Okolie C. Cletus a écrit : > Thank you Regis for the prompt response. > 1. Yes my setup is (VLAN isolation mode with Registration and Detection > (snort)) and i have configured my VLAN IPs on eth0, eth0.2 and eth0.3. > So how do i get my snort and dhcp traffic configure Snort to listen on eth1 (no ip address on eth1) configure eth2 as dhcplistener in pf.conf (no ipaddr on eth2)
Then you have to: - send a copy of the internet traffic to eth1 (through a span or remote span). - send a copy of dhcp traffic to eth2 I cant tell you more about that because I dont know how to setup a span. Sorry and good luck with your setup. > > 2. Is it also possible to get my user prompted for a Re-login of the > Registration page each time. Currenlty once a user registers he is not > prompted again This is not the way PacketFence work by default, you have to change to code to make this work, sorry... Regards Regis Balzard [email protected] :: +1.514.447.4918 (x110) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) > > Thank you once again > > regards > Cletus > On Wed, Jul 21, 2010 at 5:19 PM, Regis Balzard <[email protected] > <mailto:[email protected]>> wrote: > > Okolie C. Cletus a écrit : > > Thanks Regis for that correction. I forget to ask him his setup > before > > responding. > my pleasure :) > > > > > Please I am also having some issues with my setup. I am doing Vlan > > Isolation with port Security. I have 3 NICs on my packetfence > server. My > > confusion is where do i plug the other two interfaces as I currently > > have only one card connected to the switch. Please any help will be > > highy appreciated. > if you setup all the VLAN IPs on eth0 (eth0.x,...) then you dont > need the 2 > other NICs. > we used them for example with Snort. We sent a copy of the internet > traffic on > eth1 so that Snort can see it. > The third NIC is sometimes used to send a copy of the DHCP traffic > to PF when > Snort is used. > > It all depends on your setup. > > Regis Balzard > [email protected] <mailto:[email protected]> :: > +1.514.447.4918 (x110) :: www.inverse.ca <http://www.inverse.ca> > Inverse inc. :: Leaders behind SOGo (www.sogo.nu > <http://www.sogo.nu>) and PacketFence > (www.packetfence.org <http://www.packetfence.org>) > > > > > regards > > Cletus > > > > On Wed, Jul 21, 2010 at 3:35 PM, Regis Balzard > <[email protected] <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: > > > > > > Richard Kroonen a écrit : > > > I removed the node and restarted packetfence but still the > error > > > > > > But how does packetfence now when i unoplug the pc, it doesn't > > send and > > > snmp trap becuase link must not be sent? > > you are right. > > > > Actually you can't delete a node that has been connected once. > > There is a control in PF that says you can't delete a node > that is > > plugged. > > > > Since PF does not get traps (it depends on your setup though: > this > > is right with > > port-security but wrong with linkup/linkdown) when you unplug a > > device, it > > thinks that almost all devices are still plugged. > > > > That's the reason why you can't delete a node through the web > GUI. > > > > Depending on what you want to do, you could: > > - either unregister the device so PF puts it back in > registration Vlan > > - or delete that node directly in MySQL. > > > > I hope this helps. > > > > Regards. > > > > -- > > Regis Balzard > > [email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>> :: > > +1.514.447.4918 (x110) :: www.inverse.ca > <http://www.inverse.ca> <http://www.inverse.ca> > > Inverse inc. :: Leaders behind SOGo (www.sogo.nu > <http://www.sogo.nu> > > <http://www.sogo.nu>) and PacketFence > > (www.packetfence.org <http://www.packetfence.org> > <http://www.packetfence.org>) > > > > > > > > regards Richard > > > > > > 2010/7/21 Okolie C. Cletus <[email protected] > <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>> > > > <mailto:[email protected] > <mailto:[email protected]> <mailto:[email protected] > <mailto:[email protected]>>>> > > > > > > Hi Richard, > > > You have to unplug the PC from that port then reload > packetfence. > > > You can now delete from the web interface. I dnt think you > > will get > > > that error again. > > > cheers > > > > > > > > > On Wed, Jul 21, 2010 at 12:45 PM, Richard Kroonen > > > <[email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>> > > <mailto:[email protected] <mailto:[email protected]> > <mailto:[email protected] <mailto:[email protected]>>>> wrote: > > > > > > It's on packetfence zen btw > > > > > > ---------- Forwarded message ---------- > > > From: *Richard Kroonen* <[email protected] > <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>> > > > <mailto:[email protected] > <mailto:[email protected]> <mailto:[email protected] > <mailto:[email protected]>>>> > > > Date: 2010/7/21 > > > Subject: remove node (on cisco) > > > To: [email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>> > > > <mailto:[email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>>> > > > > > > > > > Hi, > > > > > > In the web interface I'm trying to remove a node. I do > > > registration on port-security on a 3750 > > > > > > When i"m trying to remove it i get an error > > > > > > > > > Error: Problems executing 'PFCMD node delete > > 00:17:08:3e:85:76' > > > Cannot delete this node since there are some > records in > > > locationlog table indicating that this node might > still be > > > connected and active on the network (pfcmd line > 1950.) at > > > /usr/lib/perl5/site_perl/5.8.8/Log/Log4perl/Logger.pm > > line 896 > > > at /usr/local/pf/bin/pfcmd line 1948 > > main::command_param('node') > > > called at /usr/local/pf/bin/pfcmd line 173 > main::__ANON__() > > > called at /usr/local/pf/bin/pfcmd line 203 > > > > > > I already removed the pc on the port. > > > > > > Packetfence says its still connected, so must i > send laso > > link > > > changes to packetfence?? > > > > > > > > > > > > regards Richard > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > This SF.net email is sponsored by Sprint > > > What will you do first with EVO, the first 4G phone? > > > Visit sprint.com/first <http://sprint.com/first> > <http://sprint.com/first> > > <http://sprint.com/first> -- > > > http://p.sf.net/sfu/sprint-com-first > > > _______________________________________________ > > > Packetfence-users mailing list > > > [email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>> > > > <mailto:[email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>>> > > > > > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > > This SF.net email is sponsored by Sprint > > > What will you do first with EVO, the first 4G phone? > > > Visit sprint.com/first <http://sprint.com/first> > <http://sprint.com/first> > > <http://sprint.com/first> -- > > > http://p.sf.net/sfu/sprint-com-first > > > _______________________________________________ > > > Packetfence-users mailing list > > > [email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>> > > > <mailto:[email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>>> > > > > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > > > > > ------------------------------------------------------------------------------ > > > This SF.net email is sponsored by Sprint > > > What will you do first with EVO, the first 4G phone? > > > Visit sprint.com/first <http://sprint.com/first> > <http://sprint.com/first> -- > > http://p.sf.net/sfu/sprint-com-first > > > > > > > > > > > > ------------------------------------------------------------------------ > > > > > > _______________________________________________ > > > Packetfence-users mailing list > > > [email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>> > > > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > > > ------------------------------------------------------------------------------ > > This SF.net email is sponsored by Sprint > > What will you do first with EVO, the first 4G phone? > > Visit sprint.com/first <http://sprint.com/first> > <http://sprint.com/first> -- > > http://p.sf.net/sfu/sprint-com-first > > _______________________________________________ > > Packetfence-users mailing list > > [email protected] > <mailto:[email protected]> > > <mailto:[email protected] > <mailto:[email protected]>> > > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > > > > > > ------------------------------------------------------------------------ > > > > > > ------------------------------------------------------------------------------ > > This SF.net email is sponsored by Sprint > > What will you do first with EVO, the first 4G phone? > > Visit sprint.com/first <http://sprint.com/first> -- > http://p.sf.net/sfu/sprint-com-first > > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Packetfence-users mailing list > > [email protected] > <mailto:[email protected]> > > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first <http://sprint.com/first> -- > http://p.sf.net/sfu/sprint-com-first > _______________________________________________ > Packetfence-users mailing list > [email protected] > <mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first > > > ------------------------------------------------------------------------ > > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
