Hi Francois, This has confused me, I cannot see any reference to an unreg vlan in the switches.conf, nor the admin guide.
I do have a registration vlan and isolation vlan declared on the default switch, for some reason when I copied and pasted the switches.conf below it didn't put the top section, my bad. I have made the changes to the 127.0.0.1 switch as you recommended, and I have also edited the entry for the management interface in pf.conf so that it now looks like: [interface eth0.703] ip=10.1.3.10 mask=255.255.255.0 gateway=10.1.3.2 type=management,dhcplistener However this has made no difference. I still am put in the registration vlan each time the PC is booted, until I unplug and replug the network cable which then puts me in the production vlan. Violations are still being triggered each time the laptop is outside of it's enable network grace period, despite all violations being remediated. Cheers, Andi -----Original Message----- From: Francois Gaudreault [mailto:[email protected]] Sent: 07 February 2012 17:09 To: [email protected] Subject: Re: [Packetfence-users] Violations retriggering & vlans still not quite behaving correctly Hi Andi, Thanks for posting the configs. See below for the answers to your questions. > 721 is the production vlan (it will be many more, but that's the only one for > now). When I look in the node information in the admin web GUI the unreg > field is blank. You need to specify an unreg VLAN either in the default switch ([default]) or override the default settings in the switch section itself. If you don't set anyting in the switch section, it will use the default value. Another observation, DO NOT set any vlans on the 127.0.0.1 switch. Leave it default with : [127.0.0.1] type = PacketFence mode = production uplink = dynamic > > Regarding the routed networks, I'm still not totally clear on how I should > set the dhcp listeners. > > 10.1.3.10 is PF management interface > 10.1.4.10 is PF registration interface > 10.1.5.10 is PF isolation interface Send a copy of the production DHCP traffic to the management interface. IF you use routed REG or ISOL vlans, you can either direct the ip helpers for those VLANs to the management interface OR direct the traffic to the registration interface (for REG VLANs) or isolation interface (for ISOL VLANs). -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ________________________________ >From 1st November 2011 UWIC changed its title to Cardiff Metropolitan >University. From the 6th December, as part of this change, all email addresses >which included @uwic.ac.uk have changed to @cardiffmet.ac.uk. All emails sent >from Cardiff Metropolitan University will now be sent from the new >@cardiffmet.ac.uk address. Please could you ensure that all of your contact >records and databases are updated to reflect this change. Further information >can be found on the website >here.<http://www3.uwic.ac.uk/English/News/Pages/UWIC-Name-Change.aspx> ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
