Hello Boris, very strange, by default ssh is available : https://github.com/inverse-inc/packetfence/blob/devel/conf/iptables.conf.example#L16
Can you post the rsult of iptables -L -n -v Regards Fabrice Le 2015-01-24 10:33, Boris Epstein a écrit : > Hello Fabrice, > > Thanks a lot for your response. > > This makes sense. So then why is it that I can only use ping, it seems, > when it comes to reaching this PF server even on the management interface. > Even SSH is not available! > > This just seems really weird - and impractical, too. I wonder where I go to > fix that. > > Cheers, > > Boris. > > > On Fri, Jan 23, 2015 at 7:53 PM, Durand fabrice <[email protected]> wrote: > >> Hello Boris, >> >> packetfence manage iptables on each interfaces that have been declared >> in pf.conf. >> >> So check the file /usr/local/pf/conf/iptables.conf which is the template >> to build the file /usr/local/pf/var/conf/iptables.conf and you can see >> what port are allowed. >> >> Btw the management interface is use to: >> - manage packetfence >> - receive snmptrap >> - receive radius request .... >> Registration/Isolation interface are only use to deal with the devices >> (portal,dhcp,dns). >> >> Regards >> Fabrice >> >> >> Le 2015-01-23 19:26, Boris Epstein a écrit : >>> Actually, I was too fast to say this is resolved. The PF seems to totally >>> block most traffic - even the SSH. Makes it a little difficult to >>> administer. >>> >>> Anybody know why that may be? >>> >>> Thanks. >>> >>> Boris. >>> >>> >>> On Fri, Jan 23, 2015 at 10:26 AM, Boris Epstein <[email protected]> >>> wrote: >>> >>>> OK, I think I fixed the issue by assigning the correct IP address to the >>>> management interface. >>>> >>>> Boris. >>>> >>>> On Thu, Jan 22, 2015 at 6:47 PM, Boris Epstein <[email protected]> >>>> wrote: >>>> >>>>> Hello all, >>>>> >>>>> It looks like my PF server does not allow any traffic in that comes >> from >>>>> outside of the VLAN's defined on it. And that seems to be a problem as >> it >>>>> needs to get SNMP traffic (at the very least) from the switches >> located at >>>>> remote sites and not part of any local VLAN. >>>>> >>>>> Is that how things are supposed to be? Is there a way to overcome it? >> Am >>>>> I doing something wrong (the most likely scenario)? >>>>> >>>>> Thanks. >>>>> >>>>> Boris. >>>>> >>>> >>>> >>> >>> >>> >>> >> ------------------------------------------------------------------------------ >>> New Year. New Location. New Benefits. New Data Center in Ashburn, VA. >>> GigeNET is offering a free month of service with a new server in Ashburn. >>> Choose from 2 high performing configs, both with 100TB of bandwidth. >>> Higher redundancy.Lower latency.Increased capacity.Completely compliant. >>> http://p.sf.net/sfu/gigenet >>> >>> >>> >>> _______________________________________________ >>> PacketFence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users >>> >> >> >> ------------------------------------------------------------------------------ >> New Year. New Location. New Benefits. New Data Center in Ashburn, VA. >> GigeNET is offering a free month of service with a new server in Ashburn. >> Choose from 2 high performing configs, both with 100TB of bandwidth. >> Higher redundancy.Lower latency.Increased capacity.Completely compliant. >> http://p.sf.net/sfu/gigenet >> _______________________________________________ >> PacketFence-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> > > > > ------------------------------------------------------------------------------ > New Year. New Location. New Benefits. New Data Center in Ashburn, VA. > GigeNET is offering a free month of service with a new server in Ashburn. > Choose from 2 high performing configs, both with 100TB of bandwidth. > Higher redundancy.Lower latency.Increased capacity.Completely compliant. > http://p.sf.net/sfu/gigenet > > > > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
