I don't know what you mean.
Forwarding the dhcp request is important if you want to enable
snort/suricata detection or have more informations for your node.
Autoregister is if you use packetfence for register your device (801.1X).
Fabrice
Le 2013-06-29 15:07, Dustin Schuemann a écrit :
Do I have to forward the dhcp requests to packet fence or can I use
the auto register feature?
On Jun 29, 2013 3:01 PM, "Fabrice Durand" <[email protected]
<mailto:[email protected]>> wrote:
Hello Dustin,
it could be done with the github branch
https://github.com/inverse-inc/packetfence/tree/feature/iplog_accounting
In fact you will use accounting information to fill out your
database (probably have to add a function to add the device if it
doesn't exist in the database) , declare your switch in the conf
to as a production switch with all the parameter to interact with
it and don't forget to forward the dhcp traffic to packetfence.
With that way you will have a database with all your devices and
where they are and will have the possibility to put them in the
isolation vlan if you trigger manually a violation or
automatically (snort, suricata, accounting violation ...)
And of course it could be sponsored development.
Regards
Fabrice
Le 2013-06-29 14:05, Dustin Schuemann a écrit :
This can't be done just with the SNMP notifications. What I want
to do is have a database of all the devices. If a device needs to
be in the isolation vlan I would put it in there and then when
the device is plugged in packet fence would set the vlan for that
switch interface.
On Jun 29, 2013 1:56 PM, "Fabrice Durand" <[email protected]
<mailto:[email protected]>> wrote:
Hello,
you mean without registration process and with an ids like
snort ?
If it that case, packetfence must have to know where the
device is (switch interface) and forward the dhcp traffic to
packetfence to be able for it to resolv mac by ip.
If you do that , it's possible.
Regards
Fabrice
Le 2013-06-29 13:26, Dustin Schuemann a écrit :
Can packetfence use one interface? I only want to do vlan
isolation with MAC traps. Is this possible?
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
