Hello all!
Attempting to Auto-Register a series of devices based on VENDORMAC.
Unfortunately these autreg devices are placed into the registrationVlan
instead of the configured customVlan1 entered in violations.conf.
violations.conf entry
[1200003]
desc=Auto-registered Device
priority=1
trigger=OS::308,VENDORMAC::14704569
actions=log,autoreg,email
disable=N
vlan=customVlan1
switches.conf excerpt
[default]
vlans = 1,5,11,102
normalVlan = 11
registrationVlan = 102
isolationVlan = 102
macDetectionVlan = 102
guestVlan =
customVlan1 = 5
customVlan2 =
customVlan3 =
customVlan4 =
customVlan5 =
Apr 15 15:29:24 pfsetvlan(3) INFO: secureMacAddrViolation trap received
on [IP] ifIndex 34 for e0:5f:b9:81:e5:87 (main::handleTrap)
Apr 15 15:29:24 pfsetvlan(3) INFO: node e0:5f:b9:81:e5:87 does not yet
exist in PF database. Adding it now (main::node_update_PF)
Apr 15 15:29:24 pfsetvlan(3) INFO: calling '/usr/local/pf/bin/pfcmd
violation add vid=1200003,mac=e0:5f:b9:81:e5:87' (trigger
vendormac::14704569) (pf::vio
lation::violation_trigger)
Apr 15 15:29:24 pfcmd(0) INFO: pfcmd calling violation_add for
e0:5f:b9:81:e5:87 (main::command_param)
Apr 15 15:29:24 pfcmd(0) INFO: grace expired on violation 1200003 for
node e0:5f:b9:81:e5:87 (pf::violation::violation_add)
Apr 15 15:29:24 pfcmd(0) INFO: violation 1200003 added for
e0:5f:b9:81:e5:87 (pf::violation::violation_add)
Apr 15 15:29:24 pfcmd(0) INFO: executing action 'autoreg' on class
1200003 (pf::action::action_execute)
Apr 15 15:29:24 pfcmd(0) INFO: executing action 'email' on class 1200003
(pf::action::action_execute)
Apr 15 15:29:25 pfcmd(0) INFO: nothing to translate
(pf::pfcmd::report::translate_connection_type)
Apr 15 15:29:25 pfcmd(0) INFO: email regarding 'PF Alert:
Auto-registered Device detection on e0:5f:b9:81:e5:87' sent to
[email protected] (pf::util::pf
mailer)
Apr 15 15:29:25 pfcmd(0) INFO: executing action 'log' on class 1200003
(pf::action::action_execute)
Apr 15 15:29:25 pfcmd(0) WARN: unable to resolve e0:5f:b9:81:e5:87 to ip
(pf::iplog::mac2ip)
Apr 15 15:29:25 pfcmd(0) INFO: /usr/local/pf/logs/violation.log
2011-04-15 15:29:25: Auto-registered Device (1200003) detected on node
e0:5f:b9:81:e5:87 (0
) (pf::action::action_log)
Apr 15 15:29:25 pfcmd(0) INFO: this is a non-trap violation, closing
violation entry now (pf::action::action_execute)
Apr 15 15:29:25 pfcmd(0) INFO: violation 1200003 force-closed for
e0:5f:b9:81:e5:87 (pf::violation::violation_force_close)
Apr 15 15:29:25 pfcmd(0) INFO: VLAN isolation is enabled and
violation_add is part of adjustswitchportvlanreasons
(main::vlan_reevaluation)
Apr 15 15:29:25 pfcmd(0) WARN: Can't change VLAN for mac
e0:5f:b9:81:e5:87 because no open locationlog entry was found
(main::vlan_reevaluation)
Apr 15 15:29:25 pfsetvlan(3) WARN: unable to fetch first board index.
Will assume it's 1 (pf::SNMP::Nortel::getFirstBoardIndex)
Apr 15 15:29:25 pfsetvlan(3) WARN: unable to fetch first board index.
Will assume it's 1 (pf::SNMP::Nortel::getFirstBoardIndex)
*Apr 15 15:29:25 pfsetvlan(3) INFO: MAC: e0:5f:b9:81:e5:87, PID: 1,
Status: reg. Returned VLAN: 11 (pf::vlan::fetchVlanForNode)*
Is there something wrong with my configuration?
Appears that autoreg devices are automatically placed into
registrationVlan no matter what the violation vlan is configured to.
-Ron
------------------------------------------------------------------------------
Benefiting from Server Virtualization: Beyond Initial Workload
Consolidation -- Increasing the use of server virtualization is a top
priority.Virtualization can reduce costs, simplify management, and improve
application availability and disaster protection. Learn more about boosting
the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
