Hi GG, Thanks for the reply.
On 19/02/12 11:28 PM, Guillaume Germain wrote: > I'm a bit unsure as to what you guys want to do... > > H-REAP and FlexConnect are actually the exact same feature... Cisco > just re-branded the H-REAP feature to FlexConnect, thats all... > > And yes, H-REAP does not support Dynamic VLAN Assignement... > > The solution right now is to tunnel all the traffic back to the > controller, and then the controllers do support dynamic VLAN > assignment... This goes back to his original problem: The controller is doing the requests to PacketFence so only it's IP is exposed and we assign back VLANs (admin, registration, isolation and normal) based on that IP. What Jake wants is more granularity be able to return a different admin, registration, ... VLAN based on what AP the user is connected in. With other vendors this can be done by putting AP in bridged-mode where they don't tunnel all back to the controller and expose their IP to the PacketFence system were you configure the appropriate VLANs. I also saw a compromise in the middle: AP-Groups with a default VLAN set. This way when we return an Access-Accept without a VLAN (we explicitly strip it with custom code) then the default VLAN per AP-Group is assigned. Unfortunately, this solves the problem for one VLAN only. You can't have 4 AP-Group defaults. I saw the thing working and I made the code but I never saw how it's configured in the GUI. If we could have 'named' fallback VLAN we could return VLANs as strings and have the controller map those strings to VLAN id per AP-Group. Do you think that's possible? > > Why do you need to use H-REAP? And if you're trying to do NAC on a > H-REAP setup, one of the ways that could be done is by using the new > functionality available since version 3 of PF (DHCP?)... > He wants granular VLAN control and this feature puts everyone (including registration) behind the same VLAN. I don't think it's going to cut it... Cheers! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2 _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
