Thanks, see below: > Issue 1 - Since upgrading to the latest version, my MAC Vendor List is > blank. No nodes report their MAC vendor when I look at the node > details. I have performed several resolutions I have received here > and it doesn't update the table. At times in my packetfence.log file
look like a permission issue, check the right of the file it should be pf.pf -rw-rw-r-- 1 pf pf 3534183 Jan 13 08:24 oui.txt Issue 3 It is the ifindex not the port number. So in switches.conf I need to reference the ifindex and not the port number. Scott K. Slagle Security Administrator Gabriel Brothers Inc. Office: (304) 225-7222 Mobile: (724) 208-0352 -----Original Message----- From: Fabrice DURAND [mailto:[email protected]] Sent: Friday, January 16, 2015 11:17 AM To: [email protected] Subject: Re: [PacketFence-users] A problem I can't find resolution for Hi Scott, Le 2015-01-16 07:28, Scott Slagle a écrit : > > Good Morning, > > > > I have PacketFence running and for the most part is working > flawlessly. However I am experiencing three issues that I can't seem > to resolve. > > > > Issue 1 - Since upgrading to the latest version, my MAC Vendor List is > blank. No nodes report their MAC vendor when I look at the node > details. I have performed several resolutions I have received here > and it doesn't update the table. At times in my packetfence.log file > I see: > > Jan 15 22:54:29 httpd.webservices(21652) INFO: loading > Net::MAC::Vendor cache from /usr/local/pf/conf/oui.txt > (pf::util::load_oui) > > > > However the list is still blank. > look like a permission issue, check the right of the file it should be pf.pf > > > > > > > > Issue 2 - There are some cases on my network where a user will have a > small netgear 4 port switch to connect a printer or another PC. > PacketFence shows this in the log: > > Jan 15 22:54:49 pfsetvlan(2) WARN: couldn't get MAC at ifIndex 10112. > This is a problem. (pf::Switch::_getMacAtIfIndex) > > > > It will display that 30 times before it stops trying. I am guessing > that due to the small switch there and it's unmanaged that packetfence > either cannot find a locationlog entry or that switch isn't reporting > a MAC address to the managed switch. > > > > Is there a way around this without compromising that port and telling > packetfence not to manage that port? > > > Set this port as an uplink port 10112 > > Issue 3 - PacketFence isn't ignoring uplink ports on switches. > > All uplink ports are set to 802.1Q Trunk > > Snippet from switches.conf: > > [***.***.***.***] > > RoleMap=N > > wsPwd=********* > > SNMPCommunityRead=******** > > guestVlan=99 > > SNMPCommunityWrite=******** > > cliUser=******** > > defaultVlan=1 > > SNMPUserNameTrap=******** > > wsTransport=HTTPS > > deauthMethod=SNMP > > description=Switch_A > > type=Cisco::Catalyst_2960 > > macDetectionVlan=20 > > cliPwd=******** > > VoIPEnabled=N > > isolationVlan=99 > > cliTransport=SSH > > uplink_dynamic=0 > > cliEnablePwd=******** > > uplink=1,5,23,24 > > SNMPCommunityTrap=******** > > wsUser=******** > > registrationVlan=20 > > inlineVlan=1 > > registeredVlan=7 > > SNMPUserNameWrite=******** > > SNMPEngineID=local > > SNMPUserNameRead=******** > > SNMPAuthProtocolRead=md5 > > SNMPPrivPasswordTrap=******** > > SNMPAuthProtocolTrap=MD5 > > SNMPAuthProtocolWrite=md5 > > SNMPPrivPasswordRead=******** > > SNMPPrivProtocolWrite=aes > > SNMPAuthPasswordWrite=******** > > SNMPPrivPasswordWrite=******** > > SNMPAuthPasswordRead=******** > > SNMPPrivProtocolTrap=AES > > SNMPPrivProtocolRead=aes > > SNMPAuthPasswordTrap=******** > > mode=production > > AccessListMap=N > > > > > > Example: > > > > Switch A: 24 port Cisco 2960, Ports 1,5,23,24 are uplinks, primary switch. > > Uplink map: 24 - Internet source > > 23 - Redundant Internet source > (disabled) > > 1 - Switch B > > 7 - Switch D > > > > Switch B: 24 port Cisco 2960, Ports 23.24 are uplinks. Secondary Switch. > > Uplink map: 24 - Uplink to Switch A > > 23 - Uplink to Switch C > > > > Switch C: 24 port Cisco 2960, Ports 24 is uplink. Secondary Switch. > > Uplink map: 24 - Uplink to Switch C > > > > Switch D: 24 port Cisco 2960, Ports 24 is uplink. Secondary Switch. > > Uplink map: 24 - Uplink to Switch A > > > > When I connect any secondary switch, PacketFence changes the ports > Native Vlan to registration on the parent switch. I can't get it to > stop changing the uplinks. Any ideas? > It is the ifindex not the port number. > > > > Thanks in Advanced! > > > > Scott > > Regards Fabrice > > ---------------------------------------------------------------------- > -------- New Year. New Location. New Benefits. New Data Center in > Ashburn, VA. > GigeNET is offering a free month of service with a new server in Ashburn. > Choose from 2 high performing configs, both with 100TB of bandwidth. > Higher redundancy.Lower latency.Increased capacity.Completely compliant. > http://p.sf.net/sfu/gigenet > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org) ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
