Hi,
It looks more like an SNMP access problem from PF to your switch. Make
sure the settings on the switch are properly configured, and that the
SNMP informations in the switches.conf file is correct.
May 25 05:10:54 pfsetvlan(1) ERROR: error creating SNMP v1 write
connection to 172.30.2.79: No response from remote host '172.30.2.79'
(pf::SNMP::connectWrite)
On 11-05-25 9:33 AM, Palmer, David W. wrote:
Hello All,
So I think that I am getting close to having packetfence work. I am
now just experiencing an issue getting the switch to change the vlan
when a host is plugged into the switch. It looks like the switch is
talking to Packetfence on the isolation network address (10.28.5.0)
instead of the management interface (172.31.1.201 ). Here is my
configs / logs:
Switch: Procurve 2610
Normal Vlan 284, Registration Vlan 1010, Isolation
Vlan 1011
Switch Log:
--------------------------------------------------------------------------------------
---- Reverse event Log listing: Events Since Boot ----
W 01/01/90 00:02:25 snmp: SNMP Security access violation from 10.28.5.2
W 01/01/90 00:02:23 snmp: SNMP Security access violation from 10.28.5.2
W 01/01/90 00:02:20 snmp: SNMP Security access violation from 10.28.5.2
W 01/01/90 00:02:18 snmp: SNMP Security access violation from 10.28.5.2
W 01/01/90 00:02:08 FFI: port 5 - Security Violation
I 01/01/90 00:01:45 ports: port 5 is now on-line
I 01/01/90 00:01:40 ports: port 5 is now off-line
I 01/01/90 00:01:14 mgr: SME TELNET from 172.28.4.32 - MANAGER Mode
I 01/01/90 00:00:37 ip: SwitchMGT: network enabled on 172.30.2.79
I 01/01/90 00:00:36 vlan: Isolation virtual LAN enabled
I 01/01/90 00:00:36 vlan: Registration virtual LAN enabled
I 01/01/90 00:00:36 vlan: SwitchMGT virtual LAN enabled
I 01/01/90 00:00:36 vlan: DEFAULT_VLAN virtual LAN enabled
I 01/01/90 00:00:36 ports: port 48 is now on-line
W 01/01/90 00:00:36 FFI: port 5 - Security Violation
I 01/01/90 00:00:36 vlan: HubbardAdmin virtual LAN enabled
I 01/01/90 00:00:36 ports: port 5 is now on-line
I 01/01/90 00:00:33 lldp: LLDP - enabled
I 01/01/90 00:00:33 cdp: CDP enabled
I 01/01/90 00:00:33 system: System Booted.
I 01/01/90 00:00:33 tftp: Enable succeeded
I 01/01/90 00:00:33 stack: Stack Protocol enabled
I 01/01/90 00:00:33 udpf: DHCP relay agent feature enabled
--------------------------------------------------------------------------------
Packetfence.log
---------------------------------------------------------------------------------
May 25 05:09:44 pfsetvlan(21) INFO: ignoring unknown trap:
2011-05-25|09:09:40|UDP: [172.30.2.79]:161|172.30.2.79|BEGIN TYPE 0
END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS END
VARIABLEBINDING$
May 25 05:09:59 pfdhcplistener(6923) INFO: DHCPINFORM from
00:24:8c:dc:1f:71 (172.31.90.4) (main::listen_dhcp)
May 25 05:10:44 pfsetvlan(22) INFO: ignoring unknown trap:
2011-05-25|09:10:40|UDP: [172.30.2.79]:161|172.30.2.79|BEGIN TYPE 6
END TYPE BEGIN SUBTYPE .5 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.4.1.11.2.1$
May 25 05:10:46 pfsetvlan(1) INFO: nb of items in queue: 1; nb of
threads running: 0 (main::startTrapHandlers)
May 25 05:10:46 pfsetvlan(1) INFO: secureMacAddrViolation trap
received on 172.30.2.79 ifIndex 5 for 00:22:41:21:e7:49 (main::handleTrap)
May 25 05:10:46 pfsetvlan(1) INFO: Will try to check on this node's
previous switch if secured entry needs to be removed. Old Switch IP:
172.30.2.79 (main::do_port_security)
May 25 05:10:47 pfsetvlan(1) INFO: MAC not found on node's previous
switch secure table or switch inaccessible. (main::do_port_security)
May 25 05:10:50 pfsetvlan(1) INFO: MAC: 00:22:41:21:e7:49 is of status
unreg; belongs into registration VLAN (pf::vlan::getRegistrationVlan)
May 25 05:10:50 pfsetvlan(1) INFO: authorizing 00:22:41:21:e7:49 at
new location 172.30.2.79 ifIndex 5 (main::handleTrap)
May 25 05:10:52 pfsetvlan(24) INFO: ignoring unknown trap:
2011-05-25|09:10:50|UDP: [172.30.2.79]:161|172.30.2.79|BEGIN TYPE 6
END TYPE BEGIN SUBTYPE .2 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.2.1.16.9.1$
May 25 05:10:54 pfsetvlan(1) ERROR: error creating SNMP v1 write
connection to 172.30.2.79: No response from remote host '172.30.2.79'
(pf::SNMP::connectWrite)
May 25 05:10:54 pfsetvlan(25) INFO: ignoring unknown trap:
2011-05-25|09:10:52|UDP: [172.30.2.79]:161|172.30.2.79|BEGIN TYPE 6
END TYPE BEGIN SUBTYPE .2 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.2.1.16.9.1$
May 25 05:10:58 pfsetvlan(21) INFO: ignoring unknown trap:
2011-05-25|09:10:56|UDP: [172.30.2.79]:161|172.30.2.79|BEGIN TYPE 6
END TYPE BEGIN SUBTYPE .2 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.2.1.16.9.1$
May 25 05:11:00 pfsetvlan(1) ERROR: error creating SNMP v1 write
connection to 172.30.2.79: No response from remote host '172.30.2.79'
(pf::SNMP::connectWrite)
May 25 05:11:00 pfsetvlan(1) INFO: finished (main::cleanupAfterThread)
May 25 05:11:00 pfsetvlan(22) INFO: ignoring unknown trap:
2011-05-25|09:10:58|UDP: [172.30.2.79]:161|172.30.2.79|BEGIN TYPE 6
END TYPE BEGIN SUBTYPE .2 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.2.1.16.9.1$
----------------------------------------------------------------------------
Thanks,
David
------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery,
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now.
http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Francois Gaudreault, ing. jr
[email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery,
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now.
http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
