Hi Ross, We're using an older version of Packetfence with 2800 series switches.
I can't comment on your point #2, but for #1, this is expected behaviour with both the 2800 and 2600 switches when you initially configure port-security. If you have a device already authorized on a port before you enable port-security, the 2600/2800 switches will not send an auth request to Packetfence. A workaround is "port-security all clear-intrusion-flag" after you enable port-security. (This is mentioned on page 45 of the network device configuration guide.) -Karl On 10/06/2014 10:20 PM, Ross Lindsay wrote: > Hi All! > > I'm looking at deploying PacketFence on one of the networks that I > manage. I've spun up a test instance of it on Ubuntu (12.04 from > repository - couldn't get ZEN to cooperate) and have had a decent amount > of success so far. I have run into a few issues, though. > > 1. Support for ProCurve 2810 - I see that the 2600 series is listed on > the website, but not the 2800 for supported switches. I have the 2800 > mostly working using the 2600 profile, I just can't get the port to > change VLANs after registration. I get the screen with the progress bar, > but no VLAN change ever occurs. If I manually unplug and replug my > laptop, it picks up the proper VLAN that time. Could I be missing > something in my switch configuration? I can provide the full config if > needed. > > 1a. Possibly related to the same issue - When I opt to do the 10 minute > email verification option, I can stay on the Guest VLAN for as long as I > stay plugged in. The VLAN never gets changed back to the registration VLAN. > > 2. I was wondering if it would be possible for the "users" to be able to > specify what role their device gets assigned to. In this network, there > are no true "end users" - it's just me and any contractors or vendors > that I have installing equipment when I'm not able to be on site. If the > vendors could log in to PF from their laptop, punch in the MAC address, > and choose which role it should be (from a list I authorize), that would > be SO helpful instead of them having to send me the MAC addresses or > giving them access to the PF admin interface. I think from my reading > this may be accomplished by the gaming option or pre-registration, but > I'm not 100% sure. > > Please let me know what else you need from me. I appreciate any help you > can offer. Looking forward to success with PF! > > Ross Lindsay > > > > ------------------------------------------------------------------------------ > Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer > Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports > Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper > Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer > http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk > > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
