Hi -- I've been looking at the PF guides, but cant really see a guide to this.
Assuming that the 802.1x wired auth via freeradius works correctly, how does one go about telling a Cisco 3560-X switch to switch vlan ID's to a specific vlan? I continue to get a warning that says role-based NAC not supported, but I don't want to enforce role based, but rather I'd be happy enough with a simple vlan assignment. Any suggestions? Nov 06 13:15:17 pf::WebAPI(14363) INFO: handling radius autz request: from switch_ip => 10.10.1.115, connection_type => Ethernet-EAP mac => b4:99:ba:ea:df:3d, port => 50048, username => USERNAME (pf::radius::authorize) Nov 06 13:15:18 pf::WebAPI(14363) INFO: MAC: b4:99:ba:ea:df:3d is of status unreg; belongs into registration VLAN (pf::vlan::getRegistrationVlan) Nov 06 13:15:18 pf::WebAPI(14363) WARN: Role-based Network Access Control is not supported on network device type pf::SNMP::Cisco::Catalyst_3560. (pf::SNMP::supportsRoleBasedEnforcement) Nov 06 13:15:19 pfdhcplistener(14403) INFO: DHCPREQUEST from b4:99:ba:ea:df:3d (10.10.232.10) (main::parse_dhcp_request) Nov 06 13:15:19 pfdhcplistener(14403) INFO: b4:99:ba:ea:df:3d requested an IP. DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). Modified node with last_dhcp = 2013-11-06 13:15:19,computername = MACHINENAME,dhcp_fingerprint = 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) Nov 06 13:15:19 pfdhcplistener(14403) INFO: DHCPACK from 10.10.232.254 (00:50:56:b6:0a:d4) to host b4:99:ba:ea:df:3d (10.10.232.10) for 30 seconds (main::parse_dhcp_ack) Nov 06 13:15:22 pfdhcplistener(14403) INFO: DHCPACK CIADDR from 10.10.232.254 (00:50:56:b6:0a:d4) to host b4:99:ba:ea:df:3d (10.10.232.10) (main::parse_dhcp_ack) Nov 06 13:15:23 pfmon(0) INFO: running expire check (main::cleanup) Nov 06 13:15:23 pfmon(0) INFO: checking registered nodes for expiration (main::cleanup) Nov 06 13:15:23 pfmon(0) INFO: checking violations for expiration (main::cleanup) Nov 06 13:15:23 pfmon(0) INFO: checking accounting data for potential bandwidth abuse (main::cleanup) Nov 06 13:15:23 pfmon(0) INFO: getting violations triggers for accounting cleanup (pf::accounting::acct_maintenance) Nov 06 13:15:23 pfmon(0) INFO: Calling node acct maintenance total with monthly and 1 for 21474836480 (pf::accounting::acct_maintenance) Nov 06 13:15:34 pfdhcplistener(14403) INFO: b4:99:ba:ea:df:3d requested an IP. DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). Modified node with last_dhcp = 2013-11-06 13:15:34,computername = MACHINENAME,dhcp_fingerprint = 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) Nov 06 13:15:34 pfdhcplistener(14403) INFO: DHCPACK from 10.10.232.254 (00:50:56:b6:0a:d4) to host b4:99:ba:ea:df:3d (10.10.232.10) for 30 seconds (main::parse_dhcp_ack) Nov 06 13:15:49 pfdhcplistener(14403) INFO: b4:99:ba:ea:df:3d requested an IP. DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). Modified node with last_dhcp = 2013-11-06 13:15:49,computername = MACHINENAME,dhcp_fingerprint = 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) Nov 06 13:15:49 pfdhcplistener(14403) INFO: DHCPACK from 10.10.232.254 (00:50:56:b6:0a:d4) to host b4:99:ba:ea:df:3d (10.10.232.10) for 30 seconds (main::parse_dhcp_ack) Nov 06 13:16:04 pfdhcplistener(14403) INFO: b4:99:ba:ea:df:3d requested an IP. DHCP Fingerprint: OS::107 (Microsoft Windows Vista/7 or Server 2008). Modified node with last_dhcp = 2013-11-06 13:16:04,computername = MACHINENAME,dhcp_fingerprint = 1,15,3,6,44,46,47,31,33,121,249,43 (main::listen_dhcp) Nov 06 13:16:04 pfdhcplistener(14403) INFO: DHCPACK from 10.10.232.254 (00:50:56:b6:0a:d4) to host b4:99:ba:ea:df:3d (10.10.232.10) for 30 seconds (main::parse_dhcp_ack) ********************************************** Email Disclaimer: This email, including attachments, may contain proprietary, confidential or privileged information. If you are not the intended recipient, please (i) do not use, disclose, save or retransmit this message or any attachments, (ii) alert the sender by reply email and (iii) destroy or delete this message and any attachments. Delivery of this email to a person other than the intended recipient(s) shall not constitute a waiver of privilege or confidentiality. CP Investments, member FINRA and SIPC, serves as placement agent for investment products advised by Canyon Capital Advisors LLC. This email is not intended to be an offer to sell or a solicitation of an offer to buy any security in any jurisdiction. We review and retain electronic communications traveling through our network. ********************************************** ------------------------------------------------------------------------------ November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
