Resurrecting a two-year-old thread:
1) Please patch upstream to allow wired connections on Aruba radios. All models
of Aruba controller do this. All Aruba radios with at least two Ethernet ports
can support wired profiles. 93H was specifically designed to be a wired hub.
--- /usr/local/pf/lib/pf/SNMP/Aruba.pm.orig 2012-07-30 11:09:36.563217123
-0500
+++ /usr/local/pf/lib/pf/SNMP/Aruba.pm 2012-08-16 14:24:09.015469261 -0500
@@ -79,6 +79,8 @@
sub supportsRoleBasedEnforcement { return $TRUE; }
sub supportsWirelessDot1x { return $TRUE; }
sub supportsWirelessMacAuth { return $TRUE; }
+sub supportsWiredMacAuth { return $TRUE; }
+sub supportsWiredDot1x { return $TRUE; }
=item getVersion - obtain image version information from switch
2) I still don't have a way for Aruba to flap the link. This is not
PacketFence's problem. To get the device's attention, they need to reboot or at
least physically unplug and reseat the Ethernet cable.
----- Original Message -----
From: "Rich Graves" <[email protected]>
To: [email protected]
Sent: Thursday, August 16, 2012 2:02:55 PM
Subject: Re: [PacketFence-users] Aruba 93H or other Aruba wired users?
Confirmed:
printf "NAS-IP-Address=$controller\nCalling-Station-Id=$mac\n" | radclient -x
$controller:3799 disconnect $radsecret
will cause the Aruba controller to drop the association for wired clients, just
like wireless. RADIUS MAC-Auth and VLAN reassignment will be triggered by the
client's next packet.
So, what I want to know is what sort of changes I need to make to (hopefully
just) Aruba.pm to get those disconnect packets sent.
I'm also asking Aruba if there's some way to flap link. There might not be, but
I can live with that. Registration->NormalVLAN can be handled by setting the
registration DHCP timeout really short. I won't want to do that for normal
VLAN, but I don't care so much if NormalVLAN->Isolation or
NormalVLAN->Registration transitions cause loss of connectivity.
------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce.
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
