I'm evaluating NetGear 110TP's as "floating network devices" for port multiplication and media conversion. They're the smallest, cheapest devices I've found that support PoE and SFP. (Alternate suggestions for PacketFence-supported devices that meet these criteria are welcome.)
I first tried to configure like a Netgear::FSM726v1. I configured port security (I think). I get only "unknown trap," and these look like link up/down, not port security. I attempted to inject "snmp-server traps violation" into a tftp config file, but it didn't take. So, any other ideas for getting port security traps to work? Alternatively, how can I make basic port up/port down work? These are going to be a very small part of my network, with infrequent port changes, so the performance impact of old traps should be minimal. May 23 16:21:10 pfsetvlan(21) INFO: ignoring unknown trap: 2012-05-23|21:21:06|UDP: [100.64.3.16]:1025->[100.64.64.4]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (16916100) 1 day, 22:59:21.00|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.6.3.1.1.5.3|.1.3.6.1.2.1.2.2.1.1.6 = INTEGER: 6|.1.3.6.1.2.1.2.2.1.7.6 = INTEGER: up(1)|.1.3.6.1.2.1.2.2.1.8.6 = INTEGER: down(2) END VARIABLEBINDINGS (main::parseTrap) May 23 16:21:30 pfsetvlan(22) INFO: ignoring unknown trap: 2012-05-23|21:21:27|UDP: [100.64.3.16]:1025->[100.64.64.4]|0.0.0.0|BEGIN TYPE 0 END TYPE BEGIN SUBTYPE 0 END SUBTYPE BEGIN VARIABLEBINDINGS .1.3.6.1.2.1.1.3.0 = Timeticks: (16918300) 1 day, 22:59:43.00|.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.6.3.1.1.5.4|.1.3.6.1.2.1.2.2.1.1.5 = INTEGER: 5|.1.3.6.1.2.1.2.2.1.7.5 = INTEGER: up(1)|.1.3.6.1.2.1.2.2.1.8.5 = INTEGER: up(1) END VARIABLEBINDINGS (main::parseTrap) [137.22.30.16] type=Netgear::FSM726v1 mode=production uplink=0,1,7,8,9,10,11,12,12,14,15,16 vlans=20,100,3665,3666 normalVlan=100 registrationVlan=20 isolationVlan=3666 macDetectionVlan=3665 guestVlan=3665 controllerIp= SNMPVersionTrap=2c SNMPCommunityTrap=trapcommunity SNMPUserNameTrap= SNMPAuthProtocolTrap= SNMPAuthPasswordTrap= SNMPPrivProtocolTrap= SNMPPrivPasswordTrap= SNMPVersion=2c SNMPCommunityRead=readcommunity SNMPCommunityWrite=writecommunity SNMPEngineID= SNMPUserNameRead= SNMPAuthProtocolRead= SNMPAuthPasswordRead= SNMPPrivProtocolRead= SNMPPrivPasswordRead= SNMPUserNameWrite= SNMPAuthProtocolWrite= SNMPAuthPasswordWrite= SNMPPrivProtocolWrite= SNMPPrivPasswordWrite= Relevant bits of the configuration, exported to tftp server via "Maintenance" tab in the web interface: vlan database vlan 10,20,100,3665 exit snmptrap trapcommunity ipaddr 100.64.64.4 interface 0/4 port-security mac-address 00:DE:AD:BE:EF:04 3665 no auto-voip exit -- Rich Graves http://claimid.com/rcgraves Carleton.edu Sr UNIX and Security Admin CMC135: 507-222-7079 Cell: 952-292-6529 ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
