Le 2014-03-21 08:49, Arthur Emerson III a écrit :
On Mar 20, 2014, at 7:15 PM, Lupe Silva <[email protected]
<mailto:[email protected]>> wrote:
We have our own dhcp servers already setup so I do not want DHCP from
PF, and I believe this is core of my issue.
You *do* want PF to provide DHCP services...but only to your registration
and possibly isolation VLAN. Let your production network's DHCP server
handle the production network, with the appropriate PF listeners as you
currently have configured. Since PF has (should have) an interface
directly on your registration VLAN, no routing is required and everything
just magically works.
In fact it´s not really true, you can do layer 3 registration and
isolation vlan in packetfence.
In configuration -> Interfaces you can add routed network, btw on the
remote site you have to create an isolation vlan and registration vlan
and add in the layer 3 interface an iphelper address to the ip of the
isolation interface of pf and to the ip os the registration interface.
Packetfence will also add the route needed to reach these remote sites.
And as Arthur said, it´s really better to keep packetfence managing DHCP
services on the registration and isolation network.
If the problem is that you are not able to present the
registration/isolation
VLAN to your remote sites and need to do it via routed subnets, perhaps
the best solution would be to setup a point-to-point L2 tunnel for these
VLANs using one of the Cisco tools since you have their hardware at
both ends?
i.e: route add -net 10.10.20.0/255 <http://10.10.20.0/255> gw
10.1.20.1 dev eth0.2
FWIW, the last time that I looked at the CIDR spec, /255 was not a
valid IPv4 mask...
-Arthur
-------------------------------------------------------------------------
Arthur Emerson III Email: [email protected]
<mailto:[email protected]>
Network Administrator InterNIC: AE81
Mount Saint Mary College MaBell: (845) 561-0800 Ext. 3109
330 Powell Ave. Fax: (845) 562-6762
Newburgh, NY 12550 SneakerNet: Aquinas Hall Room 11
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
--
Fabrice Durand
[email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence
(http://packetfence.org)
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
