Hi, On 17/09/11 10:45 PM, ???? wrote: > Hi:all > > I have a question. > My net have some users of static ip's address and some users of dynamic > ip's address. > I want use packetfence in my net for access control. > > Question 1: > Packetfence support static ip's address? > If support, how to config it?
It's a hard problem to track, which, arguably, can't be done in VLAN mode and that we haven't yet fully investigated for inline mode (focused more on actually releasing). > > Question 2: > My client what user's pc have a soft for check user's pc config. > If check ok ,that user can join in my net. > If check erro, that user can't join in my net. > How to config packetfence? We are experimenting with statement of health (SoH) right now but it's not production ready yet. You can look at nessus integration (see documentation) and/or consider integration with a commercial agent (contact us if you want details). Unfortunately no free / open source agent solution exists at this point. I favor doing IDS instead of running client-side software because it's harder to tamper with the server than to tamper with the client. I would recommend that you take that approach instead of the agent approach. For example, you don't want to allow MSN / skype. Instead of having an agent do that, why not enabling the proper snort rules instead? Have a nice day! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA Learn about the latest advances in developing for the BlackBerry® mobile platform with sessions, labs & more. See new tools and technologies. Register for BlackBerry® DevCon today! http://p.sf.net/sfu/rim-devcon-copy1 _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
