Hi Jake,
This is my first time to configure PacketFence so I just followed the
instruction to do the configuration. No specific reason why using SNMP
traps.
Yes please send the config of your switch to me if it is convenience for
you. Can you also send me the config file of the packet fence? I am
struggling with PF to get it work. Much appreciated.
Regards,
Jacky
On Tue, Jul 9, 2013 at 10:23 AM, Sallee, Stephen (Jake) <
[email protected]> wrote:
> May I respectfully ask why you are using SNMP traps?****
>
> ** **
>
> I ask only because I have about 100 of those switches and they work
> wonderfully with MAB which has been much more scalable and reliable in my
> experience.****
>
> ** **
>
> MAB gives you the same results as SNMP traps with much finer grained
> control and more graceful error handling. ****
>
> ** **
>
> I can send you the relevant config snippets from one of my switches if you
> would like.****
>
> ** **
>
> Jake Sallee****
>
> Godfather of Bandwidth****
>
> System Engineer****
>
> University of Mary Hardin-Baylor****
>
> 900 College St.****
>
> Belton TX. 76513****
>
> Fone: 254-295-4658****
>
> Phax: 254-295-4221****
>
> HTTP://WWW.UMHB.EDU****
>
> ** **
>
> *From:* Fabrice DURAND [mailto:[email protected]]
> *Sent:* Tuesday, July 09, 2013 9:09 AM
> *To:* [email protected]
> *Subject:* Re: [PacketFence-users] Swtich Port Security Violation issue***
> *
>
> ** **
>
> Hello,
> add :
> snmp-server community public RO
> snmp-server community private RW
>
> in your switch config.
>
> Regards
> Fabrice
>
> Le 2013-07-08 18:08, forbmsyn a écrit :****
>
> Hi, ****
>
> ** **
>
> I have a Cisco 2960 switch. On port #3 I have a laptop plugged in. Then I
> have the following error message on Packet fence server and the switch.***
> *
>
> ** **
>
> ** **
>
> Error message from the packet fence serve:****
>
> ** **
>
> Jul 08 14:00:05 pfsetvlan(24) INFO: secureMacAddrViolation trap on
> 192.168.1.12 ifIndex 10003. Port Security is no longer configured on the
> port. Flush the trap (main::signalHandlerTrapListQueued)****
>
> ** **
>
> ** **
>
> And the error message from the switch:****
>
> *Mar 4 01:21:08.599: %PORT_SECURITY-2-PSECURE_VIOLATION: Security
> violation occurred, caused by MAC address dc0e.a18a.d48f on port
> FastEthernet0/3.****
>
> ** **
>
> Below is the config of the switch:****
>
> ** **
>
> pfsw2960#show running-config****
>
> Building configuration...****
>
> ** **
>
> Current configuration : 3992 bytes****
>
> !****
>
> ! Last configuration change at 23:26:42 UTC Wed Mar 3 1993****
>
> !****
>
> version 12.2****
>
> no service pad****
>
> service timestamps debug datetime msec****
>
> service timestamps log datetime msec****
>
> no service password-encryption****
>
> !****
>
> hostname pfsw2960****
>
> !****
>
> boot-start-marker****
>
> boot-end-marker****
>
> !****
>
> enable secret 5 $1$v6AY$CHpQRFjE5It5ggqY80s9Y0****
>
> !****
>
> username admin password 0 admin****
>
> no aaa new-model****
>
> system mtu routing 1500****
>
> !****
>
> !****
>
> !****
>
> !****
>
> crypto pki trustpoint TP-self-signed-3219086464****
>
> enrollment selfsigned****
>
> subject-name cn=IOS-Self-Signed-Certificate-3219086464****
>
> revocation-check none****
>
> rsakeypair TP-self-signed-3219086464****
>
> !****
>
> !****
>
> crypto pki certificate chain TP-self-signed-3219086464****
>
> certificate self-signed 01****
>
> 30820240 308201A9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030*
> ***
>
> 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274*
> ***
>
> 69666963 6174652D 33323139 30383634 3634301E 170D3933 30333031 30303030*
> ***
>
> 35385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649*
> ***
>
> 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32313930*
> ***
>
> 38363436 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281*
> ***
>
> 8100AF7D 853F4F63 33C9C1E7 67E19204 F6647E85 DE33E663 207935F3 169D50D3*
> ***
>
> D29CE944 47E12F9C E0F1F090 2FB5CF0B B33544ED B2643B58 63F4B441 DD5E4C07*
> ***
>
> 844278A6 F811497E B18F73B3 9F4B0418 5701CD26 F4CA985E 8C729706 E83886F9*
> ***
>
> 5311E7EB 4282AB4A 882AA3B0 66DFA19D E6F22371 4848B689 0F8B75AD 1A8C1A31*
> ***
>
> B16B0203 010001A3 68306630 0F060355 1D130101 FF040530 030101FF 30130603*
> ***
>
> 551D1104 0C300A82 08706673 77323936 30301F06 03551D23 04183016 80143711*
> ***
>
> 4F7C7DED 5B7AB254 2C8BA9E7 F9FBDCC9 3654301D 0603551D 0E041604 1437114F*
> ***
>
> 7C7DED5B 7AB2542C 8BA9E7F9 FBDCC936 54300D06 092A8648 86F70D01 01040500*
> ***
>
> 03818100 49D71241 3FC607E9 7D6CBFFC BBC7D710 10C622C8 42EF439B 1ABD6EED*
> ***
>
> 247B7D70 20DD2D96 E5C55399 768AD11D EE0A9553 A9EF4634 66C1C672 2BE90557*
> ***
>
> 58ED21C0 11D797F9 7F2BDAF9 0754AFE7 9B205531 FC76D6D8 2202348B 7CCDDED5*
> ***
>
> A5286F33 4BBF7AA2 4BFAC9EC F0F460CC 11487E48 EBBB5796 52DC5B31 A9E3C1DC
> 7AB2DAD0****
>
> quit****
>
> !****
>
> !****
>
> !****
>
> spanning-tree mode pvst****
>
> spanning-tree extend system-id****
>
> !****
>
> vlan internal allocation policy ascending****
>
> !****
>
> !****
>
> !****
>
> !****
>
> !****
>
> !****
>
> interface FastEthernet0/1****
>
> switchport access vlan 4****
>
> switchport port-security violation restrict****
>
> switchport port-security mac-address 0200.0001.0001****
>
> !****
>
> interface FastEthernet0/2****
>
> switchport access vlan 4****
>
> switchport mode access****
>
> switchport port-security maximum 2****
>
> switchport port-security maximum 1 vlan access****
>
> switchport port-security****
>
> switchport port-security violation restrict****
>
> switchport port-security mac-address 0200.0001.0002****
>
> !****
>
> interface FastEthernet0/3****
>
> switchport access vlan 4****
>
> switchport mode access****
>
> switchport port-security maximum 2****
>
> switchport port-security maximum 1 vlan access****
>
> switchport port-security****
>
> switchport port-security violation restrict****
>
> switchport port-security mac-address 0200.0000.0003****
>
> !****
>
> interface FastEthernet0/4****
>
> !****
>
> interface FastEthernet0/5****
>
> !****
>
> interface FastEthernet0/6****
>
> !****
>
> interface FastEthernet0/7****
>
> !****
>
> interface FastEthernet0/8****
>
> !****
>
> interface FastEthernet0/9****
>
> !****
>
> interface FastEthernet0/10****
>
> !****
>
> interface FastEthernet0/11****
>
> !****
>
> interface FastEthernet0/12****
>
> !****
>
> interface FastEthernet0/13****
>
> !****
>
> interface FastEthernet0/14****
>
> !****
>
> interface FastEthernet0/15****
>
> !****
>
> interface FastEthernet0/16****
>
> !****
>
> interface FastEthernet0/17****
>
> !****
>
> interface FastEthernet0/18****
>
> !****
>
> interface FastEthernet0/19****
>
> !****
>
> interface FastEthernet0/20****
>
> !****
>
> interface FastEthernet0/21****
>
> !****
>
> interface FastEthernet0/22****
>
> !****
>
> interface FastEthernet0/23****
>
> !****
>
> interface FastEthernet0/24****
>
> switchport mode trunk****
>
> !****
>
> interface GigabitEthernet0/1****
>
> !****
>
> interface GigabitEthernet0/2****
>
> !****
>
> interface Vlan1****
>
> ip address 192.168.1.12 255.255.255.0****
>
> !****
>
> ip http server****
>
> ip http secure-server****
>
> logging esm config****
>
> snmp-server enable traps snmp linkdown linkup****
>
> snmp-server enable traps port-security****
>
> snmp-server enable traps port-security trap-rate 1****
>
> snmp-server enable traps mac-notification change move threshold****
>
> snmp-server host 192.168.1.5 version 2c public port-security****
>
> !****
>
> line con 0****
>
> line vty 0 4****
>
> login****
>
> line vty 5 15****
>
> login****
>
> !****
>
> end****
>
> ** **
>
> pfsw2960#****
>
> ** **
>
> ** **
>
> ** **
>
> What's wrong with my configuration? ****
>
> ** **
>
> Thank you!****
>
> ** **
>
>
>
>
> ****
>
> ------------------------------------------------------------------------------****
>
> See everything from the browser to the database with AppDynamics****
>
> Get end-to-end visibility with application monitoring from AppDynamics****
>
> Isolate bottlenecks and diagnose root cause in seconds.****
>
> Start your free trial of AppDynamics Pro today!****
>
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk****
>
>
>
>
> ****
>
> _______________________________________________****
>
> PacketFence-users mailing list****
>
> [email protected]****
>
> https://lists.sourceforge.net/lists/listinfo/packetfence-users****
>
>
>
>
> ****
>
> -- ****
>
> Fabrice Durand****
>
> [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca****
>
> Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
> (http://packetfence.org) ****
>
>
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
>
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
