Hi Oliver, Can I use PF for bridging clients to different VLANs based on authenticated MAC? My AP is standard Linksys so it is not VLAN capable.
Do you know suitable switches for my case with non VLAN APs? Best regards, > Date: Wed, 02 Feb 2011 18:04:32 -0500 > From: Olivier Bilodeau <[email protected]> > Subject: Re: [Packetfence-users] ProCurve 2510 Limitation > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hi Lazuardi, > > On 14/01/11 1:35 PM, Lazuardi Nasution wrote: >> Hi, >> >> I have read that ProCurve 2510 has limitation of one authenticated >> client on port based authentication or two authenticated clients on >> client based authentication (page 8-4, Access Security Guide). How can >> PacketFence deal with that? I have many clients connected to single >> port of Procurve 2510 via standard access point and wants to associate >> clients to VLANs based on MAC or credentials. The acces points are not >> VLAN capable. Below is the configuration. >> >> Procurve 2510 - Some Standard Access Points - Some Clients > > I hate to say this but if your access points are not VLAN capable forget > about it. > > You'll be able to put all the access point in the same VLAN but as soon > as the state of one node changes the whole AP will be put in another > VLAN. Ex: one iPod comes close to your AP and the whole AP will be put > into registration VLAN. We _could_ make changes to PF to support such > scenarios but it will affect the core, increase complexity and reduce > security. The tradeoff isn't worth it when the fix is clear: get better > hardware. > > For consumer APs, we have an initiative were we are trying to make > PacketFence work with dd-wrt or open-wrt but it seems that their > apparent VLAN support doesn't work really well. Any dd-wrt / open-wrt > people please chip-in! > > Have a good one! ------------------------------------------------------------------------------ The modern datacenter depends on network connectivity to access resources and provide services. The best practices for maximizing a physical server's connectivity to a physical network are well understood - see how these rules translate into the virtual world? http://p.sf.net/sfu/oracle-sfdevnlfb _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
