Hi Community, First of all, sorry for my english, it is not my first language.
I'm planning to deploy a packetfence for the NAC system of the network that i'm developing for a factory. I have 2 building blocks planned, each building block has his own management VLAN for the Cisco Switches, additionally my PF server will be in my DMZ zone with a different management vlan. I want to know if I reach the radius service of PF from the switch in a different VLAN which is not present in the DMZ zone, as i have can read in the documentation, the Switch and the PF should be in the same VLAN for registration process: Extracted from documentation: 5.1. Going Through the Configurator . . . • Step 1 - Configure Network - make sure you define only one interface with the "Management" type. That network interface will be the one to which the Cisco 2960 access switch will talk to. *The management interface of PacketFence and the Cisco 2960 should normally be in the same network. * I want to isolate each management VLAN and only the legitime communications between management vlans will be allowed. Currently I have a test environment eve-ng based, and I have no communication with the IP of the PF (192.168.8.233 - eth0 management) from the CIsco switch (VLAN 20 (MGM) - 10.100.192.1). Others online services in the same network (192.168.8.0/22) are reach from the Cisco switch without problem. So to resumen, I want to know if I can have multiple and differentes VLANs for each building blocks that can connect and work with PF. Is there any way to integrate PF with this topology? Thank you in advance. BR.
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
