[Chilli] CoovaChiili Permit Server IP

Luis Ferreira lferreira at cabocom.cv
Fri May 31 16:05:19 UTC 2013


 

“

1th         - If it does not work, try to identify the problem. First see if
you can ping the client from within Chillibox.

No, i cannot ping IP Camera from Chilli Box 41.139.29.251

But if i assigne same IP to a laptop can be ping, strange) Even if laptop
did not authenticate yet, chilli bix can ping it. 

2nd        - run the command “/usr/local/sbin/chilli_query -s
/usr/local/var/run/chilli.vlanxx.sock list” and see if it return the online
users like this:

“

 

That one is easy. You configure Chilli to use VLAN ID 888, but the camera
does not have VLAN Tagging active. That means that even if the IP
configuration is ok, they cannot communicate between them, as that chilli
instance will ignore traffic not tagged as VLAN ID 888 aka chilli will not
see the camera.

You already confirmed that with the laptop, that if you ping the camera, it
will reply. (you enable VLAN tagging on the LAN card of the laptop).

 

Your communication problem is because of VLAN tagging.

 

Regards,

Luis Ferreira

 

 

De: Russell Mike [mailto:radius.sir at gmail.com] 
Enviada: sexta-feira, 31 de Maio de 2013 11:45
Para: Luís Ferreira
Assunto: Re: [Chilli] CoovaChiili Permit Server IP

 

Dear Luis Ferreira,

 

Thanks for your help again, you have helped me number of times in past. i am
grateful for that. I did add some answers under your comments. 

 

On Thu, May 30, 2013 at 5:20 PM, Luis Ferreira <lferreira at cabocom.cv> wrote:

Hi Russell,

 

You should put the IP of the client.

 

For instance, I’ve got a client that ISC-DHCP always gives the same address
(192.168.10.250) on the VLAN ID 10.

 

The Device i need to reach from our data center at customer permises is
Camera have static IP VLAN888

 

So what we have to do is a script running on the chillibox that runs the
command if the user is not online. Your mistake is running the command
outside the chillibox.

 

I did run the script on CoovaChilli Box  

 

The script for you, should be this:

 


#!/bin/bash

usercheck=$(/usr/local/sbin/chilli_query -s
/usr/local/var/run/chilli.vlanxx.sock list |grep -c "1 prabhpal ")

if [ $usercheck = '0' ];
then
      /usr/local/sbin/chilli_query -s  /var/run/chilli.vlan888.sock login ip
41.139.29.251 username prabhal password rootantipass
fi

 

1th         - If it does not work, try to identify the problem. First see if
you can ping the client from within Chillibox.

No, i cannot ping IP Camera from Chilli Box 41.139.29.251

But if i assigne same IP to a laptop can be ping, strange) Even if laptop
did not authenticate yet, chilli bix can ping it. 

2nd        - run the command “/usr/local/sbin/chilli_query -s
/usr/local/var/run/chilli.vlanxx.sock list” and see if it return the online
users like this:


10.1.10.195 51a7872300000005 0 - 0/0 0/0 0/0 0/0 0 0 0/0 0/0
http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl

10.1.10.23 51a7864800000004 0 - 0/0 0/0 0/0 0/0 0 0 0/0 0/0 -

10.1.10.196 51a7863800000003 0 - 0/0 0/0 0/0 0/0 0 0 0/0 0/0 -

10.1.10.192 51a785810000000c 0 - 0/0 0/0 0/0 0/0 0 0 0/0 0/0
http://www.apple.com/library/test/success.html

10.1.10.142 51a7851700000013 0 - 0/0 0/0 0/0 0/0 0 0 0/0 0/0 http:///
<http://>                   

10.1.10.129 51a7841f00000009 0 - 0/0 0/0 0/0 0/0 0 0 0/0 0/0
http://www.msftncsi.com/ncsi.txt




 

3rd         - run then /usr/local/sbin/chilli_query -s
/usr/local/var/run/chilli.vlanxx.sock list |grep -c "1 <username>" and see
if the return is 0 or 1, depending if the user is online or not.

Regards,

Luis

You are right, it require some troubleshoot. i am really thanking you bottom
of my heart. God bless you.

Thanks for your tips, i will do and let you know, sir.  

 

Regards / RM

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.coova.org/pipermail/chilli/attachments/20130531/9330eef0/attachment.html>


More information about the Chilli mailing list