[Packetfence-users] Cisco 2960 8 port and PF error

Tue, 21 Jun 2011 08:59:14 -0700 

Just to make the devs aware:

 

Running PacketFence 2.2.0 on CentOS 5.5

 

Switch is a Cisco 2960, specifically a WS-C2960-8TC-L running
c2960-lanbasek9-mz.122-55.SE1

 

The only problem I am having is that the port is authorized for a MAC
address attached to it, but not completely. The correct VLAN is
configured, but the MAC address is not put on the interface, but the
computer attached seems to be working.

 

The error in the packetfence log is:

 

Jun 21 10:36:40 pfsetvlan(3) INFO: MAC: 20:cf:30:17:6b:22, PID: 1,
Status: reg. Returned VLAN: 3 (pf::vlan::fetchVlanForNode)

Jun 21 10:36:40 pfsetvlan(3) INFO: authorizing 20:cf:30:17:6b:22 at new
location 10.9.0.27 ifIndex 10001 (main::handleTrap)

Jun 21 10:36:40 pfsetvlan(3) WARN: SNMP error tyring to add or remove
secure rows in port-security table. This could be normal. Error message:
Received inconsistentValue(12) error-status at error-index 1
(pf::SNMP::Cisco::Catalyst_2960::authorizeMAC)

 

The resulting config on the switch port is:

 

 

interface FastEthernet0/1

switchport access vlan 3

switchport mode access

switchport port-security maximum 1 vlan access

switchport port-security

switchport port-security violation restrict

spanning-tree portfast

 

The switchport port-security mac-address <mac address> vlan access
command is missing. When I do a "sh port-security interface
FastEthernet0/1" command, the port shows as up and not restricted, and
authorized for the correct mac address.

 

 

I mention all of this just to make you aware of the behavior.  I know
from earlier traffic on the list that this IOS version may be buggy, but
I was not sure if anyone knew exactly what it was doing.

 

Nick

 


------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to