Hi Christopher, in your show vlan command it look that the vlan id 107 and 108 are not tagged on the port ge8.
So first let´s try to plug a device in a port access vlan 107, assign a static ip 10.129.1.2 and try to ping 10.129.1.1. If this is not working then check the ge-8 configuration to allow the vlan id 107. Once done then retry with packetfence. Regards Fabrice Le 2015-02-10 07:38, Christopher Coronado a écrit : > Hi fabrice > > Thanks for answering > > Sorry about the missing info, packetfence is connected to port 8 on the same > switch with a trunk config, > Heres the details > > switch43ee67#show interfaces switchport GE 8 > Port : gi8 > Port Mode: Trunk > Gvrp Status: enabled > Ingress Filtering: true > Acceptable Frame Type: admitAll > Ingress UnTagged VLAN ( NATIVE ): 1 > > Port is member in: > > Vlan Name Egress rule Port Membership Type > ---- -------------------------------- ----------- -------------------- > 1 1 Untagged Static > > > ------------------------------------------------------------------------------------------------------------------------------------ > > As for packet fence : > > packetfence@packetfence:~$ ifconfig > eth0 Link encap:Ethernet direcciónHW d4:ae:52:cd:23:a4 > Direc. inet:10.128.2.17 Difus.:10.128.255.255 Másc:255.255.0.0 > Dirección inet6: fe80::d6ae:52ff:fecd:23a4/64 Alcance:Enlace > ACTIVO DIFUSIÓN FUNCIONANDO MULTICAST MTU:1500 Métrica:1 > Paquetes RX:12795687 errores:0 perdidos:0 overruns:0 frame:0 > Paquetes TX:86895 errores:0 perdidos:0 overruns:0 carrier:0 > colisiones:0 long.colaTX:1000 > Bytes RX:17826184961 (17.8 GB) TX bytes:6200840 (6.2 MB) > > eth0.107 Link encap:Ethernet direcciónHW d4:ae:52:cd:23:a4 > Direc. inet:10.129.1.1 Difus.:10.129.255.255 Másc:255.255.0.0 > Dirección inet6: fe80::d6ae:52ff:fecd:23a4/64 Alcance:Enlace > ACTIVO DIFUSIÓN FUNCIONANDO MULTICAST MTU:1500 Métrica:1 > Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0 > Paquetes TX:26 errores:0 perdidos:0 overruns:0 carrier:0 > colisiones:0 long.colaTX:0 > Bytes RX:0 (0.0 B) TX bytes:1404 (1.4 KB) > > eth0.108 Link encap:Ethernet direcciónHW d4:ae:52:cd:23:a4 > Direc. inet:10.130.1.1 Difus.:10.130.255.255 Másc:255.255.0.0 > Dirección inet6: fe80::d6ae:52ff:fecd:23a4/64 Alcance:Enlace > ACTIVO DIFUSIÓN FUNCIONANDO MULTICAST MTU:1500 Métrica:1 > Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0 > Paquetes TX:8 errores:0 perdidos:0 overruns:0 carrier:0 > colisiones:0 long.colaTX:0 > Bytes RX:0 (0.0 B) TX bytes:648 (648.0 B) > > lo Link encap:Bucle local > Direc. inet:127.0.0.1 Másc:255.0.0.0 > Dirección inet6: ::1/128 Alcance:Anfitrión > ACTIVO BUCLE FUNCIONANDO MTU:65536 Métrica:1 > Paquetes RX:26660 errores:0 perdidos:0 overruns:0 frame:0 > Paquetes TX:26660 errores:0 perdidos:0 overruns:0 carrier:0 > colisiones:0 long.colaTX:0 > Bytes RX:4027474 (4.0 MB) TX bytes:4027474 (4.0 MB) > > > ---------------------------------------------------------------------------------------------------------------------------------------- > > pf.conf > > > > [general] > # > # general.domain > # > # Domain name of PacketFence system. > domain=local.sanclemente.cl > # > # general.dnsservers > # > # Comma-delimited list of DNS servers. Passthroughs are created to allow > queries to these servers from even "trapped" nodes. > dnsservers=127.0.0.1,10.128.128.2 > # > # general.dhcpservers > # > # Comma-delimited list of DHCP servers. Passthroughs are created to allow > DHCP transactions from even "trapped" nodes. > dhcpservers=127.0.0.1,10.128.128.3 > > [network] > # > # network.dhcpoption82logger > # > # If enabled PacketFence will monitor DHCP option82 location-based > information. > # This feature is only available if the dhcpdetector is activated. > dhcpoption82logger=enabled > > [trapping] > # > # trapping.range > # > # Comma-delimited list of address ranges/CIDR blocks that PacketFence will > monitor/detect/trap on. Gateway, network, and > # broadcast addresses are ignored. > range=10.129.0.0/16,10.128.0.0/16 > > [alerting] > # > # alerting.emailaddr > # > # Email address to which notifications of rogue DHCP servers, violations with > an action of "email", or any other > # PacketFence-related message goes to. > emailaddr= > [database] > # > # database.pass > # > # Password for the mysql database used by PacketFence. > pass=123456 > > [captive_portal] > # > # captive_portal.network_detection_ip > # > # This IP is used as the webserver who hosts the > common/network-access-detection.gif which is used to detect if network > # access was enabled. > # It cannot be a domain name since it is used in registration or quarantine > where DNS is blackholed. > # It is recommended that you allow your users to reach your packetfence > server and put your LAN's PacketFence IP. > # By default we will make this reach PacketFence's website as an easy > solution. > # > network_detection_ip=10.128.2.17 > > [interface eth0] > ip=10.128.2.17 > type=management > mask=255.255.0.0 > > [interface eth0.107] > ip=10.129.1.1 > type=internal > mask=255.255.0.0 > enforcement=vlan > > [interface eth0.108] > enforcement=vlan > ip=10.130.1.1 > type=internal > mask=255.255.0.0 > ---------------------------------------------------------------------------------------------------------------------------------------- > > Networks.conf > > > [10.130.0.0] > dns=10.130.1.1 > dhcp_start=10.130.0.10 > gateway=10.130.1.1 > domain-name=vlan-isolation.local.sanclemente.cl > nat_enabled=enabled > named=enabled > dhcp_max_lease_time=30 > fake_mac_enabled=disabled > dhcpd=enabled > dhcp_end=10.130.255.246 > type=vlan-isolation > netmask=255.255.0.0 > dhcp_default_lease_time=30 > > [10.129.0.0] > dns=10.129.1.1 > dhcp_start=10.129.0.10 > gateway=10.129.1.1 > domain-name=vlan-registration.local.sanclemente.cl > nat_enabled=disabled > named=enabled > dhcp_max_lease_time=30 > fake_mac_enabled=enabled > dhcpd=enabled > dhcp_end=10.129.255.246 > type=vlan-registration > netmask=255.255.0.0 > dhcp_default_lease_time=30 > > ------------------------------------------------------------------------------------------------------------------------------------------------- > > For testing purposes I have the node and packetfence on the same switch. > > Thanks for helping :) > > Chris > > > > > ----- Mensaje original ----- > De: "Durand fabrice" <[email protected]> > Para: [email protected] > Enviados: Lunes, 9 de Febrero 2015 23:17:20 > Asunto: Re: [PacketFence-users] No DHCP or ping from packetfence > > Hi Christopher, > > based on the ouput of show vlan command, where is packetfence ? > I can see that the port gi24 has been assigned by radius (i understand > that is where the device has been plugged) but you must have another > port on the vlan 107 where packetfence has been plugged. > > Can you describe the configuration of packetfence (ifconfig, pf.conf, > networks.conf), like what is the network interface of the captive portal > (something like eth0.107 maybe) and where this interface is (switch side). > > Regards > Fabrice > > > Le 2015-02-09 14:15, Christopher Coronado a écrit : >> Hi everyone >> >> First of all I want to thank the people who have helped me out so far with >> thier suggestions,but unfortunatly I still have issues. >> >> To begin with I was able to get the SG300 switch working with the vpn >> assighnment as shown here: >> >> >> switch43ee67#show vlan >> Created by: D-Default, S-Static, G-GVRP, R-Radius Assigned VLAN >> >> Vlan Name Ports Created by >> ---- ----------------- --------------------------- ---------------- >> 1 1 gi1-9,gi12-28,Po1-8 D >> 106 106 S >> 107 107 gi24 R >> >> switch43ee67# > > ------------------------------------------------------------------------------ > Dive into the World of Parallel Programming. The Go Parallel Website, > sponsored by Intel and developed in partnership with Slashdot Media, is your > hub for all things parallel software development, from weekly thought > leadership blogs to news, videos, case studies, tutorials and more. Take a > look and join the conversation now. http://goparallel.sourceforge.net/ > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > -- Fabrice Durand [email protected] :: +1.514.447.4918 (x135) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (http://www.sogo.nu) and PacketFence (http://packetfence.org)
0xF78F957E.asc
Description: application/pgp-keys
------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
