Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 3 subscribers
  • Views 2686 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wireless Radius AUTH and MAC Address Whitelist - random disabling users

Robert Włodarczyk

Hi Guys,

We have met a strange problem at Sophos software with only Wireless Protection Subscription and AP55/AP100.

Configuration is based on RADIUS and MAC whitelist on Sophos (about 85 addresses).

Random users lost connection to Wireless network and they cannot connect again - even their MAC address is on white list we need to remove it, add again and it will work for some time.

This is fresh installation based on newest Sophos but it is definately has some problems with MAC address whitelist.

Anyone met same problem? Is there any solution here?

Thanks

Robert



This thread was automatically locked due to age.
  • 0

    Cześć Robert and welcome to the UTM Community!

    Please show lines from the wireless log when a connection is lost and then the lines when the lost connection tries to re-establish.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    Thank you for your reply. We were waiting for problem to appear again, because in meantime we have set cron SG restart every night, which helping to limit number of problems.

    Now we have situation that one computer is not able to log in to wireless network. In whireless log it looks like:

    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4106" severity="info" sys="System" sub="WiFi" name="STA rejected" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" reason_code="2" reason="not whitelisted"
    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" status_code="0"
    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4106" severity="info" sys="System" sub="WiFi" name="STA rejected" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" reason_code="2" reason="not whitelisted"
    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" status_code="0"
    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4106" severity="info" sys="System" sub="WiFi" name="STA rejected" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" reason_code="2" reason="not whitelisted"
    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" status_code="0"
    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4106" severity="info" sys="System" sub="WiFi" name="STA rejected" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" reason_code="2" reason="not whitelisted"
    2021:08:04-09:29:12 A4002D58B098EFF awelogger[7254]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="NET-WiFi" ssid_id="WLAN2.1" bssid="00:1a:8c:9c:0f:94" sta="a8:7e:ea:fd:74:33" status_code="0"

    This is repeating for whole day. Day before this computer was using Wireless network without problem. When remove MAC address and add again to list, it starting to work.

    This is 'fresh' installation, configured 4 weeks ago.

    Thanks,

    Robert

    Regards,

    Robert

    With Sophos/Astaro Since 2005

  • 0 in reply to Robert Włodarczyk

    It would be interesting to know if simply disabling/enabling the WiFi network would solve this problem.

    You can get the REF of the wireless network in question (wlan3 in the command below):

         cc get_object_by_name itfhw awe_network wlan3| grep \'ref

    Say the result indicated 'REF_ItfAwePrivate'

    Toggle this off/on with:

         cc change_object 'REF_ItfAwePrivate' status 0 ; cc change_object 'REF_ItfAwePrivate' status 1

    Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    We have tried your suggestion:

    utm-wifi-2:/home/login # cc get_object_by_name itfhw awe_network wlan3| grep \'ref

    utm-wifi-2:/home/login # cc get_object_by_name itfhw awe_network wlan3

    0

    utm-wifi-2:/home/login # cc change_object 'REF_ItfAwePrivate' status 0

    0

    utm-wifi-2:/home/login # cc change_object 'REF_ItfAwePrivate' status 1

    0

    utm-wifi-2:/home/login # cc get_object_by_name itfhw awe_network wlan3| grep \'ref

    utm-wifi-2:/home/login #

    This is what we got.

    Please remember that every night we are restarting UTM to minimize number of problems.

    Do you have any other idea? I rather think that problem is with MAC Address table at UTM, but maybe I'm wrong.

    Have a good day

    Robert

    Regards,

    Robert

    With Sophos/Astaro Since 2005

  • 0 in reply to Robert Włodarczyk

    Robert, instead of using wlan3 in those commands, you need to use the wlan# for your wireless network.  Any better luck.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    HI Bob,

    We have tried different WLANs as customer has wlan0, wlan1, wlan2, wlan3, wlan4.

    All tries return same value 0. 

    When trying turn wireless off and on nothing happen (wireless is still working).

    utm-wifi-2:/root # cc get_object_by_name itfhw awe_network wlan0

    0

    utm-wifi-2:/root # cc get_object_by_name itfhw awe_network wlan1

    0

    utm-wifi-2:/root # cc get_object_by_name itfhw awe_network wlan2

    0

    utm-wifi-2:/root # cc get_object_by_name itfhw awe_network wlan3

    0

    utm-wifi-2:/root # cc get_object_by_name itfhw awe_network wlan4

    0

     

    utm-wifi-2:/root # cc change_object 'REF_ItfAwePrivate' status 0

    0

    utm-wifi-2:/root # cc change_object 'REF_ItfAwePrivate' status 1

    0

    Any other idea here?

    Have a good day.

    Robert

    Regards,

    Robert

    With Sophos/Astaro Since 2005

  • 0 in reply to Robert Włodarczyk

    Are you logged in as root?

    To pick the right REF, run the two following commands:

         cc get_objects itfhw awe_network|grep \'ref
         cc get_objects itfhw awe_network|grep interface_name

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML