Regards

Fabrice

Post by Akala Kehinde
Hello guys,
Need a lil help here..
Get this error message when I try doing dot1x authentication with PF
as RADIUS server and database for usernames.
*Error message on PF*
{"control:PacketFence-Authorization-Status":"allow","Reply-Message":"CLI
Access is not allowed by PacketFence on this switch"}
But....
[192.168.31.253]
mode=production
SNMPCommunityRead=PUBLIC
SNMPCommunityWrite=PRIVATE
cliUser=pfence
deauthMethod=RADIUS
description=DOT1XSW
type=Cisco::Catalyst_3750G
cliPwd=Oy3m1cant0
isolationVlan=99
cliTransport=SSH
radiusSecret=Oy3m1cant0
cliEnablePwd=Oy3m1cant0
registrationVlan=98
*cliAccess=Y -------------------------------------Enabled here...*
staffVlan=4
guestVlan=6
deviceVlan=5
*
*
*Error message o DOT1X Switch*
*May 19 19:55:48.762: %DOT1X-5-FAIL: Authentication failed for client
(000f.bd49.2f00) on Interface Et1/0 AuditSessionID
C0A81FFD0000000F00CBD8F3
MAC works but dot1x doesn't. Do I also need to include the local
usernames on the supplicant's (Win7) adapter configuration?
Thanks
Regards,
Kehinde
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
https://lists.sourceforge.net/lists/listinfo/packetfence-users