Hi Francois,
My IOS version is 12.2 (55) SE3. The point is that it was working properly
before, and it still changes the vlans in the nodes already connected to the
same interfaces that were working before, but doesn't do anything if i
connect them to other interfaces.
There is not any change in packetfence.log when i plug the device to a new
interface.
I think that problem started after i upgraded from 2.2.0 to 2.2.1.
Thanks,
Jose
2011/7/12 Francois Gaudreault <[email protected]>
> **
> Hi Jose,
>
> Connect_and_read is a buggy and unmaintained software. It is possible that
> you see errors, but the product should still work properly. You should
> manually ensure that the SNMP strings are properly setup. What is the IOS
> version of your 3560?
>
> Maybe you can have a look in packetfence.log and see if you can find some
> errors around the port-security trap handling.
>
>
> On 11-07-12 4:40 AM, Jose wrote:
>
> Hi Francois,
>
> Regarding to the point 1, packetfence is receiving the traps, but i just
> found out that i have several errors messages when i do a ./connect_and_read
> that can be the cause of the problem:
>
>
> [root@localhost addons]# ./connect_and_read.pl
> 192.168.1.100
> - sysUptime: 1 hour, 15:11.83
> - nb Vlans : 11
> - Uplinks: 22, 24
> Uncaught exception from user code:
> Command response matched device error string at
> /usr/local/pf/addons/../lib/pf/SNMP/Cisco.pm line 1106
> at /usr/lib/perl5/vendor_perl/5.8.8/Exception/Class/Base.pm line 87
>
> Exception::Class::Base::rethrow('Net::Appliance::Session::Exception=HASH(0x9dafa54)')
> called at /usr/lib/perl5/vendor_perl/5.8.8/Exception/Class/Base.pm line 78
>
> Exception::Class::Base::throw('Net::Appliance::Session::Exception=HASH(0x9dafa54)')
> called at /usr/lib/perl5/vendor_perl/5.8.8/Net/Appliance/Session.pm line 230
>
> Net::Appliance::Session::error('Net::Appliance::Session=GLOB(0x9a32c0c)',
> 'Command response matched device error string') called at
> /usr/lib/perl5/vendor_perl/5.8.8/Net/Appliance/Session.pm line 269
>
> Net::Appliance::Session::cmd('Net::Appliance::Session=GLOB(0x9a32c0c)',
> 'show mac-address-table | include ((Fa0/([123456789]|(1[012345...') called
> at /usr/local/pf/addons/../lib/pf/SNMP/Cisco.pm line 1106
>
> pf::SNMP::Cisco::getMacAddr('pf::SNMP::Cisco::Catalyst_3560=HASH(0x9a2ce80)',
> 'Fa0/9', 'Gi0/1', 'Fa0/20', 'Fa0/18', 'Fa0/19', 'Fa0/4', 'Fa0/15', 'Fa0/13',
> ...) called at /usr/local/pf/addons/../lib/pf/SNMP/Cisco.pm line 1143
>
> pf::SNMP::Cisco::getMacAddrVlan('pf::SNMP::Cisco::Catalyst_3560=HASH(0x9a2ce80)')
> called at ./connect_and_read.pl line 101
>
> I would appreciate if you can help me with it, thanks!
>
> 2011/7/8 Jose <[email protected]>
>
>> Hello,
>>
>> I am new to Packetfence and I've been testing it in a lab environment, but
>> now i have several problems and i hope you can help me with them.
>>
>> I'm running packetfence 2.2.1 in CentOS with a Cisco 3560 switch with
>> port-security.
>>
>> 1) I got PF running correctly some time ago but now it's only working in
>> the ports it already knows the MAC addresses of the connected devices, if i
>> connect these or new devices to a new switch port, the switch generates the
>> port-security traps, but PF does nothing and the new nodes doesn't appear on
>> the wed GUI. No entry in packetfence log neither.
>>
>>
>> 2)I edited custom.pm file in order to asign vlans that correspon exactly
>> with the name of the categories (that will be the vlan numbers), so i don't
>> need to edit the customs vlans in switches.conf neither write a lot of "ifs"
>> in the code, one for each category.
>> The new code is:
>>
>> my $correctVlan=1;
>>
>> if (ref($node_info) eq 'HASH' && defined($node_info->{'category'}) &&
>> lc($node_info->{'category'}) > 1) {
>>
>> $correctVlan = lc($node_info->{'category'});
>> }
>> return $correctVlan;
>>
>> Everything is working fine when i use a category name with numbers, but
>> when i try to change to "default" or "No category", an error messages appear
>> refering to the "if" line (i think it doesn't like letters). Even that, the
>> vlan changes and it works fine, but i would like to avoid this message
>> appearing.
>>
>> 3) I would also like to know if it's possible to delete a node in the web
>> GUI that it is not connected anymore.
>>
>> Thanks a lot for your help!
>>
>> José
>>
>>
>
> ------------------------------------------------------------------------------
> All of the data generated in your IT infrastructure is seriously valuable.
> Why? It contains a definitive record of application performance, security
> threats, fraudulent activity, and more. Splunk takes this data and makes
> sense of it. IT sense. And common sense.http://p.sf.net/sfu/splunk-d2d-c2
>
>
> _______________________________________________
> Packetfence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
> Francois Gaudreault, ing. [email protected] :: +1.514.447.4918
> (x130) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
> (www.packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> All of the data generated in your IT infrastructure is seriously valuable.
> Why? It contains a definitive record of application performance, security
> threats, fraudulent activity, and more. Splunk takes this data and makes
> sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-d2d-c2
> _______________________________________________
> Packetfence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
