Hi
i configurate my switch catalyst 3750G , when i test my solution witch client
and PF : 802.1x authentification works good and PF put the client on vlan
registration but the client dont have IP address i think that the probleme is
in my switch configuration please can any one help me or give me his switch
configuration.
Here is information about client from web admin/node
MAC Address : x:x:x:xx:xx:xx
IP Address : Unknown
IP Info : No IP information available
Owner : unregistered
Category : No category
Status : unregistered
VoIP : no
NODE USER-AGENT INFORMATION
NODE DHCP INFORMATION
DHCP Info : Last DHCP request at 0000-00-00 00:00:00
Location : port 10103 (vlan 2) on switch 192.168.1.2
Connection type: Wired 802.1x
802.1X Username: kima
Wireless SSID :
Last activity : UNKNOWN
here may switch cofiguration ::::
----------------creation of vlan:
vlan 2
name registration
vlan 3
name isolution
vlan 4
name mac-detect
vlan 7
name management
---------------creation of interface vlan;
interface vlan 2
ip address 192.168.2.1 255.255.255.0
interface vlan 3
ip address 192.168.3.1 255.255.255.0
interface vlan 7
ip address 192.168.1.2 255.255.255.0
ip default-gateway 192.168.1.1
-----------------interface for server pf:
interface Gi1/0/2
switchport mode access
switchport access vlan 7
------------------------------
dot1x system-auth-control
---------On each interface:
switchport mode access
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer restart 10800
authentication timer reauthenticate 7200
mab
no snmp trap link-status
dot1x pae authenticator
dot1x timeout quiet-period 2
dot1x timeout tx-period 3
---------- radius ---------------------
aaa new-model
aaa group server radius packetfence
server 192.168.1.5 auth-port 1812 acct-port 1813
aaa authentication login default local
aaa authentication dot1x default group packetfence
aaa authorization network default group packetfence
--------------------------------
radius-server host 192.168.1.5 auth-port 1812 acct-port 1813 timeout 2 key
secret
radius-server vsa send authentication
-----------------
snmp-server community public ro
snmp-server community private rw
snmp-server host 192.168.1.5 version 2c public
----------------------------------------------------------
and here is switches.conf
[default]
vlans = 1,2,3,4,5
normalVlan = 1
registrationVlan = 2
isolationVlan = 3
macDetectionVlan = 4
guestVlan = 5
customVlan1 =
customVlan2 =
customVlan3 =
customVlan4 =
customVlan5 =
VoIPEnabled = no
voiceVlan =
inlineVlan =
inlineTrigger =
mode = testing
macSearchesMaxNb = 30
macSearchesSleepInterval = 2
uplink = dynamic
cliTransport = Telnet
SNMPVersion = 2c
SNMPCommunityRead = public
SNMPCommunityWrite = private
SNMPVersionTrap = 2c
SNMPCommunityTrap = public
wsTransport = http
radiusSecret=secret
[192.168.1.2]
type = Cisco::Catalyst_3750G
mode = production
uplink = 25
normalVlan = 7
deauthMethod=SNMP
------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
