First of all, Thanks for your assistance with the registration question Olivier, I decided to just register them all with SQL scripts. I am now running in VLAN production mode on a small portion of my network.
These users are mainly IT and programmers. On the switch I have allowed 3 mac addresses with port security and 2 for the data vlan (1 for the VOIP phone). The requirement for the additional mac address is that they sometimes run a PDA emulator on the PC or a VM OS so the 2nd mac address for the data vlan is necessary I believe. The problem I seeing and may be inherent with port security is that if they are not running the PDA emulator or the VM and a separate device is plugged in the port doesn't through a violation to Packetfence. A violation only occurs when the max on that vlan is hit. Would moving to MAB or 802.1x correct this? I have never used these 2 security methods and so I have been hesitant to move that direction. Thanks in advance. Dan Nelson Nutraceutical Corporation 801-334-3702
------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
