Hello,
I work for a college medium sized community college in Minnesota. We
have about 200 switches and 60 vlans. We are currently using freenac and
control about 4000 devices. Freenac has been working well for us but we
upgrading edge hardware from Cisco 3500XL to hp2610-48s. It seems that
freenac is not able to support the hp 2610s so we are looking at
alternatives.
Packetfence has come highly recommended and I have been playing with a
test deployment on Centos5.5 x86_64 with packetfence 1.9.1 in a VM. It
seems to have many of the features we need but I have encounter a few
hurtles and I want to find out if anyone has worked though these issues.
It seems from some of the user posts and documentation that there is a
limit on vlans of about 5. Is there a way to raise the limit up into the
60s.
I would like to defined 60 node categories (one per vlan) and assigned
nodes to the categories that reflexs the desired vlan (not really
conserned about user authentication yet).
Among others, my issue seems to be one of scaling. When I define the
vlans on our HP 2610s and try snpmwalk all seems well but when I try to
set and assign vlans it appears that packetfence is not happy with the
number of vlans that exist on the switch (only a guess) from the errors.
10.1.9.101
- sysUptime: 4 days, 01:09:28.97
- nb Vlans : 55
- Uplinks: 49, 50, 51, 52
connect_and_read.pl
Argument "" isn't numeric in numeric eq (==) at
/usr/local/pf/test/../lib/pf/SNMP.pm line 1838 (#1)
(W numeric) The indicated string was fed as an argument to an
operator that expected a numeric value instead. If you're fortunate the
message will identify which operator was so unfortunate.
Packetfence.log
Oct 22 09:23:25 pfsetvlan(3) WARN: new VLAN ARRAY(0x20878710) is not a
managed VLAN -> replacing VLAN ARRAY(0x20878710) with MAC detection VLAN
94 (pf::SNMP::setVlan)
The best I can tell it appears to overrun the defined array for vlans
and fall back to my macdetect vlan when I attempt to test the confg.
I am not strong in perl programming, but any feedback as to if this
configuration is possible, if anyone has had success with anything
similar. Buying commercial support is not out of the question but before
we invest I want to make sure it is even possible to do what we want.
Thank you for your assistance in this matter,
Bill Brown
RCTC Network Tech
------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
