Hello Denis, Thanks for this! If you are familiar enought with Git (Github) and asciidoc, I would suggest you to contribute to the documentation by making a pull-request with your findings.
You can easily fork the PacketFence repository, do the changes to the documentation and then submit a pull-request that we will review. If you don’t feel confortable with that, let me know and we’ll do it on our side. Cheers! dw. — Derek Wuelfrath [email protected] :: www.inverse.ca +1.514.447.4918 (x110) :: +1.866.353.6153 (x110) Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) > On Dec 9, 2014, at 12:25, Denis Bonnenfant diderot > <[email protected]> wrote: > > Hi, > > We acheived to setup 802.1x+MAB on HP 2610 HP switches just like with > Cisco. As this is nearly undocumented, I want to share the information, > as it may be interesting to have it on official PF devices config guide. > > The trick is to use aaa port-access authenticator x client-limit 1, > which allows multiple auth modes for a single client. With this setup, > 802.1x auth is tried first, and if it fails, mac auth is performed. > > radius-server host a.b.c.d acct-port 1813 key "verysecret" > snmp-server host a.b.c.d community "public" informs trap-level not-info > no snmp-server enable traps link-change x > aaa server-group radius "packetfence" host a.b.c.d > aaa authentication port-access eap-radius server-group "packetfence" > aaa authentication mac-based chap-radius server-group "packetfence" > port-security x learn-mode port-access action send-alarm > aaa port-access authenticator x > aaa port-access authenticator x client-limit 1 > aaa port-access authenticator active > aaa port-access mac-based x > aaa port-access mac-based x addr-moves > aaa port-access mac-based x reauth-period 14400 > aaa port-access x controlled-direction in > > The last line is supposed to allow WOL magic packets to be sent to the > port. Unfortunately it doesn't seems to work, I have to investigate this > issue, as I'm not sure that Magic packets are reaching the switch if > there is no untagged vlan matching WOL broadcast address configured on it. > > Regards, > > Denis Bonnenfant > Lycée Diderot Paris > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & more > Get technology previously reserved for billion-dollar corporations, FREE > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Dive into the World of Parallel Programming! The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
