Hi Richard, Richard Kroonen wrote: > Ok strange, > > Is it possible to do port-securty and link-up and down? So than it removes. > Is this possible in config, now i see in log that he doesnt do anything > with it.
Link up / link downs sends a lot of traps most of which is irrelevant (an OS will cause a send 2-3 of each when it boots) which is not ideal if your network is large. That's why we disable them. I don't know if a linkdown will close a locationlog entry someone would need to try it or look at the code. > > Or is mac-security and link-up en down than a better solution. For scalability port-security is the best. If scalability isn't a problem for you, consider the alternatives. I don't see why it is such a big deal not to be able to delete nodes in the web admin? As Regis told you, if you set the mac to Status = unreg, this will effectively put the node back into registration. The exact same effect as if you deleted it aside from the fact that the VLAN assignation is instantaneous instead of having to wait for the trap. If the PC is still connected that is. The quick fix would be a force delete which would close it's locationlog entry. To be used only if you are 100% sure that the PC is disconnected. But this is a hack. The real fix would be some housekeeping job that would check the switches and would close entries that are no longer relevant (link down). But this is way more complex and even have its problems: If an office shutdown all it's PCs at night they would need to go through the whole security-violation trap - mac authorization process every morning around roughly the same time causing unnecessary stress on the server and delays for authorization.. Is it me or is this too much trouble for the gain? Is it more clear? Someones has an alternative solution? Cheers! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
