Download PacketFence 9.0.0

An NAC system can be used to secure a network environment. This allows, based on pre-set policies, network devices to be automatically blocked if an undesirable situation occurs. Think of unknown network devices of visitors, a worm that is trying to spread or an authorized device that is equipped with a different operating system via a boot flop or live CD. PacketFence is such a nac system, with support for 802.1x, finger bank and vlan isolation, which allows a network device to be placed in the correct vlan after analysis. The developers have released version 9.0.0.

New Features

• New web interface based on Vue.js and Bootstrap 4
• Let’s Encrypt SSL certificates support for captive portal and RADIUS
• Cisco ASA VPN support with the captive portal
• Fortinet VPN support
• DHCP Filter to reply custom attributes in the OFFER and/or ACK (deprecate old DHCP Filter)
• Add 802.1X and CoA support for Fortinet FortiSwitch
• Add module to support PICOS white box switches
• Support for Aerohive access point with switch port
• Support for Aruba Instant Access switch module
• Debian 9 (Stretch) support

Enhancements

• Now including timeout when authorizing a web-auth user on an Ubiquiti UniFi controller
• Now providing defaults for the Apache filters
• Allow to configure the RADIUS attributes and their lookup order for extracting the username
• conf/stats.conf has a default file now
• VoIP configuration parameter in node_cleanup task to bypass VoIP devices
• Adding/removing passthroughs doesn’t require to restart pfdns anymore (#3127)
• Added support for RADIUS disconnect on Ruckus SmartZone
• Disable Microsoft Active Directory join operating system check option
• Disable DNS lookup in MariaDB configuration
• Enable performance_schema if needed
• Display local account in the captive portal during registration if applicable (#3615)
• Exception for portal detection URL in pfdns
• Added support for Ruckus roles
• sms_carrier ‘id’ column is now auto-increment (#1270/PR #3684)
• Better logging for haproxy-portal that allows to identify missing passthroughs
• Allow to skip management node in portal load-balancing when running in a cluster
• DHCP and DNS services can be enabled on a specific interface
• VoIP support for Dell switches

Bug Fixes

• Fixed the systemd logic in pfdhcp
• Fixed winbindd respawning extremely fast when failing to start
• Fixed winbindd processes not being killed on latest version of Samba
• Allow disabling processing of IPv6 packets in the pfdhcplistener
• fixed untainted variable (#3920)
• fixed on-registration scanning (#3963)
• Set the realm in the RADIUS request when doing machine authentication
• Keep connections to the unified API alive
• Fixed the documentation and the form for the Juniper SRX firewall