Hello Jorge, Yes, you can.
If PF management interface is not in the same layer 2 as the switch management interface, it does not matter. You can have it routed, as long the ports UDP 1812, 1813 and 3799 are accessible from the switch to PF you are ok. You can add another interface than the management that you put into a VLAN that as access to the switch either via Layer2 or Layer3. You can identify that interface as Other and add a radius daemon in PF interface config. PF does not need to have an interface in each network that the client interact with. It just need to know the VLAN ID in the de Switch configuration. Thanks, Ludovic Zammit Product Support Engineer Principal Lead Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Jan 5, 2023, at 5:52 AM, Jorge Martínez Carvajal via PacketFence-users > <packetfence-users@lists.sourceforge.net> wrote: > > Hi Community, > > First of all, sorry for my english, it is not my first language. > > I'm planning to deploy a packetfence for the NAC system of the network that > i'm developing for a factory. > > I have 2 building blocks planned, each building block has his own management > VLAN for the Cisco Switches, additionally my PF server will be in my DMZ zone > with a different management vlan. > > I want to know if I reach the radius service of PF from the switch in a > different VLAN which is not present in the DMZ zone, > > as i have can read in the documentation, the Switch and the PF should be in > the same VLAN for registration process: > > Extracted from documentation: > > 5.1. Going Through the Configurator > . > . > . > . Step 1 - Configure Network - make sure you define only one interface with > the "Management" type. That network interface will be the one to which the > Cisco 2960 access switch will talk to. The management interface of > PacketFence and the Cisco 2960 should normally be in the same network. > > I want to isolate each management VLAN and only the legitime communications > between management vlans will be allowed. > > Currently I have a test environment eve-ng based, and I have no communication > with the IP of the PF (192.168.8.233 - eth0 management) from the CIsco > switch (VLAN 20 (MGM) - 10.100.192.1). > > Others online services in the same network (192.168.8.0/22) are reach from > the Cisco switch without problem. > > So to resumen, I want to know if I can have multiple and differentes VLANs > for each building blocks that can connect and work with PF. > > Is there any way to integrate PF with this topology? > > Thank you in advance. > > BR. > > > Jorge Martínez Carvajal > IT Network Administrator | IT > jorge.marti...@kimitec.com > https://urldefense.com/v3/__http://www.kimitec.com__;!!GjvTz_vk!Rzq3RJSt7D0j_nRCZCZvJbdt6LQzFmMvSPF5y8_UhLf6zkwOMhVYDVNN_NNzDywctBreZyu11vXqIbiuL7UAWBLJnnCdP2Sh_XRILA$ > > > Por favor no acepten nunca una modificación de nuestra cuenta bancaria > notificada por e-mail o fax. Les informamos que ante cualquier cambio > previamente contactaremos con ustedes personalmente, y con posterioridad se > lo confirmaremos por escrito. Este mensaje y sus adjuntos contienen > información confidencial y reservada dirigida exclusivamente a su > destinatario. Si ha recibido este mensaje por error, se ruega lo notifique > inmediatamente por esta misma vía y borre el mensaje de su sistema. Nótese > que el correo electrónico vía Internet no permite asegurar ni la > confidencialidad de los mensajes que se transmiten ni la correcta recepción > de los mismos. En cumplimiento de la normativa vigente en materia de > Protección de Datos de Carácter Personal, le informamos que los datos > derivados de su correspondencia serán tratados por AGROINDUSTRIAL KIMITEC, > S.L. , KIMITEC BIOGROUP, S.L , AGROCODE BIOSCENCE, S.L. con la finalidad de > gestionar las comunicaciones que pudiera mantener con el personal de la > entidad. Los datos personales proporcionados se conservarán, mientras no se > solicite su supresión por el interesado o se mantenga la relación con esta > empresa. La legitimación para el tratamiento de datos se basa en la relación > que mantiene con esta empresa. Para darse de baja o ejercer sus derechos de > acceso, rectificación, supresión, limitación de tratamiento, oposición, > portabilidad, derecho a no ser objeto de decisiones individuales > automatizadas, así como la revocación del consentimiento prestado, puede > realizarlo dirigiéndose por escrito a la dirección Paraje Cerro de Los Lobos > S/N - 04738 Vícar (ALMERIA).. O por mail a l...@kimitec.es Please do not > approve any modifications of our bank accounts received via e-mail. We will > contact you by phone prior to any changes, and we will validate this by > e-mail.This message and its attachments contain confidential and restricted > information directed exclusively to its recipient. If you have received this > message by mistake, please notify us immediately to track and delete the > message from your system. Please note that the e-mail via the Internet does > not guarantee the confidentiality of the messages that are sent or the > correct reception of them. In compliance with the regulations in force > regarding the protection of personal data, we inform you that the data > derived from your correspondence will be processed by AGROINDUSTRIAL KIMITEC, > S.L. KIMITEC BIOGROUP, S.L, AGROCODE BIOSCENCE, S.L. in order to manage the > communications you may maintain with the staff of the entity. The personal > data provided will be retained, until the deletion is requested by the person > concerned or if the relationship with this company is maintained. > Legitimation for data processing is based on the relationship maintained with > this company. To unsubscribe or exercise your rights of access, > rectification, suppression, limitation of treatment, opposition, portability, > the right not to be the subject of automated individual decisions, as well as > the revocation of the consent given, you can contact us in writing at the > address Paraje Cerro de Los Lobos S/N - 04738 Vícar (ALMERIA).. Or by mail > l...@kimitec.es > > > [Logo kimitecgroup] > > Jorge Martínez Carvajal > > IT Network Administrator | IT > > jorge.marti...@kimitec.com<mailto:jorge.marti...@kimitec.com> > > > > https://urldefense.com/v3/__http://www.kimitec.com__;!!GjvTz_vk!Rzq3RJSt7D0j_nRCZCZvJbdt6LQzFmMvSPF5y8_UhLf6zkwOMhVYDVNN_NNzDywctBreZyu11vXqIbiuL7UAWBLJnnCdP2Sh_XRILA$ > > > Por favor no acepten nunca una modificación de nuestra cuenta bancaria > notificada por e-mail o fax. Les informamos que ante cualquier cambio > previamente contactaremos con ustedes personalmente, y con posterioridad se > lo confirmaremos por escrito. Este mensaje y sus adjuntos contienen > información confidencial y reservada dirigida exclusivamente a su > destinatario. Si ha recibido este mensaje por error, se ruega lo notifique > inmediatamente por esta misma vía y borre el mensaje de su sistema. Nótese > que el correo electrónico vía Internet no permite asegurar ni la > confidencialidad de los mensajes que se transmiten ni la correcta recepción > de los mismos. En cumplimiento de la normativa vigente en materia de > Protección de Datos de Carácter Personal, le informamos que los datos > derivados de su correspondencia serán tratados por AGROINDUSTRIAL KIMITEC, > S.L. , KIMITEC BIOGROUP, S.L , AGROCODE BIOSCENCE, S.L. con la finalidad de > gestionar las comunicaciones que pudiera mantener con el personal de la > entidad. Los datos personales proporcionados se conservarán, mientras no se > solicite su supresión por el interesado o se mantenga la relación con esta > empresa. La legitimación para el tratamiento de datos se basa en la relación > que mantiene con esta empresa. Para darse de baja o ejercer sus derechos de > acceso, rectificación, supresión, limitación de tratamiento, oposición, > portabilidad, derecho a no ser objeto de decisiones individuales > automatizadas, así como la revocación del consentimiento prestado, puede > realizarlo dirigiéndose por escrito a la dirección Paraje Cerro de Los Lobos > S/N - 04738 Vícar (ALMERIA).. O por mail a l...@kimitec.es > Please do not approve any modifications of our bank accounts received via > e-mail. We will contact you by phone prior to any changes, and we will > validate this by e-mail.This message and its attachments contain confidential > and restricted information directed exclusively to its recipient. If you have > received this message by mistake, please notify us immediately to track and > delete the message from your system. Please note that the e-mail via the > Internet does not guarantee the confidentiality of the messages that are sent > or the correct reception of them. In compliance with the regulations in force > regarding the protection of personal data, we inform you that the data > derived from your correspondence will be processed by AGROINDUSTRIAL KIMITEC, > S.L. KIMITEC BIOGROUP, S.L, AGROCODE BIOSCENCE, S.L. in order to manage the > communications you may maintain with the staff of the entity. The personal > data provided will be retained, until the deletion is requested by the person > concerned or if the relationship with this company is maintained. > Legitimation for data processing is based on the relationship maintained with > this company. To unsubscribe or exercise your rights of access, > rectification, suppression, limitation of treatment, opposition, portability, > the right not to be the subject of automated individual decisions, as well as > the revocation of the consent given, you can contact us in writing at the > address Paraje Cerro de Los Lobos S/N - 04738 Vícar (ALMERIA).. Or by mail > l...@kimitec.es > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!Rzq3RJSt7D0j_nRCZCZvJbdt6LQzFmMvSPF5y8_UhLf6zkwOMhVYDVNN_NNzDywctBreZyu11vXqIbiuL7UAWBLJnnCdP2QIsI9pXw$ >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
