Configuration | Switches | [pick one] | Roles
PF determines the role that each user has, and then passes that role to
the switch(es) to let them make the decision on what VLAN they need to
be on based on their role. What VLAN a device should be placed on may
vary by switch, with an example being a multi-building network with
different VLANs in each. You tell the switch what role a device is, and
it decides what VLAN to put it on.
In PF 3.x, there's a setting in the switch config called "Normal VLAN."
In PF4, it is called "default." If you do not wish to use roles and want
everyone on the same production network, this is where you set that VLAN
on every switch...
-Arthur
-------------------------------------------------------------------------
Arthur Emerson III Email:
[email protected]<mailto:[email protected]>
Network Administrator InterNIC: AE81
Mount Saint Mary College MaBell: (845) 561-0800 Ext. 3109
330 Powell Ave. Fax: (845) 562-6762
Newburgh, NY 12550 SneakerNet: Aquinas Hall Room 11
From: Boris Epstein <[email protected]<mailto:[email protected]>>
Reply-To:
"[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Date: Friday, January 9, 2015 at 1:35 PM
To:
"[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: Re: [PacketFence-users] proper VLAN assignment
Tim,
True enough - but given that there may be more than one - doesn't the PF server
need to be aware of them and know how to tell the switch involved which VLAN to
put the node in?
Boris.
On Fri, Jan 9, 2015 at 1:27 PM, Tim DeNike
<[email protected]<mailto:[email protected]>> wrote:
Because a production vlan, in most instances, won't ever touch the packet fence
server. So it doesn't NEED to have one configured.
On Fri, Jan 9, 2015 at 1:16 PM, Boris Epstein <[email protected]> wrote:
Chris,
100%. I should have said "one or more production networks".
Boris.
On Fri, Jan 9, 2015 at 12:27 PM, Chris Chance <[email protected]> wrote:
Because their can be multiple production clans such as an infrastructure vlan a
customer vlan a staff vlan or whatever your specific network requires.
Authorized clients don't necessarily get sent to the same areas just because
they are allowed access.
On Jan 9, 2015 12:51 PM, "Boris Epstein" <[email protected]> wrote:
Hello all,
This is just to compare notes and make sure the way I do things is in line with
the conventions. So here is how I understand things.
"Registration VLAN" is where newly plugged in devices are assigned, until they
are deemed secure and allowed to join the production network.
"Isolation VLAN" is where suspect devices (those believed to be virus-infected,
for instance) are relegated to.
"Management VLAN" is a network used for management purposes (to communicate to
switches, etc.)
Here is what I don't quite understand.
1) Why is a "Production VLAN" not mandated?
2) How does one designate it on the switch level as a VLAN to put
production-ready devices in (i.e., OK, MAC address so-and-so on port 10 is
good, switch it to the "Production VLAN" and let is access the internet)?
Thanks in advance for your help.
Cheers,
Boris.
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
