Hello Fabrice,
Thanks a lot for your response.
This makes sense. So then why is it that I can only use ping, it seems,
when it comes to reaching this PF server even on the management interface.
Even SSH is not available!
This just seems really weird - and impractical, too. I wonder where I go to
fix that.
Cheers,
Boris.
On Fri, Jan 23, 2015 at 7:53 PM, Durand fabrice <[email protected]> wrote:
> Hello Boris,
>
> packetfence manage iptables on each interfaces that have been declared
> in pf.conf.
>
> So check the file /usr/local/pf/conf/iptables.conf which is the template
> to build the file /usr/local/pf/var/conf/iptables.conf and you can see
> what port are allowed.
>
> Btw the management interface is use to:
> - manage packetfence
> - receive snmptrap
> - receive radius request ....
> Registration/Isolation interface are only use to deal with the devices
> (portal,dhcp,dns).
>
> Regards
> Fabrice
>
>
> Le 2015-01-23 19:26, Boris Epstein a écrit :
> > Actually, I was too fast to say this is resolved. The PF seems to totally
> > block most traffic - even the SSH. Makes it a little difficult to
> > administer.
> >
> > Anybody know why that may be?
> >
> > Thanks.
> >
> > Boris.
> >
> >
> > On Fri, Jan 23, 2015 at 10:26 AM, Boris Epstein <[email protected]>
> > wrote:
> >
> >> OK, I think I fixed the issue by assigning the correct IP address to the
> >> management interface.
> >>
> >> Boris.
> >>
> >> On Thu, Jan 22, 2015 at 6:47 PM, Boris Epstein <[email protected]>
> >> wrote:
> >>
> >>> Hello all,
> >>>
> >>> It looks like my PF server does not allow any traffic in that comes
> from
> >>> outside of the VLAN's defined on it. And that seems to be a problem as
> it
> >>> needs to get SNMP traffic (at the very least) from the switches
> located at
> >>> remote sites and not part of any local VLAN.
> >>>
> >>> Is that how things are supposed to be? Is there a way to overcome it?
> Am
> >>> I doing something wrong (the most likely scenario)?
> >>>
> >>> Thanks.
> >>>
> >>> Boris.
> >>>
> >>
> >>
> >
> >
> >
> >
> ------------------------------------------------------------------------------
> > New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
> > GigeNET is offering a free month of service with a new server in Ashburn.
> > Choose from 2 high performing configs, both with 100TB of bandwidth.
> > Higher redundancy.Lower latency.Increased capacity.Completely compliant.
> > http://p.sf.net/sfu/gigenet
> >
> >
> >
> > _______________________________________________
> > PacketFence-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/packetfence-users
> >
>
>
> ------------------------------------------------------------------------------
> New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
> GigeNET is offering a free month of service with a new server in Ashburn.
> Choose from 2 high performing configs, both with 100TB of bandwidth.
> Higher redundancy.Lower latency.Increased capacity.Completely compliant.
> http://p.sf.net/sfu/gigenet
> _______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
>
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
