Hello Guys, On Fri, Feb 28, 2014 at 11:33:23AM -0500, Jason Frisvold wrote: > Minh Trung wrote: > > Hello Jason, > > > > I already posted this question > > on<https://sourceforge.net/p/packetfence/>PacketFence-users Archives > > <http://sourceforge.net/mailarchive/forum.php?forum_name=packetfence-users>. > > But not responsed. Could you please help me? > > I'll give it a shot. I'm cc'ing back in the list so others can offer > their insight as well. > > > I have plan building the PF on VMWare ESX4.0 based on CentOS. > > My network already have VLANs, for example : > > 1) Vlan 122: Server > > 2) Vlan 123: Computers(office users) > > 3) Vlan 124: Voice(IP phone) > > 4) Vlan 125: Firewall > > 5) Vlan 126: Access Door > > 6) Vlan 127: Production --> Computers using wireless via Access Points, > > and have ACLs for this Vlan on Core switches > > ... > > All Vlans already trunk configured on switches. > > Now, i just want to apply PF for the Vlan 123 first. > > > > On PF Server: > > - Which mode i have to installation? > > I assume you're talking about inline versus out of band, correct? This > isn't a question I can answer directly. It depends on what you're > trying to accomplish. I've never run inline with Packetfence, so I'm > not sure of all of the capabilities there. Maybe someone on the list > with more inline experience can offer more information? Actually the choice about the mode is related to the type/model of your network equipment. > > > - How many NIC card do i need? > > In theory, you can do this with one. Again, it depends on your security > stance and how comfortable you are with trunking in Linux. Usually we use 1 NIC for management, 1 NIC to support Vlans and 1 for IDS (Suricata and Snort) > > > - Which services need to start on PF > > All of the standard services should be enough. The wizard generally > sets this up for you. > > > On Switches: > > - How to configuration when i have PF? > > What kind of switches? The configuration depends of what kind of authentication you wanna proceed (802.1x, MAc auth) and obviously of what your switch support > > > I am still very vague in implement PF server. I very thankful if some > > one help me to get knowledge. > > If necessary, Inverse offers consulting services. Their team is very > competent and can get you up and running pretty quickly. > > > Thanks in advance. > > > > Best regards,
Best regards, Loick > > > -- > --------------------------- > Jason 'XenoPhage' Frisvold > [email protected] > --------------------------- > > "Any sufficiently advanced magic is indistinguishable from technology.\" > - Niven's Inverse of Clarke's Third Law > > ------------------------------------------------------------------------------ > Flow-based real-time traffic analytics software. Cisco certified tool. > Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer > Customize your own dashboards, set traffic alerts and generate reports. > Network behavioral analysis & security monitoring. All-in-one tool. > http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca<http://www.inverse.ca/> Inverse inc. :: Leaders behind SOGo (www.sogo.nu<http://www.sogo.nu/>) and PacketFence +(www.packetfence.org<http://www.packetfence.org/>) gtalk or skype : lpelet.inverse ------------------------------------------------------------------------------ Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
