Hi Francois,
The switch already has the latest version IOS on it which is 12.2(44)SE6. I
tried a different switch after your email (Cisco 3560) and this also has
the same problem. So I think it must something to do with my configuration
rather than the IOS vers?
The only other thing to mention is in the Configuration Checkup it has a:
'Warning - switches.conf Switch SNMP Trap version is missing for switch
192.168.1.101 Please provide one specific to the switch'
I checked my switches.conf and it seems to be ok unless I'm missing
something?
[default]
SNMPCommunityRead = public
SNMPCommunityWrite = private
SNMPCommunityTrap = public
SNMPVersion = 2c
vlans = 1,2,3,4,10
normalVlan = 1
registrationVlan = 2
isolationVlan = 3
macDetectionVlan = 4
VoIPEnabled = no
[192.168.1.101]
type = Cisco::Catalyst_3560
mode = production
uplink = 25
normalVlan = 10
radiusSecret=useStrongerSecret
SNMPVersion = 2c
Date: Tue, 13 Mar 2012 16:57:42 +0000
From: Adrian Mulgrew <[email protected]>
Subject: [Packetfence-users] CISCO 2970
To: [email protected]
Message-ID:
<cagfrw1sgknbsz7oy6wtvd6v4wpxzzn5iqq8wd-ebtv0f+hp...@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
I'm very new to Packet fence and trying to get a working installation to
demo.
So far I have configured the server and Cisco switch but when I connect a
device to a port I see the following errors and the vlan is never changed
on the port.
/usr/local/pf/logs/snmptrapd.log
2012-03-13|16:42:23|UDP: [192.168.1.101]:50369->[192.168.1.5]|0.0.0.0|BEGIN
TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS
.1.3.6.1.2.1.1.3.0 = Timeticks: (2721180) 7:33:31.80|.1.3.6.1.6.3.1.1.4.1.0
= OID: .1.3.6.1.4.1.9.9.315.0.0.1|.1.3.6.1.2.1.2.2.1.1.10105 = Wrong Type
(should be INTEGER): Gauge32: 10105|.1.3.6.1.2.1.31.1.1.1.1.10105 = STRING:
GigabitEthernet0/5|.1.3.6.1.4.1.9.9.315.1.2.1.1.10.10105 = Hex-STRING: 00
13 77 35 0B E0 END VARIABLEBINDINGS
My port configuration is as follows
interface GigabitEthernet0/5
switchport access vlan 4
switchport mode access
switchport port-security maximum 1 vlan access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address 0200.0000.0005
end
And I constantly see these from the switch console
SERI-PUBLIC#
07:32:53: %LINK-3-UPDOWN: Interface GigabitEthernet0/5, changed state to up
07:32:54: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet0/5, changed state to up
07:33:06: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred,
caused by MAC address 0013.7735.0be0 on port GigabitEthernet0/5.
07:33:11: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred,
caused by MAC address 0013.7735.0be0 on port GigabitEthernet0/5.
07:33:17: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred,
caused by MAC address 0013.7735.0be0 on port GigabitEthernet0/5.
07:33:22: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred,
caused by MAC address 0013.7735.0be0 on port GigabitEthernet0/5.
07:33:31: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred,
caused by MAC address 0013.7735.0be0 on port GigabitEthernet0/5.
Any help would really be appreciated.
Thanks
Adrian
-------------- next part --------------
An HTML attachment was scrubbed...
------------------------------
Message: 3
Date: Tue, 13 Mar 2012 13:34:36 -0400
From: Francois Gaudreault <[email protected]>
Subject: Re: [Packetfence-users] CISCO 2970
To: [email protected]
Message-ID: <[email protected]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi Adrian,
>
> 2012-03-13|16:42:23|UDP:
> [192.168.1.101]:50369->[192.168.1.5]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN
> SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 =
> Timeticks: (2721180) 7:33:31.80|.1.3.6.1.6.3.1.1.4.1.0 = OID:
> .1.3.6.1.4.1.9.9.315.0.0.1|.1.3.6.1.2.1.2.2.1.1.10105 = Wrong Type
> (should be INTEGER): Gauge32: 10105|.1.3.6.1.2.1.31.1.1.1.1.10105 =
> STRING: GigabitEthernet0/5|.1.3.6.1.4.1.9.9.315.1.2.1.1.10.10105 =
> Hex-STRING: 00 13 77 35 0B E0 END VARIABLEBINDINGS
Looks like the trap format is not right. We expect to have an Integer
for the ifIndex, not a Gauge32. Is it the latest firmware on the
switch? Maybe you can try a more recent one. Otherwise, you will need
to build your own parseTrap method in the Catalyst_2970.pm module.
Thanks
--
Francois Gaudreault, ing. jr
[email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
