I think that was done by accident after I had copied the pf.conf out. Here is the actual configuration file. The Eth1 IP address was wrong in the config file, I have changed that and still not luck on starting the HTTP.Portal Service.

[general]## general.domain## Domain name of PacketFence system.domain=DOMAIN.LOCAL## general.hostname## Hostname of PacketFence system. This is concatenated with the domain in Apache rewriting rules and therefore must be resolvable by clients.hostname=NOC2-PF## general.dnsservers## Comma-delimited list of DNS servers. Passthroughs are created to allow queries to these servers from even "trapped" nodes.dnsservers=127.0.0.1,192.168.2.1## general.dhcpservers## Comma-delimited list of DHCP servers. Passthroughs are created to allow DHCP transactions from even "trapped" nodes.dhcpservers=127.0.0.1,192.168.2.1
[trapping]## trapping.range## Comma-delimited list of address ranges/CIDR blocks that PacketFence will monitor/detect/trap on. Gateway, network, and# broadcast addresses are ignored.range=192.168.0.0/24,10.22.12.0/24,10.22.13.0/24
[registration]## registration.range##range=10.22.12.0/24## registration.nbregpages## The number of registration pages to show to the usernbregpages=1
[alerting]## alerting.emailaddr## Email address to which notifications of rogue DHCP servers, violations with an action of "email", or any other# PacketFence-related message goes to.emailaddr=***@domain.ca
[database]## database.pass## Password for the mysql database used by PacketFence.pass=(REMOVED)
[captive_portal]## captive_portal.network_detection_ip## This IP is used as the webserver who hosts the common/network-access-detection.gif which is used to detect if network# access was enabled.# It cannot be a domain name since it is used in registration or quarantine where DNS is blackholed.# It is recommended that you allow your users to reach your packetfence server and put your LAN's PacketFence IP.# By default we will make this reach PacketFence's website as an easy solution.#network_detection_ip=10.22.12.1## captive_portal.secure_redirect## If secure_redirect is enabled, the captive portal uses HTTPS when redirecting# captured clients. This is the default behavior.secure_redirect=disabled
[interface eth0]ip=192.168.2.110type=managementmask=255.255.255.0
[interface eth1]enforcement=vlanip=10.22.12.1type=internalmask=255.255.255.0
[interface eth2]enforcement=vlanip=10.22.13.1type=internalmask=255.255.255.0
[interface eth1.12]enforcement=vlanip=10.22.12.1type=internalmask=255.255.255.0
[interface eth2.13]enforcement=vlanip=10.22.13.1type=internalmask=255.255.255.0




Date: Fri, 11 Jul 2014 07:36:12 -0400
From: ***@inverse.ca
To: packetfence-***@lists.sourceforge.net
Subject: Re: [PacketFence-users] httpd.portal service wont start






Hi Brian,



you pf.conf lokk like a little bit weird :



[interface eth2.13]
enforcement=vlan
ip=10.22.13.1
type=internal
mss=***@ck3tf3nc3



[captive_portal]
#
# captive_portal.network_detection_ip
#
# This IP is used as the webserver who hosts the
common/network-access-detection.gif which is used to detect if
network
# access was enabled.
# It cannot be a domain name since it is used in registration
or quarantine where DNS is blackholed.
# It is recommended that you allow your users to reach your
packetfence server and put your LAN's PacketFence IP.
# By default we will make this reach PacketFence's website as
an easy solution.
#
network_detection_ip=10.22.12.1
#
Mask=255.255.255.0



So fix that and retry to start the portal.



Regards

Fabrice








Le 2014-07-10 20:02, Brian Mottershead a écrit :






Hi PacketFence Users,



We have recently started testing PacketFence in our small
environment and are having issues with the httpd.portal
service starting. We used the ZEN vAPP version of
PacketFence. We have it mostly configured and when I plug a
device into a switchport it successfully moves me to the
registration VLAN. However the httpd.portal service will
not start. I have tried restarting the service and
restarting the whole PacketFence server. When I start it
though the web interface it things for about 10 seconds then
refreshed the page and it stays at "stopped". All other
services are started without issue.



All I see in the httpd.portal.log file is:



Jul 06 11:13:41 httpd.portal(1802) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 06 13:10:32 httpd.portal(2418) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 06 13:11:22 httpd.portal(2493) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 06 13:14:42 httpd.portal(2629) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 06 13:15:44 httpd.portal(2650) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 10 18:48:48 httpd.portal(4055) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 10 18:50:48 httpd.portal(1801) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 10 18:55:49 httpd.portal(1954) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 10 19:03:58 httpd.portal(2005) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)
Jul 10 19:09:52 httpd.portal(2045) INFO: captiveportal
powered by Catalyst 5.90011 (Catalyst::setup)



I also looked throught he packetfence.log file and other
files in the log directory. I didn't see anything that
appeared to be related. Let me know if there are other logs
that would be good to check that I may have missed. I am
not sure if there is an Apache log anywhere.



Below is the Packetfence config and network configuration
files as well as the JuniperEX2200 48 port switch config.



We are currently using a local deployment. The
Packetfence server is the direct gateway for both
Registration and Isolation VLANs.



Any help will be appreciated. Thanks!






PACKETFENCE CONFIGURATION FILE



[general]
#
# general.domain
#
# Domain name of PacketFence system.
domain=DOMAIN.LOCAL
#
# general.hostname
#
# Hostname of PacketFence system. This is concatenated
with the domain in Apache rewriting rules and therefore must
be resolvable by clients.
hostname=NOC2-PF
#
# general.dnsservers
#
# Comma-delimited list of DNS servers. Passthroughs are
created to allow queries to these servers from even
"trapped" nodes.
dnsservers=127.0.0.1,192.168.2.1
#
# general.dhcpservers
#
# Comma-delimited list of DHCP servers. Passthroughs are
created to allow DHCP transactions from even "trapped"
nodes.
dhcpservers=127.0.0.1,192.168.2.1



[trapping]
#
# trapping.range
#
# Comma-delimited list of address ranges/CIDR blocks that
PacketFence will monitor/detect/trap on. Gateway, network,
and
# broadcast addresses are ignored.
range=192.168.0.0/24,10.22.12.0/24,10.22.13.0/24



[registration]
#
# registration.range
#
#
range=10.22.12.0/24
#
# registration.nbregpages
#
# The number of registration pages to show to the user
nbregpages=1



[alerting]
#
# alerting.emailaddr
#
# Email address to which notifications of rogue DHCP
servers, violations with an action of "email", or any other
# PacketFence-related message goes to.
emailaddr=***@domain.ca



[database]
#
# database.pass
#
# Password for the mysql database used by PacketFence.
(REMOVED PASSWORD)
[captive_portal]
#
# captive_portal.network_detection_ip
#
# This IP is used as the webserver who hosts the
common/network-access-detection.gif which is used to detect
if network
# access was enabled.
# It cannot be a domain name since it is used in
registration or quarantine where DNS is blackholed.
# It is recommended that you allow your users to reach
your packetfence server and put your LAN's PacketFence IP.
# By default we will make this reach PacketFence's
website as an easy solution.
#
network_detection_ip=10.22.12.1
#
# captive_portal.secure_redirect
#
# If secure_redirect is enabled, the captive portal uses
HTTPS when redirecting
# captured clients. This is the default behavior.
secure_redirect=disabled



[interface eth0]
ip=192.168.2.110
type=management
mask=255.255.255.0



[interface eth1]
enforcement=vlan
ip=10.22.12.1
type=internal
mask=255.255.255.0



[interface eth2]
enforcement=inlinel2
ip=192.168.2.5
type=internal
mask=255.255.255.0



[interface eth1.12]
enforcement=vlan
ip=10.22.12.1
type=internal
mask=255.255.255.0



[interface eth2.13]
enforcement=vlan
ip=10.22.13.1
type=internal
mss=***@ck3tf3nc3



[captive_portal]
#
# captive_portal.network_detection_ip
#
# This IP is used as the webserver who hosts the
common/network-access-detection.gif which is used to detect
if network
# access was enabled.
# It cannot be a domain name since it is used in
registration or quarantine where DNS is blackholed.
# It is recommended that you allow your users to reach
your packetfence server and put your LAN's PacketFence IP.
# By default we will make this reach PacketFence's
website as an easy solution.
#
network_detection_ip=10.22.12.1
#
Mask=255.255.255.0















PACKETFENCE NETWORK CONFIGURATION FILE



[***@PacketFence-ZEN-4-2 conf]# vi networks.conf
[10.22.12.0]
dns=10.22.12.1
dhcp_start=10.22.12.10
gateway=10.22.12.1
domain-name=vlan-registration.DOMAIN.LOCAL
named=enabled
dhcp_max_lease_time=30
dhcpd=enabled
fake_mac_enabled=disabled
dhcp_end=10.22.12.246
type=vlan-registration
netmask=255.255.255.0
dhcp_default_lease_time=30



[10.22.13.0]
dns=10.22.13.1
dhcp_start=10.22.13.10
gateway=10.22.13.1
domain-name=vlan-isolation.DOMAIN.LOCAL
named=enabled
dhcp_max_lease_time=30
dhcpd=disabled
fake_mac_enabled=disabled
dhcp_end=10.22.13.246
type=vlan-isolation
netmask=255.255.255.0
dhcp_default_lease_time=30


















SWITCH CONFIGURATION - Juniper EX2200-48p
(Sensitive Data Removed)
All missing switchports have the same configuration as
ge0/0/0









***@PFtest> show configuration
## Last commit: 2014-07-06 12:37:59 UTC by root
version 12.3R3.4;
system {
host-name PFtest;
root-authentication {
encrypted-password "(REMOVED)."; ## SECRET-DATA
}
services {
ssh {
protocol-version v2;
}
netconf {
ssh;
}
web-management {
http;
}
dhcp {
traceoptions {
file dhcp_logfile;
level all;
flag all;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
auto-image-upgrade;
}
interfaces {
interface-range access-ports {
member-range ge-0/0/10 to ge-0/0/20;
unit 0 {
family ethernet-switching {
port-mode access;
}
}
}
ge-0/0/0 {
unit 0 {
family ethernet-switching;
}
}



************ge-0/0/1 to ge-0/0/45 have the same
configuration as port ge-0/0/0******************



ge-0/0/46 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ MANAGEMENT GUESTS NORMAL ];
}
native-vlan-id MANAGEMENT;
}
}
}
ge-0/0/47 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ ISOLATION MANAGEMENT
REGISTRATION MACDETECT ];
}
native-vlan-id MANAGEMENT;
}
}
}
ge-0/1/0 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/1 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/2 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/3 {
unit 0 {
family ethernet-switching;
}
}
vlan {
unit 0 {
family inet {
address 192.168.1.5/24;
}
}
unit 1 {
family inet {
address 192.168.2.4/24;
}
}
}
}
snmp {
view jweb-view-all {
oid .1 include;
}
community SNMPPF {
view jweb-view-all;
authorization read-write;
}
trap-group SNMPPF {
categories {
authentication;
chassis;
link;
remote-operations;
routing;
startup;
rmon-alarm;
vrrp-events;
configuration;
}
targets {
192.168.2.110;
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.2.1;
}
}
protocols {
igmp-snooping {
vlan all;
}
dot1x {
authenticator {
authentication-profile-name packetfence;
interface {
access-ports {
supplicant multiple;
mac-radius {
restrict;
flap-on-disconnect;
}
}
}
}
}
rstp;
lldp {
interface all;
}
lldp-med {
interface all;
}
}
access {
radius-server {
192.168.2.110 {
port 1812;
secret
"$9$LXZxb2aZjmPQhSYoZG.mp0BRSex7Vg4ZNdqP5Q9CuO1Ervx7V2oG";
##
SECRET-DATA
}
}
profile packetfence {
authentication-order radius;
radius {
authentication-server 192.168.2.110;
accounting-server 192.168.2.110;
}
accounting {
order radius;
accounting-stop-on-failure;
accounting-stop-on-access-deny;
}
}
}
ethernet-switching-options {
secure-access-port {
interface access-ports {
mac-limit 1 action drop;
}
}
voip;
storm-control {
interface all;
}
}
vlans {
GUESTS {
description "GUESTS VLAN";
vlan-id 15;
interface {
ge-0/0/5.0;
}
}
ISOLATION {
description "PacketFence Local Isolation";
vlan-id 13;
}
MACDETECT {
description "MAC DETECTION";
vlan-id 14;
interface {
ge-0/0/4.0;
}
}
MANAGEMENT {
description " Office Network";
vlan-id 3;
interface {
ge-0/0/3.0;
}
l3-interface vlan.1;
}
NORMAL {
description "Normal VLAN";
vlan-id 20;
interface {
ge-0/0/6.0;
}
}
REGISTRATION {
description "PacketFence Local Registration";
vlan-id 12;
interface {
ge-0/0/1.0;
}
}
default {
vlan-id 1;
l3-interface vlan.0;
}
}



{master:0}

























------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft





_______________________________________________
PacketFence-users mailing list
PacketFence-***@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users






--
Fabrice Durand
***@inverse.ca :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)