Morning Karl,
Thanks for your reply - Turns out I had the SNMP write community set wrong.
Now everything works perfectly with #1 and #1a after I changed that. I'm
not using port security, just MAB through RADIUS/SNMP.
Still looking into #2.
Thanks!
Ross
On Tue, Oct 7, 2014 at 9:19 AM, Karl Stevens <[email protected]> wrote:
> Hi Ross,
>
> We're using an older version of Packetfence with 2800 series switches.
>
> I can't comment on your point #2, but for #1, this is expected
> behaviour with both the 2800 and 2600 switches when you initially
> configure port-security.
>
> If you have a device already authorized on a port before you enable
> port-security, the 2600/2800 switches will not send an auth request to
> Packetfence. A workaround is "port-security all
> clear-intrusion-flag" after you enable port-security. (This is
> mentioned on page 45 of the network device configuration guide.)
>
> -Karl
>
> On 10/06/2014 10:20 PM, Ross Lindsay wrote:
> > Hi All!
> >
> > I'm looking at deploying PacketFence on one of the networks that I
> > manage. I've spun up a test instance of it on Ubuntu (12.04 from
> > repository - couldn't get ZEN to cooperate) and have had a decent amount
> > of success so far. I have run into a few issues, though.
> >
> > 1. Support for ProCurve 2810 - I see that the 2600 series is listed on
> > the website, but not the 2800 for supported switches. I have the 2800
> > mostly working using the 2600 profile, I just can't get the port to
> > change VLANs after registration. I get the screen with the progress bar,
> > but no VLAN change ever occurs. If I manually unplug and replug my
> > laptop, it picks up the proper VLAN that time. Could I be missing
> > something in my switch configuration? I can provide the full config if
> > needed.
> >
> > 1a. Possibly related to the same issue - When I opt to do the 10 minute
> > email verification option, I can stay on the Guest VLAN for as long as I
> > stay plugged in. The VLAN never gets changed back to the registration
> VLAN.
> >
> > 2. I was wondering if it would be possible for the "users" to be able to
> > specify what role their device gets assigned to. In this network, there
> > are no true "end users" - it's just me and any contractors or vendors
> > that I have installing equipment when I'm not able to be on site. If the
> > vendors could log in to PF from their laptop, punch in the MAC address,
> > and choose which role it should be (from a list I authorize), that would
> > be SO helpful instead of them having to send me the MAC addresses or
> > giving them access to the PF admin interface. I think from my reading
> > this may be accomplished by the gaming option or pre-registration, but
> > I'm not 100% sure.
> >
> > Please let me know what else you need from me. I appreciate any help you
> > can offer. Looking forward to success with PF!
> >
> > Ross Lindsay
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> > Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> > Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> > Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
> >
> >
> >
> > _______________________________________________
> > PacketFence-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
> >
>
>
>
> ------------------------------------------------------------------------------
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
>
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
