The Inverse team is pleased to announce the immediate availability of PacketFence 12.1 - a major release bringing tons of improvements!
Single-Sign-On for the admin interface
The PacketFence admin interface now has support for Single-Sign-On (SSO) using SAML, OAuth2 as well as supporting MFA using TOTP and Akamai MFA.
Fingerbank in the PacketFence Connector
The PacketFence Connector now supports running the Fingerbank Collector to perform device profiling using all the traffic a PacketFence connector sees.
Unbound dynamic PSK support for OpenWiFi
The OpenWiFi integration now supports dynamic unbound PSK which allows individual users to authenticate against PacketFence with their personal WPA2 key.
Here’s the complete list of changes included in this release:
Added unbound dynamic PSK support to the OpenWiFi module
Added Single-Sign-On capability for the admin interface login (SAML/OAuth/MFA/etc)
Improved PacketFence forwarder integration to mirror DNS packets from a Windows DNS server
Support for the Fingerbank Collector on the PacketFence Connector
More flexibility in the definition of the RADIUS servers in an Eduroam source
Allow to import only DB or configuration during import
Debian package for PacketFence Connector
Removed the savedsearch table.
Removed jQuery dependency in captive portal.
Present the dynamic PSK on the status page when appropriate
Manage pfconfig.conf through upgrade scripts instead of packaging
Improve WebAuth support on Extreme controllers
Allow users to upload files from the admin instead of uploading them manually via SCP/SSH
Added new radius attribute vpn detection for fortigate
Fixed valid_mac that identify some ip address as mac
Support for hardware token like yubikey for Akamai MFA
Added sms/phone call as default method in configuration
Fixed issue with pfconnector where it would reuse a dynamic reverse that isn’t active anymore (Pfconnector server active dyn reverse cache checks can fail #7218)
Fixed RADIUS deauth through pfconnector-remote in a cluster where it was logging as failed although it succeeded
When a rule match is ‘any’ and has no conditions the rule is always successful (#3768)
Fix issue with database upgrade (#7283)
Fix issue Sponsor registration: notes field can’t be used on captive portal #6385
Better error handling when performing a deauth on the previous switch. (captive portal redirect page return Caught exception in captiveportal::Controller::Root->dynamic_application “Can’t use string (“0”) as a HASH ref while “strict refs” in use at /usr/local/pf/lib/pf/enforcement.pm line 206 #6985)
Fixes possible Clickjacking for netdata reverse proxy (#7338)
Don’t resync config files unnecessarily during restarts (Cluster resync on restart - pf12.1 #7360)