[PacketFence-users] Issue with Cisco 2960s

[Dan Nelson]

running cisco WS-C2960S-48FPS-L  15.0(1)SE2 C2960S-UNIVERSALK9-M
MAC authentication works but switching vlan's does not when does with 
console..  When it authenticates using MAC the VLAN appears to be set 
and works.  When I go to the console and switch a device from Registered 
to Unregistered or vice versa I get the following and nothing switches 
on the 2960s

Output from packetfence.log
Apr 18 18:41:59 pfcmd.pl(25499) INFO: pfcmd calling node_modify for 
00:40:8c:ac:1b:5b (main::command_param)
Apr 18 18:41:59 pfcmd.pl(25499) INFO: re-evaluating access for node 
00:40:8c:ac:1b:5b (node_modify called) (pf::enforcement::reevaluate_access)
Apr 18 18:41:59 pfcmd.pl(25499) INFO: 00:40:8c:ac:1b:5b is currentlog 
connected at 172.18.104.4 ifIndex 50108 in VLAN 104 
(pf::enforcement::_should_we_reassign_vlan)
Apr 18 18:41:59 pfcmd.pl(25499) INFO: MAC: 00:40:8c:ac:1b:5b is of 
status unreg; belongs into registration VLAN (pf::vlan::getRegistrationVlan)
Apr 18 18:41:59 pfcmd.pl(25499) INFO: VLAN reassignment required for 
00:40:8c:ac:1b:5b (current VLAN = 104 but should be in VLAN 88) 
(pf::enforcement::_should_we_reassign_vlan)
Apr 18 18:41:59 pfcmd.pl(25499) INFO: switch port for 00:40:8c:ac:1b:5b 
is 172.18.104.4 ifIndex 50108 connection type: Wired MAC Auth 
(pf::enforcement::_vlan_reevaluation)
Apr 18 18:42:02 pfsetvlan(22) INFO: local (127.0.0.1) trap for switch 
172.18.104.4 (main::parseTrap)
Apr 18 18:42:02 pfsetvlan(3) INFO: nb of items in queue: 1; nb of 
threads running: 0 (main::startTrapHandlers)
Argument "noSuchInstance" isn't numeric in numeric eq (==) at 
/usr/local/pf/lib/pf/vlan.pm line 127.
Apr 18 18:42:02 pfsetvlan(3) INFO: reAssignVlan trap received on 
172.18.104.4 ifindex 50108 which is not ethernetCsmacd 
(pf::vlan::doWeActOnThisTrap)
Apr 18 18:42:02 pfsetvlan(3) INFO: doWeActOnThisTrap returns false. Stop 
reAssignVlan handling (main::handleTrap)
Apr 18 18:42:02 pfsetvlan(3) INFO: finished (main::cleanupAfterThread)


When I do a snmpwalk the ifindex shows they are 10108 but when the trap 
is received it is coming across as 50108.
[root@fennel ~]# snmpwalk -v 2c -c Sh0wMyData 172.18.104.4 
1.3.6.1.2.1.2.2.1.3
IF-MIB::ifType.1 = INTEGER: propVirtual(53)
IF-MIB::ifType.104 = INTEGER: propVirtual(53)
IF-MIB::ifType.5137 = INTEGER: propVirtual(53)
IF-MIB::ifType.5138 = INTEGER: propVirtual(53)
IF-MIB::ifType.5139 = INTEGER: propVirtual(53)
IF-MIB::ifType.10101 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10102 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10103 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10104 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10105 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10106 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10107 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10108 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10109 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10110 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10111 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10112 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10113 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10114 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10115 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10116 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10117 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10118 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10119 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10120 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10121 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10122 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10123 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10124 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10125 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10126 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10127 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10128 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10129 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10130 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10131 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10132 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10133 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10134 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10135 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10136 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10137 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10138 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10139 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10140 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10141 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10142 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10143 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10144 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10145 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10146 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10147 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10148 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10149 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10150 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10151 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.10152 = INTEGER: ethernetCsmacd(6)
IF-MIB::ifType.12001 = INTEGER: other(1)
IF-MIB::ifType.12002 = INTEGER: ethernetCsmacd(6)


I have the switch setup as a Cisco 2960G and have tried Cisco 2960 with 
same results.

This is not happening on other switches.  Just on the 2960s which is all 
gig ports.

Not sure if it is a bug with 15.0.1 code or not.

--
Thanks

Dan Nelson
*Nutraceutical Corporation*
Network Administrator
801-334-3702

------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users