I agree with XenoPhage, I will add a few things though. 1) Unless there is a compelling reason use the VLAN deployment option. It is the best option for performance and scalability in my opinion.
2) If you deploy using VLans you will need to add 2 more VLans, one for registration and one for isolation. 3) Take is slow, set it up in the simplest way possible and then layer on the extra things. Start with a single switch and a single client. Read and follow the Admin Guide VERY carefully. And always feel free to post you questions to the list. Some general advice: When posting to the list, try your best to keep you questions specific to a single issue you are having. If you can, try to avoid questions like "I'm new, can anyone help me setup PacketFence?" Instead, try to ask things like "I'm new to PacketFence and I am having trouble running the initial configuration wizard, when I do <x> it gives me error <y>." Asking specific questions gives us something to work with, general or vague questions are likely to go unanswered because the work required to find out the real problem and fix it is too much for most of us. Most of the people on this list are PF users with many other responsibilities, we donate our time to the community and most of our employers would not be happy if we spent too much time giving free support instead of doing our jobs : ). Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 ________________________________________ From: Jason Frisvold [[email protected]] Sent: Friday, February 28, 2014 10:33 AM To: Minh Trung Cc: [email protected] Subject: Re: [PacketFence-users] Place PacketFence system Minh Trung wrote: > Hello Jason, > > I already posted this question > on<https://sourceforge.net/p/packetfence/>PacketFence-users Archives > <http://sourceforge.net/mailarchive/forum.php?forum_name=packetfence-users>. > But not responsed. Could you please help me? XenoPhage I'll give it a shot. I'm cc'ing back in the list so others can offer their insight as well. > I have plan building the PF on VMWare ESX4.0 based on CentOS. > My network already have VLANs, for example : > 1) Vlan 122: Server > 2) Vlan 123: Computers(office users) > 3) Vlan 124: Voice(IP phone) > 4) Vlan 125: Firewall > 5) Vlan 126: Access Door > 6) Vlan 127: Production --> Computers using wireless via Access Points, > and have ACLs for this Vlan on Core switches > ... > All Vlans already trunk configured on switches. > Now, i just want to apply PF for the Vlan 123 first. > > On PF Server: > - Which mode i have to installation? I assume you're talking about inline versus out of band, correct? This isn't a question I can answer directly. It depends on what you're trying to accomplish. I've never run inline with Packetfence, so I'm not sure of all of the capabilities there. Maybe someone on the list with more inline experience can offer more information? > - How many NIC card do i need? In theory, you can do this with one. Again, it depends on your security stance and how comfortable you are with trunking in Linux. > - Which services need to start on PF All of the standard services should be enough. The wizard generally sets this up for you. > On Switches: > - How to configuration when i have PF? What kind of switches? > I am still very vague in implement PF server. I very thankful if some > one help me to get knowledge. If necessary, Inverse offers consulting services. Their team is very competent and can get you up and running pretty quickly. > Thanks in advance. > > Best regards, -- --------------------------- Jason 'XenoPhage' Frisvold [email protected] --------------------------- "Any sufficiently advanced magic is indistinguishable from technology.\" - Niven's Inverse of Clarke's Third Law ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
