Hi Minh,
Keep in mind that reg and isol vlan are layer 2 networks, so you don't
have to assign an ip address for these 2 vlan on the cisco config
(packetfence is the only one who manage what happen on these 2 networks).
So the the ip address of the reg interface is 10.126.210.1 (ifconfig)
not 10.126.210.5 so change that in pf.conf and networks.conf and restart
packetfence (same thing for isol).
Now plug a device in a port on the 4500 configured like that:
switchport mode access
switch port access vlan 210
with a device with a static ip :
10.126.210.33
and try to ping 10.126.210.1.
If this doesn't work then fix the vmware/cisco config to make it work
(trunk, allowed vlan...).
Regards
Fabrice
Le 2015-03-30 03:06, Minh Trung a écrit :
Hello Fabrice,
I already check trunk port but still problem as previously posted.
My PF as below:
PC ---+ --> Switch_L2(2960- Cisco) ---trunk--> Switch_L3(4500) ---trunk--->
PF(VMware- ESX)
Here is the config interface that L2 connected on Core switch:
i
*nterface GigabitEthernet2/4 description ### Testing Network Security
### switchport trunk allowed vlan
110,123,124,127,128,135,210,220,230 switchport mode trunk*
I has 2 core switches and configured HSRP so all Vlan will be take 3 ip
addresses for HSRP eg:
Vlan123: x.x.x.1, x.x.x.2, x.x.x..3 are assign for core switches, other
Vlan will be same.
So i changed 2 interface Vlan on PF as below:
*networks.conf*
[10.126.210.0]
dns=10.126.210.5
dhcp_start=10.126.210.10
*gateway=10.126.210.5*
domain-name=vlan-registration.global
nat_enabled=disabled
named=enabled
dhcp_max_lease_time=30
fake_mac_enabled=disabled
dhcpd=enabled
dhcp_end=10.126.210.246
type=vlan-registration
netmask=255.255.255.0
dhcp_default_lease_time=30
[10.126.220.0]
dns=10.126.220.5
dhcp_start=10.126.220.10
*gateway=10.126.220.5*
domain-name=vlan-isolation.global
nat_enabled=disabled
named=enabled
dhcp_max_lease_time=30
fake_mac_enabled=disabled
dhcpd=enabled
dhcp_end=10.126.220.246
type=vlan-isolation
netmask=255.255.255.0
dhcp_default_lease_time=30
But still no luck
Do i misconfiguration of any parts?
Any help is appreciated,
Regards,
On 28 March 2015 at 23:17, Durand fabrice <[email protected]> wrote:
Hello Minh,
has you probably notice there is no RX traffic on eth0.210 and eth0.220
and eth0.230 so it's probably a switch configuration issue.
Check on the switch port where packetfence's eth0 has been plugged that
'switch port mode trunk' (cisco syntax) has been configured and check in
all uplink port that the vlan 210 and 220 are allowed.
Regards
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
