Hi Jason, answer below. Le jeudi 25 avril 2013 16:20:55, Jason 'XenoPhage' Frisvold a écrit : > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all, > > I think I finally have a working Packetfence installation. At least > from the aspect of successful 802.1x authentication, anyway. > > I have some questions that are, most likely, pretty newbie questions. > I've poked around on the packetfence website, but I'm not seeing a > users guide beyond the admin guide which seems more aimed at > installation. If there are better guides out there, I'd appreciate a > shove in the right direction. > > So, on to the questions ... > > - - Making modifications to an existing switch via the web GUI doesn't > seem to take effect immediately. Is there a cron job that handles > this, or should I be restarting something? It's normal because there are so many thing to restart to take care about the new configuration, like apache, radius, pfsetvlan ... We are working on it. > > - - How do you delete nodes? I get an error about an entry in the > locationlog table. Is there a way to clear that out, or should it be > cleared out over time, or... ? If I understand correctly, the way to > "kick" a user would be to tag them with a violation. That's fine and > I don't have an issue with that. But, we clean out our current NAC > system yearly to ensure any old systems are no longer listed and > wasting resources. Is there a way to do this in Packetfence? Yep , it's the packetfence question, why you can't remove a node, in fact it's because packetfence think that the node is active in the network (dhcp, activity). So if the node is active you can't remove it but you can unreg it.
> > - - If we're using dot1x and mab, is it necessary to tell packetfence > the ifIndex of all uplink ports? Those ports aren't configured to > talk to packetfence and thus shouldn't be affected, right? No you will never receive radius request from the uplink port. > > - - When I authenticate via 802.1x, the node entry isn't being added as > registered.. What else needs to happen to be considered a registered > node? Look at /usr/local/pf/lib/pf/vlan/custom.pm you will find the answer ;-) Regards Fabrice > > - -- > - --------------------------- > Jason 'XenoPhage' Frisvold > [email protected] > - --------------------------- > > "Any sufficiently advanced magic is indistinguishable from technology.\" > - - Niven's Inverse of Clarke's Third Law > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.13 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iEYEARECAAYFAlF5kCcACgkQO80o6DJ8UvlxaACfR0tLPmYjOcEJtL0quS351RRc > F4AAn0HZBB2UuL9Ug2lLTxGGeQtT7bay > =YGwM > -----END PGP SIGNATURE----- > > ------------------------------------------------------------------------------ > Try New Relic Now & We'll Send You this Cool Shirt > New Relic is the only SaaS-based application performance monitoring service > that delivers powerful full stack analytics. Optimize and monitor your > browser, app, & servers with just a few lines of code. Try New Relic > and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
