Hi Jan, On 09/25/2012 05:31 AM, Jan Behrend wrote: > On 09/24/2012 03:39 PM, Olivier Bilodeau wrote: ... >> wait 5 seconds >> >> ... -setIfAdminStatus -ifAdminStatus 2 -switch ... -ifIndex ... > > ./pfcmd_vlan -setIfAdminStatus -ifAdminStatus 1 -ifIndex 22 -switch > 134.104.29.11 > > Sep 25 09:23:11 134.104.29.11 00435 ports: port 22 is Blocked by STP > Sep 25 09:23:13 134.104.29.11 00076 ports: port 22 is now on-line > > To get it online again I had to set the admin status to 1, though.
Yeah.. This was a copy / paste mistake.. 1 is the correct admin status for up. > >> For 802.1X, you need to do -deauthenticateDot1x -ifIndex <ifIndex> and >> not just -deauthenticate <mac>. >> >> This is mentionned in pfcmd_vlan's help: >> >> -deauthenticateDot1x de-authenticate a dot1x client (pass ifIndex for >> wired 802.1x and mac for wireless 802.1x) > > This was just meant as a test to see if the hardware was supported, not > as a functional test. Sorry for the misunderstanding. > > I configured all switch ports to the "mac registration" vlan and the > switch to send traps for link up and down events. When I plug a device > in Paketfence does not seem to able to decode the traps (See below). > After seeing a MAC address in the "mac detection" vlan, Packetfence > should move the switch port to the "registration" vlan, shouldn't it? > > Is this something I can configure or do I have to get a HP E2910al > module from you? In MAC-Auth or dot1x there are no SNMP Traps required. Also of all the trap-based mechanisms linkUp / linkDown is definitely the weakest and you should never deploy on anything with more than a handful of switches. -- Olivier Bilodeau obilod...@inverse.ca :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-devel mailing list PacketFence-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-devel
