Please ask the packetfence-users mailing list. This list is for PacketFence development related questions.
A hint though: 802.1x and SNMP are mutually exclusive. -- Louis Munro lmu...@inverse.ca :: www.inverse.ca +1.514.447.4918 x125 :: +1 (866) 353-6153 x125 Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) On Sep 19, 2015, at 10:21 , Kristaps Dambergs <kristaps.dambe...@gmail.com> wrote: > Hi, > > I am trying to implement PF ZEN using 801.1x + MAC. When i connect laptop to > port 3 (Registration VLAN) or any other port nothing shows up in > snmptrapd.log. I can't even ping switch from pf server. > Hoping for some help. > > Thanks > > PF Logs: > > [root@PacketFence-ZEN-5-3 ~]# tail -f /usr/local/pf/logs/packetfence.log > Sep 19 09:09:27 pfcmd.pl(1615) INFO: Daemon carbon-relay took 1.537 seconds > to start. (pf::services::manager::launchService) > Sep 19 09:09:27 pfcmd.pl(1615) INFO: Daemon collectd took 0.196 seconds to > start. (pf::services::manager::launchService) > Sep 19 09:09:27 pfcmd.pl(1615) INFO: pf::services::manager, > /usr/local/pf/lib/pf/services/manager.pm, 178 > (pf::services::manager::dhcpd::generateConfig) > Sep 19 09:09:27 pfcmd.pl(1615) INFO: Memory configuration is not valid > anymore for key interfaces::listen_ints in local cached_hash > (pfconfig::cached::is_valid) > Sep 19 09:09:27 pfcmd.pl(1615) WARN: requesting member ips for an undefined > interface... (pf::cluster::members_ips) > Sep 19 09:09:27 pfcmd.pl(1615) WARN: requesting member ips for an undefined > interface... (pf::cluster::members_ips) > Sep 19 09:09:27 pfcmd.pl(1615) WARN: requesting member ips for an undefined > interface... (pf::cluster::members_ips) > Sep 19 09:09:27 pfcmd.pl(1615) WARN: requesting member ips for an undefined > interface... (pf::cluster::members_ips) > Sep 19 09:09:27 pfcmd.pl(1615) INFO: Daemon dhcpd took 0.241 seconds to > start. (pf::services::manager::launchService) > Sep 19 09:10:07 pfcmd.pl(1615) INFO: Daemon httpd.aaa took 40.085 seconds to > start. (pf::services::manager::launchService) > Sep 19 09:11:22 pfcmd.pl(1615) INFO: Daemon httpd.graphite took 36.280 > seconds to start. (pf::services::manager::launchService) > > > [root@PacketFence-ZEN-5-3 ~]# tail -f /usr/local/pf/logs/snmptrapd.log > NET-SNMP version 5.5 > 2015-09-19 08:44:42 NET-SNMP version 5.5 Stopped. > Stopping snmptrapd > > NET-SNMP version 5.5 > 2015-09-19 09:05:12 NET-SNMP version 5.5 Stopped. > Stopping snmptrapd > > NET-SNMP version 5.5 > NET-SNMP version 5.5 > > [root@PacketFence-ZEN-5-3 ~]# tail -f /usr/local/pf/logs/snmptrapd.log > NET-SNMP version 5.5 > 2015-09-19 08:44:42 NET-SNMP version 5.5 Stopped. > Stopping snmptrapd > > NET-SNMP version 5.5 > 2015-09-19 09:05:12 NET-SNMP version 5.5 Stopped. > Stopping snmptrapd > > NET-SNMP version 5.5 > NET-SNMP version 5.5 > > > [root@PacketFence-ZEN-5-3 ~]# sudo vi /usr/local/pf/conf/switches.conf > RoleMap=Y > mode=testing > macSearchesMaxNb=30 > macSearchesSleepInterval=2 > uplink=dynamic > # > # Command Line Interface > # > # cliTransport could be: Telnet, SSH or Serial > cliTransport=Telnet > cliUser= > cliPwd= > cliEnablePwd= > # > # SNMP section > # > # PacketFence -> Switch > SNMPVersion=1 > SNMPCommunityRead=public > SNMPCommunityWrite=private > #SNMPEngineID = 0000000000000 > #SNMPUserNameRead = readUser > #SNMPAuthProtocolRead = MD5 > #SNMPAuthPasswordRead = authpwdread > #SNMPPrivProtocolRead = DES > #SNMPPrivPasswordRead = privpwdread > #SNMPUserNameWrite = writeUser > #SNMPAuthProtocolWrite = MD5 > #SNMPAuthPasswordWrite = authpwdwrite > #SNMPPrivProtocolWrite = DES > #SNMPPrivPasswordWrite = privpwdwrite > # Switch -> PacketFence > SNMPVersionTrap=1 > SNMPCommunityTrap=public > #SNMPAuthProtocolTrap = MD5 > #SNMPAuthPasswordTrap = authpwdread > #SNMPPrivProtocolTrap = DES > #SNMPPrivPasswordTrap = privpwdread > # > # Web Services Interface > # > # wsTransport could be: http or https > wsTransport=http > wsUser= > wsPwd= > # > # RADIUS NAS Client config > # > # RADIUS shared secret with switch > radiusSecret= > > [192.168.0.3] > mode=production > deauthMethod=RADIUS > AccessListMap=N > description=2610 > SNMPVersionTrap=1 > type=HP::Procurve_2600 > VoIPEnabled=N > radiusSecret="PASSWD" > uplink_dynamic=0 > uplink=23,24 > > > My procurve 2610 config: > > Running configuration: > > ; J9086A Configuration Editor; Created on release #R.11.60 > > hostname "ProCurveSwitch" > time timezone 180 > no telnet-server > interface 23 > name "pfserver" > exit > trunk 23 Trk1 Trunk > timesync sntp > vlan 1 > name "Default" > untagged 1-2,4-22,24-28,Trk1 > ip address 192.168.0.3 255.255.255.0 > no untagged 3 > exit > vlan 2 > name "Registration" > untagged 3 > ip address 192.168.2.1 255.255.255.0 > tagged Trk1 > exit > vlan 3 > name "Isolation" > ip address 192.168.3.1 255.255.255.0 > tagged Trk1 > exit > vlan 10 > name "Normal" > ip address 192.168.1.1 255.255.255.0 > tagged Trk1 > exit > radius-server host 192.168.0.10 key Parole321 > aaa server-group radius "packetfence" host 192.168.0.10 > aaa authentication port-access eap-radius server-group "packetfence" > aaa authentication mac-based chap-radius server-group "packetfence" > port-security 1 learn-mode port-access action send-alarm > port-security 2 learn-mode port-access action send-alarm > port-security 3 learn-mode port-access action send-alarm > port-security 4 learn-mode port-access action send-alarm > port-security 5 learn-mode port-access action send-alarm > port-security 6 learn-mode port-access action send-alarm > port-security 7 learn-mode port-access action send-alarm > port-security 8 learn-mode port-access action send-alarm > port-security 9 learn-mode port-access action send-alarm > port-security 10 learn-mode port-access action send-alarm > port-security 11 learn-mode port-access action send-alarm > port-security 12 learn-mode port-access action send-alarm > port-security 13 learn-mode port-access action send-alarm > port-security 14 learn-mode port-access action send-alarm > port-security 15 learn-mode port-access action send-alarm > port-security 16 learn-mode port-access action send-alarm > port-security 17 learn-mode port-access action send-alarm > port-security 18 learn-mode port-access action send-alarm > port-security 19 learn-mode port-access action send-alarm > port-security 20 learn-mode port-access action send-alarm > port-security 21 learn-mode port-access action send-alarm > port-security 22 learn-mode port-access action send-alarm > snmp-server host 192.168.0.10 community "public" informs trap-level Not-INFO > no snmp-server enable traps link-change 1-22 > sntp unicast > sntp server 129.6.15.30 > aaa port-access authenticator 1-22 > aaa port-access authenticator 1 client-limit 1 > aaa port-access authenticator 2 client-limit 1 > aaa port-access authenticator 3 client-limit 1 > aaa port-access authenticator 4 client-limit 1 > aaa port-access authenticator 5 client-limit 1 > aaa port-access authenticator 6 client-limit 1 > aaa port-access authenticator 7 client-limit 1 > aaa port-access authenticator 8 client-limit 1 > aaa port-access authenticator 9 client-limit 1 > aaa port-access authenticator 10 client-limit 1 > aaa port-access authenticator 11 client-limit 1 > aaa port-access authenticator 12 client-limit 1 > aaa port-access authenticator 13 client-limit 1 > aaa port-access authenticator 14 client-limit 1 > aaa port-access authenticator 15 client-limit 1 > aaa port-access authenticator 16 client-limit 1 > aaa port-access authenticator 17 client-limit 1 > aaa port-access authenticator 18 client-limit 1 > aaa port-access authenticator 19 client-limit 1 > aaa port-access authenticator 20 client-limit 1 > aaa port-access authenticator 21 client-limit 1 > aaa port-access authenticator 22 client-limit 1 > aaa port-access authenticator active > aaa port-access mac-based 1-22 > aaa port-access mac-based 1 addr-moves > aaa port-access mac-based 1 reauth-period 14400 > aaa port-access mac-based 2 addr-moves > aaa port-access mac-based 2 reauth-period 14400 > aaa port-access mac-based 3 addr-moves > aaa port-access mac-based 3 reauth-period 14400 > aaa port-access mac-based 4 addr-moves > aaa port-access mac-based 4 reauth-period 14400 > aaa port-access mac-based 5 addr-moves > aaa port-access mac-based 5 reauth-period 14400 > aaa port-access mac-based 6 addr-moves > aaa port-access mac-based 6 reauth-period 14400 > aaa port-access mac-based 7 addr-moves > aaa port-access mac-based 7 reauth-period 14400 > aaa port-access mac-based 8 addr-moves > aaa port-access mac-based 8 reauth-period 14400 > aaa port-access mac-based 9 addr-moves > aaa port-access mac-based 9 reauth-period 14400 > aaa port-access mac-based 10 addr-moves > aaa port-access mac-based 10 reauth-period 14400 > aaa port-access mac-based 11 addr-moves > aaa port-access mac-based 11 reauth-period 14400 > aaa port-access mac-based 12 addr-moves > aaa port-access mac-based 12 reauth-period 14400 > aaa port-access mac-based 13 addr-moves > aaa port-access mac-based 13 reauth-period 14400 > aaa port-access mac-based 14 addr-moves > aaa port-access mac-based 14 reauth-period 14400 > aaa port-access mac-based 15 addr-moves > aaa port-access mac-based 15 reauth-period 14400 > aaa port-access mac-based 16 addr-moves > aaa port-access mac-based 16 reauth-period 14400 > aaa port-access mac-based 17 addr-moves > aaa port-access mac-based 17 reauth-period 14400 > aaa port-access mac-based 18 addr-moves > aaa port-access mac-based 18 reauth-period 14400 > aaa port-access mac-based 19 addr-moves > aaa port-access mac-based 19 reauth-period 14400 > aaa port-access mac-based 20 addr-moves > aaa port-access mac-based 20 reauth-period 14400 > aaa port-access mac-based 21 addr-moves > aaa port-access mac-based 21 reauth-period 14400 > aaa port-access mac-based 22 addr-moves > aaa port-access mac-based 22 reauth-period 14400 > aaa port-access 1 controlled-direction in > aaa port-access 2 controlled-direction in > aaa port-access 3 controlled-direction in > aaa port-access 4 controlled-direction in > aaa port-access 5 controlled-direction in > aaa port-access 6 controlled-direction in > aaa port-access 7 controlled-direction in > aaa port-access 8 controlled-direction in > aaa port-access 9 controlled-direction in > aaa port-access 10 controlled-direction in > aaa port-access 11 controlled-direction in > aaa port-access 12 controlled-direction in > aaa port-access 13 controlled-direction in > aaa port-access 14 controlled-direction in > aaa port-access 15 controlled-direction in > aaa port-access 16 controlled-direction in > aaa port-access 17 controlled-direction in > aaa port-access 18 controlled-direction in > aaa port-access 19 controlled-direction in > aaa port-access 20 controlled-direction in > aaa port-access 21 controlled-direction in > aaa port-access 22 controlled-direction in > spanning-tree Trk1 priority 4 > ip ssh > password manager > password operator > ------------------------------------------------------------------------------ > _______________________________________________ > PacketFence-devel mailing list > PacketFence-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-devel
------------------------------------------------------------------------------
_______________________________________________ PacketFence-devel mailing list PacketFence-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-devel
