Hello Everyone on the list ,
This is my first post , So im trying to authenticate (allow) only the
mac-addresses i have registered in packetfence database i added then in
NODES
Im dont use dynamic vlan assigment so its static vlans , basicly i work with
class b adresses so i have 172.16 to 172.31 vlans and no guest vlan .
So i added a swich for testing in CONFIGURATION -> SWITCH , i have
configured the snmp comunity read key , and SNMP Trap Community key as well
. IP address 172.20.0.11
cisco 2960
....
.....
.....
#snmp-server enables traps
#snmp-server host 172.20.0.190 1np@net_ro
172.20.0.190 is my PacketFence address .
This is the output of tcpdump -i eth0 host 172.20.0.11 (switch)
10:34:10.510621 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(263) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65313768[|snmp]
10:34:20.161398 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(74) 17 172.20.0.11 enterpriseSpecific s=2 65314735
[|snmp]
10:34:21.163528 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(122) E:cisco.1.694 172.20.0.11 linkDown 65314835
[|snmp]
10:34:22.157971 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(201) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65314935
[|snmp]
10:34:29.455876 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(199) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65315664
[|snmp]
10:34:30.462501 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(122) E:cisco.1.694 172.20.0.11 linkUp 65315765
[|snmp]
10:34:57.473365 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(74) 17 172.20.0.11 enterpriseSpecific s=2 65318466
[|snmp]
10:35:10.534309 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(263) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65319772[|snmp]
10:36:10.562140 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(263) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65325775[|snmp]
10:37:10.598366 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(263) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65331779[|snmp]
10:37:25.802362 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(51) E:cisco.1.694 172.20.0.11
*authenticationFailure* 65333299 [|snmp]
10:37:26.808989 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(51) E:cisco.1.694 172.20.0.11 authenticationFailure
65333400 [|snmp]
10:37:27.803041 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(51) E:cisco.1.694 172.20.0.11 authenticationFailure
65333499 [|snmp]
10:37:28.801649 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(51) E:cisco.1.694 172.20.0.11 authenticationFailure
65333599 [|snmp]
10:37:29.807865 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(51) E:cisco.1.694 172.20.0.11 authenticationFailure
65333700 [|snmp]
10:37:30.806099 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(51) E:cisco.1.694 172.20.0.11 authenticationFailure
65333800 [|snmp]
10:38:10.626237 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(263) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65337782[|snmp]
10:38:55.066754 arp who-has 172.20.0.11 tell 172.20.0.99
10:39:10.666726 IP 172.20.0.11.51414 > 172.20.0.190.snmptrap:
C=1np@net_roTrap(263) E:cisco.9.41.2 172.20.0.11 enterpriseSpecific
s=1 65343785[|snmp]
This set of packets are coming when a plug the network cable , altough this
machine does not have the mac-address in packetfence database and still this
computer is allowed into the network .
I have search a lot in mailarchives and foruns , but i could not find
anything .
So i came to you guys . Can anyone help me ? Where im going wrong ?
Thanks for your help .
Paulo
------------------------------------------------------------------------------
AppSumo Presents a FREE Video for the SourceForge Community by Eric
Ries, the creator of the Lean Startup Methodology on "Lean Startup
Secrets Revealed." This video shows you how to validate your ideas,
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
