Francois,
I tested with 2 users on Xp client (flat file) and tested on packetfence
these commands:
#tail -f /usr/local/pf/logs/packetefence.log ( just got IP requests )
#tcpdump -i eth0 port 162
Did not receive any traps. On the switch side I put >debug snmp packets,
and before these modifications I was getting at least messages (send /
response)
On the interface web no modifications too, the same happens before
modifications.
My running-config is bellow:
-----
Building configuration...
Current configuration : 2888 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log datetime
no service password-encryption
service sequence-numbers
!
hostname fence0
!
aaa new-model
aaa group server radius packetfence
server 192.168.50.120 auth-port 1812 acct-port 1813
!
aaa authentication login default local
aaa authentication dot1x default group packetfence
aaa authorization network default group packetfence
!
username admin privilege 15 password 0 fence0
ip subnet-zero
!
no ip domain-lookup
ip ssh time-out 120
ip ssh authentication-retries 3
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
dot1x system-auth-control
!
!
!
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
switchport mode access
switchport protected
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0000.39b5.f8d9
snmp trap mac-notification added
dot1x port-control auto
dot1x guest-vlan 5
dot1x reauthentication
dot1x auth-fail vlan 3
spanning-tree portfast
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
ip address 192.168.50.111 255.255.255.0
ip helper-address 10.0.0.1
no ip route-cache
!
interface Vlan2
ip address 192.168.2.10 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan3
ip address 192.168.3.10 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan5
ip address 192.168.5.10 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan10
ip address 192.168.1.10 255.255.255.0
no ip route-cache
shutdown
!
ip default-gateway 192.168.50.1
ip http server
snmp-server engineID local 123400000000000000000000
snmp-server community public RO
snmp-server community private RW
snmp-server enable traps snmp authentication linkdown linkup
snmp-server enable traps port-security
snmp-server enable traps port-security trap-rate 1
snmp-server enable traps MAC-Notification
snmp-server host 192.168.50.120 public
radius-server host 192.168.50.120 auth-port 1812 acct-port 1813 timeout 2
key centos
radius-server retransmit 3
radius-server vsa send authentication
banner motd ^C
Bem Vindo ao Switch Cisco 2950
Somente pessoal autorizado, acesso restrito.
Para acesso registre seu dispositivo pelo sistema PacketFence.
^C
!
line con 0
line vty 5 15
!
!
end
------
Tks in advance,
Marlon
2011/10/13 Francois Gaudreault <[email protected]>
> **
> Now, are you receiving security traps?
>
>
> On 11-10-12 4:47 PM, Marlon Bastida wrote:
>
> Francois,
>
> I'm using PF 2.0.1 documentation, but based on that u said I did:
>
> - deleted some lines on the CLI switch
>
> no snmp-server enable traps snmp authentication linkdown linkup
> no snmp-server enable traps MAC-Notification
>
> Will modify to just include engineID 123400000000000000000000 on the 1st
> line, and following lines I will comment because SNMP v1, if I have to
> change with your help to a new SNMP version we can include again.
>
> SNMPEngineID=ARRAY(0X9ac3dcc)
>
> #SNMPPrivProtocoloRead=ARRAY(0x9acb670)
> #SNMPPrivProtocoloWrite=ARRAY(0x9ac3ed4)
>
> Have no idea why appeared to me these lines with ARRAY. I edited the
> files directly by vi editor and sometimes by web interface.
>
> Tks in advance,
> Marlon
>
> 2011/10/11 Francois Gaudreault <[email protected]>
>
>> Before helping you, couple of things,
>> > -----
>> > snmp-server engineID local 123400000000000000000000
>> > snmp-server community public RO
>> > snmp-server community private RW
>> > snmp-server enable traps snmp authentication linkdown linkup
>> > snmp-server enable traps port-security
>> > snmp-server enable traps port-security traprate 1
>> > snmp-server enable traps MAC-Notification
>> > snmp-server host 192.168.50.120 public
>> >
>> This is not what we say in our configuration guide, so go back and
>> carefully read the page 16 ( Cisco 2950 with port-security). MAC-Notif
>> and linkstatus traps SHOULD NOT be enabled if you use port-security.
>>
>> >
>> > [192.168.50.111]
>> > type=Cisco::Catalyst_2950
>> > mode=production
>> > vlans=2,3,4,5,10
>> > normalVlan=10
>> > SNMPVersionTrap=1
>> > SNMPCommunityTrap=public
>> > SNMPCommunityRead=public
>> > SNMPCommunityWrite=private
>> > SNMPEngineID=ARRAY(0X9ac3dcc)
>> > SNMPPrivProtocoloRead=ARRAY(0x9acb670)
>> > SNMPPrivProtocoloWrite=ARRAY(0x9ac3ed4)
>> > uplink= (let blank because I don't have a
>> > uplink, gateway)
>> > -----
>> What are those ARRAY thing in your switches.conf ????
>>
>> --
>> Francois Gaudreault, ing. jr
>> [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
>> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (
>> www.packetfence.org)
>>
>>
>>
>> ------------------------------------------------------------------------------
>> All the data continuously generated in your IT infrastructure contains a
>> definitive record of customers, application performance, security
>> threats, fraudulent activity and more. Splunk takes this data and makes
>> sense of it. Business sense. IT sense. Common sense.
>> http://p.sf.net/sfu/splunk-d2d-oct
>> _______________________________________________
>> Packetfence-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common
> sense.http://p.sf.net/sfu/splunk-d2d-oct
>
>
> _______________________________________________
> Packetfence-users mailing
> [email protected]https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
>
> --
> Francois Gaudreault, ing. [email protected] :: +1.514.447.4918
> (x130) :: www.inverse.ca
> Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
> (www.packetfence.org)
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
> _______________________________________________
> Packetfence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
