Hi Guys,
I'm working with a couple of 2960 switches on stack mode running an IOS
version 150-2.SE, the switch is configured to use MAB and deauthenticate
with Radius using CoA, everything for a machine works perfectly. However,
When I plug a Cisco VoIP phone and the machine behind that, I'm getting
this info message,
"Aug 20 19:41:34 httpd.webservices(6156) INFO: Unable to lookup LLDP port
from IfIndex. LLDP VoIP detection will not work. Is LLDP enabled?
(pf::Switch::Cisco::Catalyst_2950::getPhonesLLDPAtIfIndex)
Aug 20 19:41:34 httpd.webservices(6156) INFO: Could not find any IP phones
through discovery protocols for ifIndex 10525
(pf::Switch::getPhonesDPAtIfIndex)"
I made a debug from radius and this is what i'm getting,
"rlm_perl: request from bc:67:1c:30:78:c3 port 50225 was accepted but no
VLAN returned. This could be normal. See server logs for details.
rlm_perl: PacketFence RESULT RESPONSE CODE: 2 (2 means OK)
rlm_perl: Added pair NAS-Port-Type = Ethernet
rlm_perl: Added pair Service-Type = Call-Check
rlm_perl: Added pair Called-Station-Id = C0-25-5C-AA-30-19
rlm_perl: Added pair Calling-Station-Id = BC-67-1C-30-78-C3
rlm_perl: Added pair Message-Authenticator =
0x40025a04d0aa4d0e33f43722f48d6b30
rlm_perl: Added pair Cisco-AVPair = service-type=Call Check
rlm_perl: Added pair Cisco-AVPair =
audit-session-id=0A0B3E0F0000003906EA910A
rlm_perl: Added pair User-Name = bc671c3078c3
rlm_perl: Added pair User-Password = bc671c3078c3
rlm_perl: Added pair NAS-Port = 50225
rlm_perl: Added pair NAS-IP-Address = 10.11.62.15
rlm_perl: Added pair Framed-MTU = 1500
rlm_perl: Added pair NAS-Port-Id = FastEthernet2/0/25
rlm_perl: Added pair Cisco-AVPair = device-traffic-class=voice
rlm_perl: Added pair Auth-Type = Accept
+++[packetfence] = ok
++} # if (!EAP-Type || (EAP-Type != 21 && EAP-Type != 25)) = ok
+} # group post-auth = ok
Sending Access-Accept of id 71 to 10.11.62.15 port 1645
Cisco-AVPair = "device-traffic-class=voice""
""
The NAS-Port sent to Packetfece was 50225 and the ifindex translated in
packetfence is 10525, following the example of the function
*NasPortToIfIndex* in Catalyst_2960.pm Module in Packetfence the
translation of the Nasport to Ifindex should be 10225 and not 10525,
however I don't know if my inferences are correct?, Do you think that this
is a bug in the function or this should be right answer.
Let me know what other info I can provide you to help me figured it this
out.
Best Regards,
--
*“Choose a job you love, and you will never have to work a day in your
life”*
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
