I'm using ZEN VM, Ill have to send you error message tomorrow, but its failure on the boot up. When it starts to light up eth0
Thanks Bob Bob Soderlund Network Engineer, MCP, MCSE [email protected] Person County Government Information Technology 329 S. Morgan St. Roxboro NC, 27573 Office 336-597-7810 Fax 336-597-7455 -----Original Message----- From: Mark Holmes [mailto:[email protected]] Sent: Wednesday, December 07, 2011 6:45 PM To: [email protected] Subject: Re: [Packetfence-users] 32 Internal Normal VLan Hi Bob, Are you using ZEN (the Zero Effort NAC) pre-built VM? Or your own What is the exact error you get with eth0? What does running this command:- cat /etc/sysconfig/network-scripts/ifcfg-eth0 show you? Regards, Mark VLAN 1 is my management VLAN, I was hoping to get access to PF on VLAN 1 and then build out from there. Yes, that will be fine. So you'll want to have eth0 on vlan 1 and set it as management in PF. On 7 Dec 2011, at 23:03, "Bob L. Soderlund" <[email protected]<mailto:[email protected]>> wrote: Mark, Thank you! I really appreciate your help. First I have to get to the interface. When I Mount my VM and watch it boot, I get a Failure when determining Eth0 IP config. I'm using a trunk to feed the PF VM. Admittedly I'm not a Linux or Perl pro, but I feel the benefits of this are well worth the learning curve. Currently I'm using some of the VLAN ID's already, so Ill have to transpose those first. VLAN 1 is my management VLAN, I was hoping to get access to PF on VLAN 1 and then build out from there. Bob Soderlund Network Engineer, MCP, MCSE [email protected]<mailto:[email protected]> Person County Government Information Technology 329 S. Morgan St. Roxboro NC, 27573 Office 336-597-7810 Fax 336-597-7455 -----Original Message----- From: Mark Holmes [mailto:[email protected]] Sent: Wednesday, December 07, 2011 4:44 PM To: [email protected]<mailto:[email protected] ourceforge.net> Subject: Re: [Packetfence-users] 32 Internal Normal VLan Bob, Have a look in, /usr/local/pf/lib/pf/vlan/custom.pm around line 63: you have to change the code slightly to have PF to pass the 'Bypass' VLAN attribute. I # # custom example: enforce a node's bypass VLAN # If node record has a bypass_vlan prefer it over normalVlan # Note: It might be made the default behavior one day if (defined($node_info->{'bypass_vlan'}) && $node_info->{'bypass_vlan'} ne '') { return $node_info->{'bypass_vlan'}; } # I You will see in the code you can also assign devices to VLANS via other methods than using the Bypass attribute - eg by category - which would probably work better for you as you have quite a few VLANS in your setup. In my network I have a 'trusted' VLAN (vlan 1) and 'untrusted' (vlan 3) (set as the 'normal' VLAN in PF). When someone completes registered they get put in VLAN 3, we can then put them in VLAN 1 using the bypass VLAN attribute I described. My PF box has interfaces in the Trusted (VLAN1) set as management,dhcplistener,monitor,internal in PF , Untrusted(3) set as dhcplistener,internal,monitor in PF, Registration (50) set as registration in PF, and finally Isolation(60). You could use less interfaces by configuring 8021Q on them I think although as your running a VM (as am I) you probably won't mind having 4 NICS. I believe the PF box needs to be able to see DHCP traffic on all your VLANS -. In my method I set a dhcplistener on the two interfaces but as you have 32 that won't be practical (you won't want 32 interfaces!) see the admin guide (page 26)section on dhcp listeners, you'll want to use ip-helpers I would think. HTH, give me a shout if you need more help. Mark -----Original Message----- From: Bob L. Soderlund [mailto:[email protected]] Sent: 07 December 2011 18:27 To: [email protected]<mailto:[email protected] ourceforge.net> Subject: [Packetfence-users] 32 Internal Normal VLan Hey everyone, Newbie here. I have a large network with 32 vlans, Each VLAN is its own subnet, and DNS and DHCP are all handled by our Sonic wall NSA. I would like to use Packet Fence for NAC. The documentation refers to several vlans, manage, Registration, Isolation, Mac Detection, Guest, and Normal. I already have a management VLAN, and have no problem creating the other 4. My question is the 'Normal" vlan. I would have 32 of these correct? I sure someone has done this, and is documented it here. I just need someone to point me in right direction. I'm using the Newest Version of PF in a VM. I have 3Comm 5500 switches. Thanks for your help. Bob Soderlund Network Engineer, MCP, MCSE [email protected]<mailto:[email protected]> <blocked::mailto:[email protected]> Person County Government Description: PCITInformation Technology 329 S. Morgan St. Roxboro NC, 27573 Office 336-597-7810 Fax 336-597-7455 Nuffield College is a Registered Charity No. 1137506. Registered Office: Nuffield College, New Road, Oxford, OX1 1NF ------------------------------------------------------------------------ ------ Cloud Services Checklist: Pricing and Packaging Optimization This white paper is intended to serve as a reference, checklist and point of discussion for anyone considering optimizing the pricing and packaging model of a cloud services business. Read Now! http://www.accelacomm.com/jaw/sfnl/114/51491232/ _______________________________________________ Packetfence-users mailing list [email protected]<mailto:[email protected] ourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------ ------ Cloud Services Checklist: Pricing and Packaging Optimization This white paper is intended to serve as a reference, checklist and point of discussion for anyone considering optimizing the pricing and packaging model of a cloud services business. Read Now! http://www.accelacomm.com/jaw/sfnl/114/51491232/ _______________________________________________ Packetfence-users mailing list [email protected]<mailto:[email protected] ourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users ________________________________ Nuffield College is a Registered Charity No. 1137506. Registered Office: Nuffield College, New Road, Oxford, OX1 1NF ------------------------------------------------------------------------ ------ Cloud Services Checklist: Pricing and Packaging Optimization This white paper is intended to serve as a reference, checklist and point of discussion for anyone considering optimizing the pricing and packaging model of a cloud services business. Read Now! http://www.accelacomm.com/jaw/sfnl/114/51491232/ _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Cloud Services Checklist: Pricing and Packaging Optimization This white paper is intended to serve as a reference, checklist and point of discussion for anyone considering optimizing the pricing and packaging model of a cloud services business. Read Now! http://www.accelacomm.com/jaw/sfnl/114/51491232/ _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
