Hi Philippe, > > But I use static IP for some VLAN(s). How to deal with this computer? > > The best solution I see, is to use 802.1x functionality for this nodes,
802.1X won't solve your static IP problem if you use PacketFence in the "normal" workflow (registration -> normal with optional quarantine vlans). In both port-security and 802.1X modes, whenever we need to show the captive portal to the users (registration / quarantine) we assign them a special VLAN where we send network configuration over DHCP. If the device is using a fixed IP (and fixed network configuration) its connection to the portal will not work. The best way to get around that is to use fixed DHCP addressing per host in your DHCP server just as Marc-André mentioned in his previous email. It's relatively easy to do. Basically you tell your server to give IP a.b.c.d whenever it gets a request from MAC address x. Now, let me give you an exemple of different requirements where you could keep your fixed IPs: - you auto-register (with 802.1X auth) or manually register all your nodes. They won't need to see the portal. - You don't want to use quarantine VLANs (and benefits of the captive portal for remediation) and prefer access to be completely disabled (aka blackholed) Then using port-security or 802.1X with your fixed IPs would work as there is no need for dynamic adjustments of the network. Let me know if something else is unclear. Have a nice day! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
