Hi Lazuardi, On 14/01/11 1:35 PM, Lazuardi Nasution wrote: > Hi, > > I have read that ProCurve 2510 has limitation of one authenticated > client on port based authentication or two authenticated clients on > client based authentication (page 8-4, Access Security Guide). How can > PacketFence deal with that? I have many clients connected to single > port of Procurve 2510 via standard access point and wants to associate > clients to VLANs based on MAC or credentials. The acces points are not > VLAN capable. Below is the configuration. > > Procurve 2510 - Some Standard Access Points - Some Clients
I hate to say this but if your access points are not VLAN capable forget about it. You'll be able to put all the access point in the same VLAN but as soon as the state of one node changes the whole AP will be put in another VLAN. Ex: one iPod comes close to your AP and the whole AP will be put into registration VLAN. We _could_ make changes to PF to support such scenarios but it will affect the core, increase complexity and reduce security. The tradeoff isn't worth it when the fix is clear: get better hardware. For consumer APs, we have an initiative were we are trying to make PacketFence work with dd-wrt or open-wrt but it seems that their apparent VLAN support doesn't work really well. Any dd-wrt / open-wrt people please chip-in! Have a good one! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
